IT Security Officer (ITSO)

Why Work at Lenovo We are Lenovo. We do what we say. We own what we do. We WOW our customers. Lenovo is a US$57 billion revenue global technology powerhouse, ranked #248 in the Fortune Global 500, and serving millions of customers every day in 180 markets. Focused on a bold vision to deliver Smarter Technology for All, Lenovo has built on its success as the world’s largest PC company with a full-stack portfolio of AI-enabled, AI-ready, and AI-optimized devices (PCs, workstations, smartphones, tablets), infrastructure (server, storage, edge, high performance computing and software defined infrastructure), software, solutions, and services. Lenovo’s continued investment in world-changing innovation is building a more equitable, trustworthy, and smarter future for everyone, everywhere. Lenovo is listed on the Hong Kong stock exchange under Lenovo Group Limited (HKSE: 992) (ADR: LNVGY). Description and Requirements You Will: Be the point of contact for IT security matters for 24hrs x 7 days. Provide IT security consultancy and advisory to Agency. Assist agency to consolidate, track and report the status of security advisory received from GITSIR, CSA, NCSC etc. Follow up with respective Facilities Management Team on the implementation of the remediation against the security advisory received, IOC scanning and reporting, patching of the system and vulnerability for systems in HQ DC. Provide ad hoc, monthly reports for Privilege Access Manager, Early Detection and Response solution, Database Activities Monitoring, log review, account review etc. Review logs captured in the syslog server from all the systems in HQ and GDC. Support HSA in the IT security audit, compliance audit, and security related matters. Work on quarterly Vulnerability scanning and remediation with ATFM and provide reporting and track the status. ITSO resources will be full time dedicated to support all related IT security requirements. ITSO shall work with IT security engineer to conduct quarterly or on-demand VA Scan all systems and follow up with IT Facility Management on the remediation to meet IM8 timeline. Share domain and technical expertise, providing technical mentorship and cross-training to other peers and team members. You Bring: 5+ years IT security experience required. Experience with Networks, Servers (Windows and UNIX), Database. Experience in IT security auditing, security assessments. Understanding of protocols, traffic flows, ability to analyze logs from various sources. Knowledge of Active Directory, Endpoint protection solutions, Early Detection and Response solution, Database Activities Monitoring tools, SIEM etc. Excellent written and verbal communication, presentation skills. Proficiency in Microsoft Excel. Flexible, team player, “get-it-done” personality. Ability to organize and plan work independently. Ability to work in a rapidly changing environment. Ability to multi-task and context-switch effectively between different activities and teams. CISSP, CISM, Security+ or IT security tools certifications (Imperva, Carbon Black) is a plus. #J-18808-Ljbffr