Job Description

General Information

Req #
WD00089294
Career area:
Information Technology
Country/Region:
Singapore
State:
Central Singapore
City:
SINGAPORE
Date:
Thursday, October 9, 2025
Working time:
Full-time

Additional Locations

:
Singapore - Central Singapore - Singapore Singapore - Central Singapore - SINGAPORE

Why Work at Lenovo

We are Lenovo. We do what we say. We own what we do. We WOW our customers.

Lenovo is a US$69 billion revenue global technology powerhouse, ranked #196 in the Fortune Global 500, and serving millions of customers every day in 180 markets. Focused on a bold vision to deliver Smarter Technology for All, Lenovo has built on its success as the world's largest PC company with a full-stack portfolio of AI-enabled, AI-ready, and AI-optimized devices (PCs, workstations, smartphones, tablets), infrastructure (server, storage, edge, high performance computing and software defined infrastructure), software, solutions, and services. Lenovo's continued investment in world-changing innovation is building a more equitable, trustworthy, and smarter future for everyone, everywhere. Lenovo is listed on the Hong Kong stock exchange under Lenovo Group Limited (HKSE: 992) (ADR: LNVGY).



This transformation together with Lenovo's world-changing innovation is building a more inclusive, trustworthy, and smarter future for everyone, everywhere. To find out more visit www.lenovo.com, and read about the latest news via our StoryHub.

Description and Requirements

Key Responsibilities:

1. Incident Response & Security Monitoring

Work closely with SIRO/SIRM, IT Security Officer (ITSO) and SOC to monitor, detect, and respond to threats on-premises and on cloud. Lead Security Incident Response (IR) and post-mortem analyses for cybersecurity incidents arising from security threat events. Stay current with emerging threats, vulnerabilities, and threat intelligence related to cloud platforms. Disseminate security advisories, threat intelligence reports, security directives, and patch recommendations promptly to the relevant stakeholders in the agencies. Partake in tabletop exercises, security risk management activities, audits and third-party assessments to enhance incident response readiness.

2. Security Product Management

Monitor security events on SIEM (e.g. Splunk, Cortex, Exa beam), perform event triage and analysis. Perform Vulnerability Assessments (Tenable Nessus) on applications (e.g. web client/server, mobile apps), networking and computing devices (e.g. firmware, Operating System).

3. Security Governance & Compliance

Lead and conduct periodic security reviews to ensure adherence to IT Security Policies, Standards, Controls and industry best practices. Recommend and implement security initiatives and enhancement based on findings from tabletop exercises (TTX) and audits. Monitor and ensure compliance with secure configuration standards across network, systems and endpoint (i.e. CIS Hardening) at agencies. Analyse Vulnerability Assessment (VA) scan results, track and report remediation status according to the stipulated timeframe.

4. Network, Systems and Endpoint Security

Manage, configure, and optimize security tools and platforms to ensure effective integration with network and IT infrastructure. Manage network, system, endpoint and runtime security of on-premises and cloud environments. Perform regular reviews of accounts for both on-premises and on cloud systems/applications.

5. Documentation and Reporting

Implement and update security policies, technical baselines, Standard Operating Procedures (SOPs). Maintain documentation of security incidents, vulnerability assessments, security checklist, security controls and policies. Prepare and deliver regular reports to update security performance metrics, incident trends, compliance status and risk mitigation efforts. Ensure timely escalation and reporting of cybersecurity incidents to management and stakeholders.

6. Collaboration and Stakeholder Management

Provide guidance and mentor a team of IT Security Officers (ITSOs). Collaborate with various IT teams (e.g. Infrastructure, Applications, Project) and external vendors to implement and maintain security controls and measures. Act as the key liaison with stakeholders (e.g. SIRO/SIRM, IT, Application Teams) and cloud service providers to align security practices with organizational cybersecurity strategies and compliance requirements.

Qualifications:

Education & Experience

Bachelor's degree in information security, Computer Science, or related field. Minimum 5 years of experience in IT Security leadership role, with preferably 1 year in Cloud Security.

Technical Skills

Hands-on experience with security tools (e.g. SIEM, WAF, AV, EDR, PAM, DAM). Deep understanding of vulnerability management, threat analysis, and incident response processes. Good understanding of secure network design, endpoint security, and system hardening techniques. Familiarity with ICT security compliance frameworks, cybersecurity standards, and risk management practices. Familiar with IaC security (e.g. Terraform, CloudFormation) and CI/CD security.

Certifications

Professional certifications such as CISSP or CISM are preferred. Cloud certifications such as CCSP, AWS Certified Security, Azure Security Engineer Associate or equivalent would be advantageous.

Other Skills

Strong analytical and problem-solving skills with attention to detail. Effective communication skills, both written and verbal, with the ability to clearly articulate security risks and recommendations. Ability to work independently with minimal supervision and collaboratively within a team in a dynamic and fast-paced environment. Proactive mindset with a continuous improvement attitude towards cybersecurity operations.

Additional Locations

:
Singapore - Central Singapore - Singapore Singapore - Central Singapore - SINGAPORE Singapore Singapore - Central Singapore Singapore - Central Singapore - Singapore , Singapore - Central Singapore - SINGAPORE