General Information Req # WD00086205 Career area: Information Technology Country/Region: India State: Karnataka City: BANGALORE Date: Wednesday, July 30, 2025 Working time: Full-time Additional Locations:  * India - Karnātaka - Bangalore * India - Karnātaka - BANGALORE Why Work at Lenovo We are Lenovo. We do what we say. We own what we do. We WOW our customers. 
Lenovo is a US$57 billion revenue global technology powerhouse, ranked #248 in the Fortune Global 500, and serving millions of customers every day in 180 markets. Focused on a bold vision to deliver Smarter Technology for All, Lenovo has built on its success as the world’s largest PC company with a full-stack portfolio of AI-enabled, AI-ready, and AI-optimized devices (PCs, workstations, smartphones, tablets), infrastructure (server, storage, edge, high performance computing and software defined infrastructure), software, solutions, and services. Lenovo’s continued investment in world-changing innovation is building a more equitable, trustworthy, and smarter future for everyone, everywhere. Lenovo is listed on the Hong Kong stock exchange under Lenovo Group Limited (HKSE: 992) (ADR: LNVGY). 
This transformation together with Lenovo’s world-changing innovation is building a more inclusive, trustworthy, and smarter future for everyone, everywhere. To find out more visit www.lenovo.com, and read about the latest news via our StoryHub. Description and Requirements

What You'll Do Representative responsibilities include:

Working with software designers, developers, project managers, and testers - developing close working partnerships with development teams - to review, assist and recommend changes and solutions to address the security of Lenovo- and third party-developed software Act as a trusted advisor and subject matter expert to product development and engineering teams - provide advice on secure application design, development and validation Identify and evaluate needed tools and refine processes and procedures to ensure security reviews are performed correctly.   Define security requirements for Lenovo and third-party development teams. Act as a Secure Development Lifecycle evangelist, guiding and training development teams within SSG on how to effectively and efficiently apply secure development practices Conducting product and service security assessments, analyzing weaknesses, formulating mitigations or remediation measures, documenting findings, and working with global product and services teams to ensure proper corrective actions are implementedIdentifying root cause of recurring issues and working with management and the larger SSG Product Security Office team to address programmaticallyAssessing risk and prioritizing mitigation and remediation activitiesServing as a security subject matter expert and technical leader to internal and external product and services teams, suppliers, partners, security researchers, and business leadersResearching, identifying, developing, and/or customizing tools, tactics, and procedures for enhancing security assessment effectivenessStaying current on threats, vulnerabilities, attack techniques, new tools, and industry trendsFacilitating, supporting, and managing assessments performed by our 3rd-party security partnersMentoring and collaborating with other security test engineersSupporting secure development lifecycle initiativesInstalling, configuring, and using products, tools, and operating systems

Position Requirements

Basic Qualifications:

Five-plus (5+) years of practical experience assessing and securing integrated solutions built upon products that power data center and cloud environments – such as application software, APIs, clusters, cloud service configuration, embedded systems, microservices, network storage solutions, operating systems, web applications, etc.Expertise in hands-on technical security assessments (e.g., penetration testing, vulnerability assessment, red teaming, etc.)Deep understanding of security weaknesses, identification, exploitation, and remediationMastery of security assessment tools and helpers, such as Burp Suite Pro, curl, IDA Pro, Kali, Metasploit, Nessus, nmap, Wireshark, and similarMastery of security foundations such as authentication, hardening, least privilege, attack surface reduction, protection rings, cryptography use, static analysis, dynamic analysis, fuzzing, CVSS, CWE, OWASP/SANS/CIS Top X, etc.Deep knowledge of and comfort with TCP/IP, including using and securing fundamental networking protocols such as TCP, UDP, ICMP, DNS, HTTP, HTTPS, SSH, etc.Understanding, applied use, and compliance with security standards such as NIST SP800-series, NIST Cybersecurity Framework, FISMA/FedRAMP, ISO 27000-series, PCI-DSS, CIS Benchmarks, and similarModerate programming and/or scripting skills in at least one modern programming languageAbility to install, configure, and use products, tools, and operating systems

Preferred Skills and Experience:

Performing code reviews and reviewing the results of static analysis toolsWorking with geo-diverse teams across different time zonesStrong collaboration skills over application sharing platforms and teleconferencingTechnical consulting backgroundKnowledge of Lenovo products and servicesSecurity certifications: CISSP, CSSLP, CEH, OSCP, or similar desired

Key Personal Traits:

Self-motivated and results driven, able to effectively work independently or as part of a team, able to motivate and cultivate collaborative relationshipsA strong technical leader to internal and external teams, suppliers, partners, and security researchers, with the ability to persuade and influenceA critical thinker and problem solver, who is naturally curious and a consummate learnerA good communicator, capable of clearly explaining and documenting security findings and mitigationsAble to navigate sometimes contentious situations and successfully resolve conflicts with respect and professionalismAdept at multi-tasking and achieving results in a high-pressure environment while adapting to fluid business demands Additional Locations:  * India - Karnātaka - Bangalore * India - Karnātaka - BANGALORE * India * India - Karnātaka * India - Karnātaka - Bangalore , * India - Karnātaka - BANGALORE
NOTICE FOR PUBLIC
At Lenovo, we follow strict policies and legal compliance for our recruitment process, which includes role alignment, employment terms discussion, final selection and offer approval, and recording transactions in our internal system. Interviews may be conducted via audio, video, or in-person depending on the role, and you will always meet with an official Lenovo representative. Please beware of fraudulent recruiters posing as Lenovo representatives. They may request cash deposits or personal information. Always apply through official Lenovo channels and never share sensitive information. Lenovo does not solicit money or sensitive information from applicants and will not request payments for training or equipment. Kindly verify job offers through the official Lenovo careers page or contact IndiaTA@lenovo.com. Stay informed and cautious to protect yourself from recruitment fraud. Report any suspicious activity to local authorities.