General Information

Req #
WD00013047
Career area:
Cloud Computing
Country/Region:
United States of America
State:
North Carolina
City:
Morrisville
Date:
Wednesday, September 29, 2021
Working time:
Full-time

Why Work at Lenovo

Here at Lenovo, we believe in smarter technology for all, so we spend our time building a society that’s brighter and more inclusive. And we go big. No, not big—huge. 

We’re a US$60 billion revenue Fortune Global 500 company serving customers in 180 markets around the world. Focused on a bold vision to deliver smarter technology for all, we are developing world-changing technologies that power (through devices and infrastructure) and empower (through solutions, services and software) millions of customers every day and together create a more inclusive, trustworthy and sustainable digital society for everyone, everywhere. 

The one thing that’s missing? Well… you...

Description and Requirements

What You’ll Do:

This position is for a penetration testing Lead in the Security Center of Excellence for the  Global PC and Smart Device Business Unit (PCSD). This is an exciting role that will give you the opportunity to work with Product teams around the globe to perform penetration test on PCSD’s many products. You will be working alongside the best security teams in the industry. This roll will be responsible to lead pen testing for PCSD Products sold around the world.  This will include scoping and planning pen tests with the development teams and then leading execution of those pen tests. You’ll report findings, produce reports and work with the development and security teams to resolve the issues you and your team members find. Other members of the security team will work with you to assess the overall security and privacy risk of the products you are testing. You’ll stay up to date with the industry’s latest techniques and tools. This role will be testing a variety of products and will be well versed in cloud, client, IoT and hardware penetration testing.

As a lead member of the team, you’ll be mentoring and coaching other team members on your immediate team. You will be researching new penetration tools and techniques. This position will be keeping metrics and KPIs to track the team’s performance over time ensuring that growth, improvements, and gaps are accurately communicated to management. You’ll work with development teams to coordinate penetration tests and ensure that products are tested within an appropriate time frame. As a team leader you will be assisting in communicating the priority and risk of both your and other team member’s security findings to development teams. You will have excellent organizational and communication skills ensuring that development teams, other security team members and management are well informed of the penetration testing team’s activities. You will ensure the team is using documented, standard and appropriate penetration testing mythologies.

 

In Summary you will:

·       Perform penetration tests on PCSD’s Cloud, Client, IoT and hardware products

·       Work with development and security teams to find and explain security issues, suggest mitigations, and ensure they are mitigated.

·       Stay up to date on the latest testing tools and techniques ensure both yourself and the teams are using the most effective methods.

·       Coach and mentor other members of the penetration teams.

·       Ensure proper KPIs and metrics are being recorded

·       Schedule penetration tests for product development teams.

 

Position Requirements

Basic Qualifications:

·       Bachelor’s degree in a relevant field or equivalent relevant experience

·       5+ years of cybersecurity experience

·       3+ years of experience of penetration testing

·       2+ years of acting in a team lead capacity

·       2+ years of mentoring and coaching others in technical roles.

·       Strong written and verbal communications and interpersonal skills

·       Ability to work independently as well as function as an integral part of a team, take initiative and ownership in a fast-paced environment

·       Ability to successfully work across regions and functions to solve problems and get things done

Preferred Qualifications:

·       Master’s Degree or equivalent experience in a relevant field

·       Experience with penetration testing and diagnostic tools such Burp Suite, Kali Linux, tcpdump, wireshark, nmap, fuzzing tools, code analyst tools, DAST tools, Metasploit, etc.

·       Knowledge of Agile processes

·       Experience working in a development environment.

·       Experience building Red / Purple teams.

·       SANS certifications such as GIAC Cloud Penetration Tester (GCPN), GIAC Certified Forensic Examiner (GCFE), GIAC Certified Incident Handler (GCIH), GIAC Penetration Tester (GPEN), GIAC Web Application Penetration Tester (GWAPT), GIAC Reverse Engineering Malware (GREM), and GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)

·       EC-Council certifications such as Certified Ethical Hacker (ANSI or Practical)

·       Offensive Security certiciations such as Offensive Security Certified Professional (OSCP), Offensive Security Experienced Penetration Tester (OSEP), Offensive Security Web Expert (OSWE), Offensive Security Exploit Developer (OSED), and Offensive Security Exploitation Expert (OSEE

·       Industry security certifications such as CISSP, Security+, etc.

We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any federal, state, or local protected class.