Esta oferta de trabajo no está disponible en tu país.

PSIRT Engineer / Vulnerability Manager

LenovoApodaca, Nuevo León, Mexico

Hace 24 días

Descripción del trabajo

We are Lenovo. We do what we say. We own what we do. We WOW our customers.

Lenovo is a US$57 billion revenue global technology powerhouse, ranked #248 in the Fortune Global 500, and serving millions of customers every day in 180 markets. Focused on a bold vision to deliver Smarter Technology for All, Lenovo has built on its success as the world’s largest PC company with a full-stack portfolio of AI-enabled, AI-ready, and AI-optimized devices (PCs, workstations, smartphones, tablets), infrastructure (server, storage, edge, high performance computing and software defined infrastructure), software, solutions, and services. Lenovo’s continued investment in world-changing innovation is building a more equitable, trustworthy, and smarter future for everyone, everywhere. Lenovo is listed on the Hong Kong stock exchange under Lenovo Group Limited (HKSE : 992) (ADR : LNVGY).

This transformation together with Lenovo’s world-changing innovation is building a more inclusive, trustworthy, and smarter future for everyone, everywhere. To find out more visit www.lenovo.com, and read about the latest news via our StoryHub.

Lenovo’s Infrastructure Solutions Group (ISG) is seeking a Product Security Incident Response Team (PSIRT) Vulnerability Manager to support Lenovo ISG’s vulnerability management activities for maintaining a high level of security in the products and services we provide to our customers. This is a backfill for an existing position on the ISG Product Security Office (PSO) team which supports Lenovo ISG’s growing and evolving product security needs. The PSIRT Vulnerability Manager integrates with the Lenovo Corporate PSIRT, works closely with customers, and ISG Development teams.

This is a dynamic product security role, with the successful candidate having a solid security knowledge base to draw from; experience handling security incidents and / or managing vulnerabilities for technology products; comfortable communicating with customers, development teams, and stakeholders; and have a natural curiosity for exploring and understanding reported security issues. This position is well suited to candidates that thrive on solving new and unique problems, identifying and planning for future requirements, working with varied technologies, and taking ownership of technical solutions.

Primary responsibilities

Serve as a primary PSIRT resource for ISG and our customers
Act as a Subject Matter Expert concerning ISG products and technologies
Interface with Development Product Security Leads (PSLs)
Draft PSIRT security advisory publications and internal ISG advisory communications
Monitor, investigate, and respond to customer ISG security reports received by the PSIRT and support PSIRT responses to researcher, partner, media, etc. security reports
Coordinate between PSIRT, ISG PSO, and ISG PSLs to move issues – whether discovered internally or reported externally - from vulnerability identification to resolution, ensuring accuracy and timeliness of updates
Perform hands-on investigation to confirm reported security issues or provide remediation guidance using lab tools and ISG products

Position Requirements

Basic Requirements :

10+ years of demonstrated experience in one or more areas supporting PSIRT, CSIRT, security incident response, incident handling, vulnerability management, Tier-3 technical customer support, security consulting or similar

Experience in vulnerability analysis, investigation, management, and triage

Customer-first mindset with excellent verbal and written communication skills

Familiarity with best practices and standards for incident response and vulnerability management, such as the FIRST PSIRT Services Framework, ISO / IEC 27035, ISO / IEC 29147, ISO / IEC 30111, and NIST SP 800-61

Preferred Requirements :

Technical knowledge to support hands-on investigation, such as familiarity with network protocols, Linux, and security tools such Nessus, Nmap, and testssl

Knowledge of hardware, data center, infrastructure technologies, and secure software development fundamentals

Develop and track metrics to measure vulnerability remediation timelines

Analyze security issues to identify patterns and root causes

A critical thinker and problem solver, who is naturally curious and a consummate learner

A good communicator with strong verbal and written presence, capable of clearly explaining technical details

Ability to think analytically, extrapolate insight and synthesize information to reach decisions and offer guidance across different contexts

Adept at multi-tasking and achieving results in what can be a high-pressure environment while adapting to fluid business demands

Able to cultivate collaborative relationships; navigate sometimes contentious situations; and successfully resolve conflicts – all with respect, equity, and professionalism

Comfortable working toward what may be loosely defined objectives, clarifying and solidifying those objectives along the way

Team player, self-starter and entrepreneurial spirit

Self-motivated and desire to independently drive the maturity of solutions

Seeks continual improvement through incorporating feedback and guidance

Persistent, keeping end goals in mind, being mindful of opportunities as they present themselves, and appreciating that “not today” doesn’t mean “not ever”

Education and Certification Requirements :

Bachelor’s or above degree in Management Information Systems, Information Security, Cybersecurity, Computer Science or other related degree is preferred

Non-degree candidates with additional years of relevant work experience

Preferred industry certifications : One or more of CISSP, E|CIH, GCIH, CASP or similar

Travel

5% (travel typically not needed, but possible on occasion)

Seniority level

Not Applicable

Employment type

Full-time

Job function

Engineering and Management

Industries

IT Services and IT Consulting

#J-18808-Ljbffr

Crear una alerta de empleo para esta búsqueda

Engineer • Apodaca, Nuevo León, Mexico