Lenovo
Overview
Req # WD00086514 Career area: Hardware Engineering Country/Region: United States of America State: North Carolina City: Morrisville Date: Wednesday, September 10, 2025 Working time: Full-time Additional Locations: United States of America - North Carolina - Morrisville Description
This position is for a DevSecOps engineer in the Security Center of Excellence for the Global PC and Smart Devices Business (PCSD). You will be working with a global team of development engineers and security professionals. You will work with multiple business units and DevOps teams to implement, configure and administer DevSecOps tools in CI/CD pipelines. You will collaborate with other BUs DevOps and Development teams to implement and maintain security tools and processes, research and recommend the latest DevSecOps technologies, and ensure Lenovo's CI/CD pipelines remain secure. You should be known for taking initiative, have excellent organizational skills, and thrive in a fast-paced environment with multiple partners and projects. As a member of the team, you will collaborate with team members on your immediate team and other business units' DevOps and Development teams. You will ensure proper metrics are in place to show improvements in processes and to identify gaps. Responsibilities Implement, integrate, and maintain tools with your team and other business units. Identify areas for improvement in CI/CD pipelines. Research and recommend new tools, processes, and techniques. Perform cybersecurity control and risk assessments of proposed and existing product and infrastructure architecture for compliance with Lenovo requirements and international cloud security best practices, recommending remediations and mitigations for identified risks and vulnerabilities. Develop service security and compliance requirements for SaaS multi-tenant systems. Design and develop cloud security architectures and perform architecture design reviews.
Qualifications
Basic Qualifications: Bachelors degree in a relevant field or equivalent relevant experience 5+ years of cybersecurity experience 3+ years of DevSecOps experience
Preferred Qualifications: Experience with Wiz, Snyk, Contrast, Coverity, Checkmarx, Fossa, jFrog, Jenkins, Jira, Confluence, and Bitbucket Experience implementing and configuring SAST, DAST, IAST, Fuzzing, and RASP tools in a CI/CD pipeline Experience working with developers and as a developer Experience guiding large software projects from design to deployment with security in mind Experience threat modeling software projects Experience implementing and recording metrics to reflect progress to management Ability to work across regions and functions to solve problems Technical certifications like CKA, CKAD, CKS; SANS GIAC Cloud Security and DevSecOps Automation (GCSA), GIAC Cloud Penetration Tester (GCPN) Public Cloud Provider certifications (AWS, Azure, GCP) In-depth knowledge of public cloud providers, especially AWS Experience with implementing and maintaining DevSecOps tools Strong written and verbal communications and interpersonal skills
Salary and Benefits
The base salary budgeted range for this position is $175k-190K USD. Individuals may also be considered for bonus and/or commission. Lenovo's benefits can be found on www.lenovobenefits.com. EEO and Compliance
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, religion, sexual orientation, gender identity, national origin, veteran status, disability, or any other protected class. #J-18808-Ljbffr
Req # WD00086514 Career area: Hardware Engineering Country/Region: United States of America State: North Carolina City: Morrisville Date: Wednesday, September 10, 2025 Working time: Full-time Additional Locations: United States of America - North Carolina - Morrisville Description
This position is for a DevSecOps engineer in the Security Center of Excellence for the Global PC and Smart Devices Business (PCSD). You will be working with a global team of development engineers and security professionals. You will work with multiple business units and DevOps teams to implement, configure and administer DevSecOps tools in CI/CD pipelines. You will collaborate with other BUs DevOps and Development teams to implement and maintain security tools and processes, research and recommend the latest DevSecOps technologies, and ensure Lenovo's CI/CD pipelines remain secure. You should be known for taking initiative, have excellent organizational skills, and thrive in a fast-paced environment with multiple partners and projects. As a member of the team, you will collaborate with team members on your immediate team and other business units' DevOps and Development teams. You will ensure proper metrics are in place to show improvements in processes and to identify gaps. Responsibilities Implement, integrate, and maintain tools with your team and other business units. Identify areas for improvement in CI/CD pipelines. Research and recommend new tools, processes, and techniques. Perform cybersecurity control and risk assessments of proposed and existing product and infrastructure architecture for compliance with Lenovo requirements and international cloud security best practices, recommending remediations and mitigations for identified risks and vulnerabilities. Develop service security and compliance requirements for SaaS multi-tenant systems. Design and develop cloud security architectures and perform architecture design reviews.
Qualifications
Basic Qualifications: Bachelors degree in a relevant field or equivalent relevant experience 5+ years of cybersecurity experience 3+ years of DevSecOps experience
Preferred Qualifications: Experience with Wiz, Snyk, Contrast, Coverity, Checkmarx, Fossa, jFrog, Jenkins, Jira, Confluence, and Bitbucket Experience implementing and configuring SAST, DAST, IAST, Fuzzing, and RASP tools in a CI/CD pipeline Experience working with developers and as a developer Experience guiding large software projects from design to deployment with security in mind Experience threat modeling software projects Experience implementing and recording metrics to reflect progress to management Ability to work across regions and functions to solve problems Technical certifications like CKA, CKAD, CKS; SANS GIAC Cloud Security and DevSecOps Automation (GCSA), GIAC Cloud Penetration Tester (GCPN) Public Cloud Provider certifications (AWS, Azure, GCP) In-depth knowledge of public cloud providers, especially AWS Experience with implementing and maintaining DevSecOps tools Strong written and verbal communications and interpersonal skills
Salary and Benefits
The base salary budgeted range for this position is $175k-190K USD. Individuals may also be considered for bonus and/or commission. Lenovo's benefits can be found on www.lenovobenefits.com. EEO and Compliance
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, religion, sexual orientation, gender identity, national origin, veteran status, disability, or any other protected class. #J-18808-Ljbffr