Why Work at Lenovo
Here at Lenovo, we believe in smarter technology for all, so we spend our time building a society that's brighter and more inclusive. And we go big. No, not big-huge.
We're a US$60 billion revenue Fortune Global 500 company serving customers in 180 markets around the world. Focused on a bold vision to deliver smarter technology for all, we are developing world-changing technologies that power (through devices and infrastructure) and empower (through solutions, services and software) millions of customers every day and together create a more inclusive, trustworthy and sustainable digital society for everyone, everywhere.
The one thing that's missing? Well... you...
Description and Requirements
Position Description: Lenovo Infrastructure Solutions Group's Product Security Office is seeking a Senior Services Security Architect to provide technical security leadership to global service, solution, and development teams for maintaining a high-level of security in the productized services we provide to our customers. This is a new position, joining an established team of security architects, penetration testers, and security analysts in securing an expanding product and services portfolio and supporting the business' evolving security needs.
Primary responsibilities: This is inherently an expansive services security role working across a broad set of enterprise technologies and architectures, ranging from defining point security requirements for component building blocks to developing greenfield security architectures for enterprise integrated on-premises and cloud service offerings. The ideal candidate will be able to multi-task, adapt, and address diverse security needs as they emerge. These diverse needs require the candidate to have a broad security knowledge base to draw from, and the ability to rapidly develop deeper expertise as required.
Representative responsibilities include:

• Serving as a security subject matter expert and technical leader to internal and external services, solution, and product teams, suppliers, partners, and business leaders
• Researching, designing, developing, consulting on, and implementing on-premises and cloud application, infrastructure, services, and solutions security best practices, standards, requirements, architectures, tools, tactics, procedures, training materials, etc.
• Assessing offerings and related processes and architectures for compliance with best practices, standards, and requirements, developing corrective action plans where necessary, and working with stakeholders to successfully implement those plans
• Developing and/or evaluating security designs, threat models, and as-built system security architectures
• Researching, developing, and/or customizing security tools, technologies, and libraries
• Driving secure development lifecycle initiatives
• Supporting security certification and compliance efforts, such as for ISO 27001 and SOC 2 Type 2
• Supporting the Product Security Office and Security Architectural Review Board
• Supporting sales efforts and demonstrating security thought leadership, such as via customer briefings, originating security-related collateral, giving conference presentations, etc.
• Supporting aspects of Lenovo's Trusted Supplier Program, special projects, contract reviews, etc.

Position Requirements
Basic Qualifications:
Seven-plus (7+) years of broad experience architecting and securing 24/7 enterprise-class integrated solutions, including:

• Assessing and analyzing security architectures for deficiencies and formulating corrective actions via threat modeling, security baseline analysis, security requirements/architectural reviews, final security reviews and recommendations, etc.
• Originating security processes, standards, and requirements
• Securing cloud (PaaS, IaaS, SaaS) and on-premises application architectures, services, and environments, such as container, cluster, and microservice architectures; cloud application gateways, federated identity, HSM, key vault, WAF services; physical and logical network infrastructure and segmentation; VMware Cloud Foundation; and AWS, Azure, Google Cloud, and/or IBM Cloud environments leveraging cloud-native capabilities
• Integrating security into agile and waterfall development methodologies for enhanced security and efficiency, including concepts such as shift left, shift everywhere, and security as code
• Expert knowledge of security foundations such as hardening, least privilege, attack surface reduction, protection rings, cryptography use, static analysis, dynamic analysis, fuzzing, CVSS, CWE, OWASP/SANS/CIS Top X, etc.
• Practical experience implementing and/or supporting security standards, frameworks, and certifications such as BSIMM (Building Security In Maturity Model), NIST SP800-series, NIST Cybersecurity Framework, NIST Secure Software Development Framework, ISO 27000-series, AICPA SOC 2 Type 2, PCI-DSS, CIS Benchmarks, Common Criteria, FISMA/FedRAMP, and similar
• Good understanding and working experience with: TCP/IP, including using and securing fundamental networking protocols such as TCP, UDP, ICMP, DNS, HTTP, and SSH; and Operating Systems and Virtualization environments, including Windows, Linux, and VMware

Preferred Skills and Experience:

• Secure coding and development, including the ability to read and understand at least one modern programming or scripting language
• Work in or around Data Center environments, including experience securing enterprise-class server, storage, and networking hardware
• Maturing secure software development lifecycles
• Working with geo-diverse teams across different time zones
• Strong collaboration skills over application sharing platforms and teleconferencing
• Technical consulting background

Key Personal Traits:

• Self-motivated and results driven, able to effectively work independently or as part of a team, and able to motivate and cultivate collaborative relationships
• Comfortable working toward what may be loosely defined objectives, clarifying and solidifying those objectives along the way
• A strong technical leader to internal and external teams, suppliers, and partners, with the ability to persuade and influence
• A critical thinker and problem solver, who is naturally curious and a consummate learner
• A good communicator, capable of clearly explaining and documenting security needs
• Able to navigate sometimes contentious situations and successfully resolve conflicts with respect and professionalism
• Adept at multi-tasking and achieving results in a high-pressure environment while adapting to fluid business demands

Education Requirements:

• BS in information security, computer science, engineering, MIS, or similar degree programs
• Non-BS degree candidates with additional years of relevant work experience
• Security certifications: One or more of CISSP, CSSLP, CCSP, or similar

Citizenship Requirement:

• Must be a US citizen or US national; US permanent residents or candidates requiring sponsorship cannot be considered

Travel:

• 5% (travel typically not needed, but possible on occasion post-COVID)

The base salary range for this position in Colorado is $170,000 - $200,000. Individuals may also be considered for bonus . Lenovo's various benefits can be found on www.lenovobenefits.com .
#LI-Remote
#LI-RQ1
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any federal, state, or local protected class.
Lenovo adopted a COVID-19 Vaccination Policy for US-based employees. As a condition of employment, employees must adhere to Lenovo's US Vaccination Policy and be fully vaccinated against COVID-19, subject to any applicable accommodations. To be fully vaccinated means individuals must receive the full series of a vaccine either approved by the FDA or WHO and listed by the CDC (e.g. two dose of the Moderna, AstraZeneca or Pfizer-BioNTech vaccines; or one dose of the Johnson & Johnson vaccine). This applies to all US-based employees, contractors and interns, regardless of work location. As a condition of employment, you must provide proof that you are fully vaccinated or follow Lenovo's accommodation process.