We are Lenovo. We do what we say. We own what we do. We WOW our customers.
Lenovo is a US$69 billion revenue global technology powerhouse, ranked #196 in the Fortune Global 500, and serving millions of customers every day in 180 markets. Focused on a bold vision to deliver Smarter Technology for All, Lenovo has built on its success as the world's largest PC company with a full-stack portfolio of AI-enabled, AI-ready, and AI-optimized devices (PCs, workstations, smartphones, tablets), infrastructure (server, storage, edge, high performance computing and software defined infrastructure), software, solutions, and services. Lenovo's continued investment in world-changing innovation is building a more equitable, trustworthy, and smarter future for everyone, everywhere. Lenovo is listed on the Hong Kong stock exchange under Lenovo Group Limited (HKSE: 992) (ADR: LNVGY).
This transformation together with Lenovo's world-changing innovation is building a more inclusive, trustworthy, and smarter future for everyone, everywhere. To find out more visit www.lenovo.com, and read about the latest news via our StoryHub.
Key Responsibilities
- Cyber Vigilance:
- Monitor and analyze security event logs to identify potential security incidents.
- Respond to security incidents in a timely and effective manner, ensuring minimal disruption to business operations.
- Risk Management:
- Conduct risk assessments and vulnerability management to identify potential security threats.
- Develop and implement mitigation strategies to minimize risk.
- Compliance and Governance:
- Ensure compliance with IT security policies, regulations, and standard e.g IM8 , PDPA.
- Develop and maintain security policies, procedures, and guidelines.
- Incident Response:
- Develop and maintain incident response plans and procedures.
- Coordinate incident response efforts with stakeholders, including IT teams and management.
- Security Awareness and Training:
- Promote security awareness and training programs for employees.
- Develop and deliver security training sessions to enhance employee knowledge and skills.
Minimum 5 -7 years of IT experience in cybersecurity management, with a focus on incident response, vulnerability management, with governance risk and compliance.
- Hands-on experience with security technologies, either one of the following
- Application Security
- Open Web Application Security
- Penetration Testing
- Vulnerability management systems (e.g., Tenable, Nessus)
- Security information and event management (SIEM) systems
- Identity and access management (IAM/PAM/MFA) systems
- Industry-recognized certifications, must have at least one of :
- CISSP
- CISM
- GIAC/CISA
- CEH, or any other professional security certification will have an added advantage
- Strong analytical and problem-solving skills, with the ability to analyze complex security issues and develop effective solutions.
- Excellent communication and interpersonal skills, with the ability to communicate technical information to non-technical stakeholders.
Prefer To Have
- Experience with cloud security, including AWS or Azure or GCP
- Knowledge of federal information security regulations, such as FISMA or FIPS.
- Experience and knowledgeable in security frameworks, such as ISO 27001, Zero Trust framework , NIST Cybersecurity Framework , CIS hardening etc.
#LPS
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, religion, sexual orientation, gender identity, national origin, status as a veteran, and basis of disability or any federal, state, or local protected class.
