Informação geral

Sol. nº:
WD00038202
Área de carreira:
Engenharia de Hardware
País/Região:
Brasil
Estado:
São Paulo
Cidade:
Indaiatuba
Data:
Friday, March 17, 2023
Horário de trabalho:
Full-time
Locais Adicionais
* Brazil - São Paulo - São Paulo
* Brazil - São Paulo - Indaiatuba

Por que trabalhar na Lenovo

Na Lenovo nós acreditamos em uma tecnologia mais inteligente e para todos; por isso dedicamos nosso tempo para construir uma sociedade mais capaz e inclusiva.

Nós pensamos grande. Não apenas grande – pensamos gigante.

Além de estar na lista de empresas Fortune Global 500, a Lenovo é também uma das empresas mais admiradas dessa lista. Estamos presentes em 180 mercados do mundo, com um time de 63.000 colaboradores simplesmente brilhantes – e esse número só aumenta. 
Somos conhecidos por oferecer o mais completo portfólio de tecnologias capacitadoras do mundo, començando desde nossos aparelhos mais simples, aos aplicativos de software, até nossos mais sofisticados equipamentos para infraestutura.

Nossa engenhosidade é destinada a ajudar milhões de pessoas a experimentar essa visão de um futuro mais inteligente e promissor – e não apenas voltada para alguns poucos privilegiados.

Qual o único “ingrediente” faltando para realizarmos tudo isso? Só nos falta você!

Descrição e requisitos

Description:

The security threat landscape presents a wide range of risks to the solutions offered by Lenovo’s Personal Computing & Smart Devices organization – from the Cloud, to PCs, IoT devices, mobile applications, and Augmented and Virtual Reality devices. As a Linux Security Engineer, you will join Lenovo’s Global Security Lab as a member of our product security team. This team is responsible for ensuring Lenovo’s PC & SD diverse product and technology portfolio is designed, developed, and delivered securely for our customers.

Practical experience is critical for effectively driving secure development practices.  An understanding of the product development process is key to effectively influence the practices, behaviors and understanding of developers.  Therefore, candidates with strong development backgrounds who have developed product security knowledge, training and experience will be given highest consideration.

Primary Responsibilities:

  • Evaluating the security of product architecture proposals, driving security requirements, and logging concerns
  • Assessing the security posture of Lenovo and 3rd party developed applications for Linux
  • Using security static and dynamic analysis tooling to review and test applications, and interpreting results
  • Performing source code reviews ensuring that Secure Development Lifecycle and secure development best practices are followed
  • Presenting products for approval by the Security Review Board
  • Acting as a Secure Development Lifecycle evangelist, disseminating knowledge related to product and infrastructure security
  • Supporting the preparation and creation of infrastructure for projects to be developed
  • Supporting cybersecurity environments used by Lenovo Brazil partners

Required Qualifications:

  • Bachelor’s degree in Computer Science, Computer Engineering, or related field with 2+ years relevant experience; or master’s degree with 1+ years relevant experience; or equivalent experience

Preferred Qualifications:

  • Experience in developing applications Linux using programming languages, such as C, C++, Python, and Bash scripting
  • Experience with application debug and pen testing and related tools
  • Active general industry knowledge of the latest application vulnerabilities and exploits
  • Understanding of general secure development practices: code review, static analysis, OWASP, etc.
  • General knowledge of cryptography concepts such as hash functions and symmetric/asymmetric encryption
  • An understanding and ability to communicate the tactics, techniques, and procedures of an attacker
  • Strong written and verbal communication skills – this role requires communicating with and influencing engineers and managers, as well as communicating with diverse and global teams
  • Experience with the application of threat modeling or other risk identification techniques
  • Detailed knowledge of security vulnerabilities and remediation techniques
  • Results-oriented, self-motivated

Locais Adicionais
* Brazil - São Paulo - São Paulo
* Brazil - São Paulo - Indaiatuba
* Brazil - São Paulo - São Paulo , * Brazil - São Paulo - Indaiatuba
* Brazil - São Paulo
* Brazil