General Information

Req #
WD00043993
Career area:
Hardware Engineering
Country/Region:
United States of America
State:
North Carolina
City:
Morrisville
Date:
Thursday, October 27, 2022
Working time:
Full-time
Additional Locations: 
* Morrisville - North Carolina - United States of America

Why Work at Lenovo

Here at Lenovo, we believe in smarter technology that builds a brighter, more sustainable and inclusive future for our customers, colleagues, communities, and the planet.

And we go big. No, not big—huge.

We’re not just a US$70 billion revenue Fortune Global 500 company, we’re one of Fortune’s Most Admired. We’re transforming the world through intelligent transformation, offering the world’s most complete portfolio of smart devices, infrastructure, and solutions. With more than 71,500 employees doing business in 180 markets, we help millions—not just the select few—experience our version of a smarter future.

The one thing that’s missing? Well… you...

Description and Requirements

Position Description:

Lenovo Infrastructure Solutions Group’s, Server development team is looking for Senior UEFI and  Security Architect to provide the technical security leadership to global server development teams, suppliers, industry partners, and business leaders for maintaining a high-level of security in the products we provide to our customers.  This is a new position, joining an established team of UEFI and security architects, working an expanding product portfolio and supporting the business’ evolving firmware and security needs.

Primary responsibilities:

This is inherently an expansive product design and security role, with the ideal candidate being able to multi-task, adapt, and service diverse UEFI and security needs as they emerge.  These diverse needs will require the candidate to have a broad security knowledge base to draw from, and rapidly develop deeper expertise as required.  Secure server design, Secure product life-cycle and architectural analysis are focus areas. This role is well suited to candidates that thrive on wide-ranging tasks and challenges, with each day holding the potential for solving new problems, learning new things, or working with new teams, suppliers, partners, or technologies. 

Representative responsibilities include:

  • Serving as a security subject matter expert and technical leader to internal and external product teams, suppliers, partners, security researchers, and business leaders
  • Help with Design and standards choices on all Lenovo UEFI products
  • Working with cross-functional leadership to align product UEFI and security with continually evolving business and market needs and expectations
  • Leading architectural analysis projects
  • Researching, designing, developing, and implementing security best practices, standards, requirements, architectures, tools, tactics, procedures, training materials, etc.
  • Assessing products and related processes and architectures for compliance with best practices, standards, and requirements, developing corrective action plans where necessary, and working with stakeholders to successfully implement those plans
  • Evaluating product security designs, emerging security technologies, and systems
  • Researching, developing, and/or customizing security tools and libraries
  • Driving secure development lifecycle initiatives
  • Supporting the Product Security Office and Security Architectural Review Board
  • Supporting product sales efforts and demonstrating product security thought leadership, such as via customer briefings, originating security-related collateral, giving conference presentations, etc.
  • Supporting aspects of Lenovo’s Trusted Supplier Program, special projects, contract reviews, etc.

Position Requirements

Basic Qualifications:

Seven-plus (7+) years of broad experience in application, network, and system security, including:

  • UEFI development experience.
  • Architecting secure products and solutions
  • Assessing and analyzing security architectures for deficiencies and formulating corrective actions via threat modeling, security baseline analysis, security requirements/architectural reviews, final security reviews and recommendations, etc.
  • Originating security processes, standards, and requirements
  • Integrating security into agile and waterfall development methodologies for enhanced security and efficiency, including concepts such as shift left, shift everywhere, and security as code
  • Good understanding and working experience with: TCP/IP, including using and securing fundamental networking protocols such as TCP, UDP, ICMP, DNS, HTTP, and SSH; and Operating Systems and Virtualization environments, including Windows, Linux, and VMware

Preferred Skills and Experience:

  • Secure coding and development, including the ability to read and understand modern programming or scripting languages
  • Work in or around Data Center environments, including experience securing enterprise-class server, storage, and networking hardware
  • Maturing secure software development lifecycles
  • Working with geo-diverse teams across different time zones
  • Strong collaboration skills over application sharing platforms and teleconferencing
  • Technical consulting background

Key Personal Traits:

  • Self-motivated and results driven, able to effectively work independently or as part of a team, and able to motivate and cultivate collaborative relationships
  • Comfortable working toward what may be loosely defined objectives, clarifying and solidifying those objectives along the way
  • A strong technical leader to internal and external teams, suppliers, and partners, with the ability to persuade and influence
  • A critical thinker and problem solver, who is naturally curious and a consummate learner
  • A good communicator, capable of clearly explaining and documenting security needs
  • Able to navigate sometimes contentious situations and successfully resolve conflicts with respect and professionalism
  • Adept at multi-tasking and achieving results in a high-pressure environment while adapting to fluid business demands


The base salary range for this position in Colorado, New York, Nevada and Washington  is $200,000-$240,000. Individuals may also be considered for bonus . Lenovo’s various benefits can be found on www.lenovobenefits.com

#LI-Remote
#LI-RQ1
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any federal, state, or local protected class.

Lenovo adopted a COVID-19 Vaccination Policy for US-based employees. As a condition of employment, employees must adhere to Lenovo’s US Vaccination Policy and be fully vaccinated against COVID-19, subject to any applicable accommodations. To be fully vaccinated means individuals must receive the full series of a vaccine either approved by the FDA or WHO and listed by the CDC (e.g. two dose of the Moderna, AstraZeneca or Pfizer-BioNTech vaccines; or one dose of the Johnson & Johnson vaccine). This applies to all US-based employees, contractors and interns, regardless of work location. As a condition of employment, you must provide proof that you are fully vaccinated or follow Lenovo’s accommodation process.

TO BE DELETED - Multiple Cities (OLD)
* Morrisville - North Carolina - United States of America