Vulnerability Management Analyst
Here at Lenovo, we believe in smarter technology that builds a brighter, more sustainable and inclusive future for our customers, colleagues, communities, and the planet.
And we go big. No, not big—huge.
We’re not just a US$70 billion revenue Fortune Global 500 company, we’re one of Fortune’s Most Admired. We’re transforming the world through intelligent transformation, offering the world’s most complete portfolio of smart devices, infrastructure, and solutions. With more than 71,500 employees doing business in 180 markets, we help millions—not just the select few—experience our version of a smarter future.
The one thing that’s missing? Well… you...
We are hiring a recent college graduate for a Vulnerability Management Analyst in the Security Center of Excellence for the Global PC and Smart Device Business Unit (PCSD). This is an exciting role that will give you the opportunity to work with Product teams around the globe ensuring Lenovo’s vast portfolio of products are secure. You will be working alongside the best security teams in the industry.
You’ll stay up to date with the security industry’s latest techniques and tools. This role will be ensuring existing security vulnerabilities are properly prioritized and tracked. You will be working with Penetration Testers, Security Code Reviewers, Security Architects, infrastructure teams and development teams. You will be tracking the finding from those team’s findings and working with development DevOps and infrastructure teams to ensure they are being resolved.
You will work with the Atlassian toolset, creating and reporting metrics, developing, and modifying supporting scripts and queries. You’ll work along Security, DevOps and development teams ensuring SLAs and other KPIs are being tracked.
What you will do:
- Research security issues found by security teams and work with development and infrastructure teams to find and track resolution.
- Ensure security finding tickets are properly organized and tracked.
- Review ticket progress and status. Propose improvements and modifications to ticket structure and process to improve the review process.
- Create metrics such as team and individual SLAs, ticket creation, completion time, etc. for management and other teams.
- Work with the Atlassian toolset managing JIRA projects and confluence.
Basic Qualifications:
- Requires basic knowledge of security, development, and network infrastructure.
- A self-motivated, detail-orientated individual with the ability to work independently as well as function as an integral part of a team, and take initiative and ownership in a fast-paced environment.
- Ability to communicate and work with multiple internal organizations across regions with strong written and verbal communication and interpersonal skills.
- Ability to quickly become familiar with multiple security disciplines.
- Ability to understand, create and modify Python and JIRA Query Language (JQL) scripts.
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any federal, state, or local protected class.
Lenovo adopted a COVID-19 Vaccination Policy for US-based employees. As a condition of employment, employees must adhere to Lenovo’s US Vaccination Policy and be fully vaccinated against COVID-19, subject to any applicable accommodations. To be fully vaccinated means individuals must receive the full series of a vaccine either approved by the FDA or WHO and listed by the CDC (e.g. two dose of the Moderna, AstraZeneca or Pfizer-BioNTech vaccines; or one dose of the Johnson & Johnson vaccine). This applies to all US-based employees, contractors and interns, regardless of work location. As a condition of employment, you must provide proof that you are fully vaccinated or follow Lenovo’s accommodation process.