Position Description: Infrastructure Vulnerability Management Lead US Based: At Lenovo we are focused on a bold vision to deliver smarter technology for all, we are developing world-changing technologies that create a more inclusive, trustworthy and sustainable digital society. By designing, engineering and building the world’s most complete portfolio of smart devices and infrastructure, we are also leading an Intelligent Transformation – to create better experiences and opportunities for millions of customers around the world. Join us in defining our world of tomorrow and creating smarter technology for all! Who You’ll Work With At Lenovo, we manufacture one of the world’s widest portfolios of connected products, including PCs (ThinkPad, Yoga, Lenovo Legion), tablets, smartphones and workstations as well as augmented and virtual reality (Mirage, ThinkReality) and smart home/office solutions.  We are also building an innovative portfolio of software and services which are changing the industry. Lenovo is creating the capacity and computing power for the connections that are changing business and society. About Our Team We are searching for a Vulnerability Management Lead in the Security Center of Excellence for PC and Smart Devices business (PCSD). This is an exciting role where you will be leading a global team of Vulnerability Management professionals assessing and securing internal Lenovo development environments. Working with multiple development teams across Lenovo to ensuring on-premise and cloud environments are protected from all cybersecurity threats. You will be working alongside some of the best security teams in the industry. What You'll Do • Lead a global team to assess and regularly communicate the threat posture of on-premise and cloud environments across multiple business units to key stakeholders. • Guide internal development groups in better securing their infrastructure, including system patching, vulnerability management, and operational guidance. • Develop close working partnerships with functional leadership across business units within Lenovo to assist in resolving vulnerabilities. Establish and enforce a remediation plan that aligns with established service level agreements. • Collaborate with global business units to mature the threat and vulnerability management program. • Identify and evaluate needed tools and refine processes and procedures to ensure secure operational practices are performed. • Immediately escalate to management and DevOps teams critical and high risk zero-day vulnerabilities and lead incident response efforts. This will require managing the remediation and providing workarounds while maintaining clear communication on the status to management on progress. • Coaches, mentors and develops other team members. #### Position Requirements: Basic Qualifications: • 5+ years of experience with vulnerability scanning and management systems like RAPID7 InsightVM, Tenable Nessus, and/or Qualys. • 5+ years of experience leading and developing vulnerability management teams and programs in a global organization. • 5+ years of experience running a vulnerability management program for a Fortune 500 organization. Preferred Qualifications: • 10+ years of experience in cybersecurity related roles • In depth knowledge of security information and event management software such as LogRhythm, Splunk, QRadar, etc. • Technical proficiency with Windows and Linux operation systems, virtualization technologies, public cloud environments, networking, storage systems and other backend infrastructure. • Technical proficiency with endpoint security and management solutions like BigFix, Tanium, Symantec, Cybereason, Malware Bytes, and Sophos. • Familiarity with virtualization, cloud and development technologies and tools such as Kubernetes, Docker, Istio, Calico, CloudAware, BitBucket, Datadog, Jfrog and Jenkins. • Familiarity with development life cycle practices such as Agile. • Familiarity with security and privacy frameworks, standards and regulations like GDPR, CCPA, CSA STAR, ISO 27000series, NIST, etc. • Bachelors’ degree in cybersecurity or similar degree program preferred. • Multiple Industry security certifications such as CISSP, CCSP, SANS-GEVA ( or other SANS certs), OCSP desired. • Excellent leadership, planning, communication and organizational skills. • Mandarin and English Fluency Why Lenovo? Lenovo is a US$50 billion Fortune Global 500 company, with 57,000 employees and operating in 180 markets around the world. We are #1 PC company on the planet, BCG's 50 most innovative companies, and one of Interbrand’s 100 BEST global brands. Focused on a bold vision to deliver smarter technology for all, we are developing world-changing technologies that create a more inclusive, trustworthy and sustainable digital society. By designing, engineering and building the world’s most complete portfolio of smart device sand infrastructure, we are also leading an Intelligent Transformation – to create better experiences and opportunities for millions of customers around the world. Learn more about why it’s great to work at Lenovo - https://www.lenovobenefits.com/why-join-lenovo We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class. We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any federal, state, or local protected class.