Product Security Engagement Program Manager
Morrisville, North Carolina
Employer: Lenovo
Industry: Hardware Engineering
Salary: Competitive
Job type: Full-Time
General Information
Req #
WD00063741
Career area:
Hardware Engineering
Country/Region:
United States of America
State:
North Carolina
City:
Morrisville
Date:
Friday, April 19, 2024
Working time:
Full-time
Additional Locations:
* United States of America - North Carolina - Morrisville
Why Work at Lenovo
We are Lenovo. We do what we say. We own what we do. We WOW our customers.
Lenovo is a US$62 billion revenue global technology powerhouse, ranked #217 in the Fortune Global 500, employing 77,000 people around the world, and serving millions of customers every day in 180 markets. Focused on a bold vision to deliver smarter technology for all, Lenovo has built on its success as the world's largest PC company by further expanding into growth areas that fuel the advancement of 'New IT' technologies (client, edge, cloud, network, and intelligence) including server, storage, mobile, software, solutions, and services.
This transformation together with Lenovo's world-changing innovation is building a more inclusive, trustworthy, and smarter future for everyone, everywhere. To find out more visit www.lenovo.com , and read about the latest news via our StoryHub .
Description and Requirements
Lenovo Infrastructure Solutions Group's (ISG) Product Security Office (PSO) is seeking a Product Security Engagement Program Manager to support Lenovo ISG's Secure Development Lifecycle activities and directly contribute to maintaining a high-level of security in the products we provide to our customers. This position joins an established product security team which supports Lenovo ISG's growing and evolving product security needs through securing an expanding product and service portfolio.
This is a dynamic product security role, with the successful candidate having a solid security knowledge base to draw from; a proven record of success in developing internal stakeholder engagement and education programs across all phases; experience with analyzing external security standards to build internal artifacts; supporting compliance programs to achieve industry certifications; the ability to multi-task across several projects concurrently, adapt, and grow deeper expertise as needed; and be comfortable taking ownership of projects to ensure effective delivery.
Primary responsibilities: The ideal candidate for this Product Security Engagement Program Manager role should have a successful record in developing internal stakeholder engagement and education programs across all phases, leveraging internally developed standards, policies, guidelines and other documentation to promote engagement with internal technical users, such as developers. Responsibilities also include advancing product security compliance with security standards through user awareness, tracking metrics to measure compliance with security standards, and building compliance solutions or programs to meet certification requirements. Continue to advance the ISG PSO program focused on cultivating security knowledge and training for users, or Security Champions, embedded in development teams. Additionally, the ideal candidate will be able to multi-task, adapt, and service diverse security needs; own and prioritize and accreditation efforts.
This role can be a remote position or based in Morrisville, NC
Representative responsibilities include:
Position Requirements
Basic Qualifications:
Preferred Qualifications:
Key Personal Traits:
Citizenship Requirement:
Travel:
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, religion, sexual orientation, gender identity, national origin, status as a veteran, and basis of disability or any federal, state, or local protected class.
Additional Locations:
* United States of America - North Carolina - Morrisville
* United States of America
* United States of America - Arizona , * United States of America - Connecticut , * United States of America - District of Columbia , * United States of America - Florida , * United States of America - Georgia , * United States of America - Illinois , * United States of America - New Hampshire , * United States of America - New Jersey , * United States of America - New York , * United States of America - North Carolina , * United States of America - Tennessee , * United States of America - Texas
* United States of America - North Carolina - Morrisville
Req #
WD00063741
Career area:
Hardware Engineering
Country/Region:
United States of America
State:
North Carolina
City:
Morrisville
Date:
Friday, April 19, 2024
Working time:
Full-time
Additional Locations:
* United States of America - North Carolina - Morrisville
Why Work at Lenovo
We are Lenovo. We do what we say. We own what we do. We WOW our customers.
Lenovo is a US$62 billion revenue global technology powerhouse, ranked #217 in the Fortune Global 500, employing 77,000 people around the world, and serving millions of customers every day in 180 markets. Focused on a bold vision to deliver smarter technology for all, Lenovo has built on its success as the world's largest PC company by further expanding into growth areas that fuel the advancement of 'New IT' technologies (client, edge, cloud, network, and intelligence) including server, storage, mobile, software, solutions, and services.
This transformation together with Lenovo's world-changing innovation is building a more inclusive, trustworthy, and smarter future for everyone, everywhere. To find out more visit www.lenovo.com , and read about the latest news via our StoryHub .
Description and Requirements
Lenovo Infrastructure Solutions Group's (ISG) Product Security Office (PSO) is seeking a Product Security Engagement Program Manager to support Lenovo ISG's Secure Development Lifecycle activities and directly contribute to maintaining a high-level of security in the products we provide to our customers. This position joins an established product security team which supports Lenovo ISG's growing and evolving product security needs through securing an expanding product and service portfolio.
This is a dynamic product security role, with the successful candidate having a solid security knowledge base to draw from; a proven record of success in developing internal stakeholder engagement and education programs across all phases; experience with analyzing external security standards to build internal artifacts; supporting compliance programs to achieve industry certifications; the ability to multi-task across several projects concurrently, adapt, and grow deeper expertise as needed; and be comfortable taking ownership of projects to ensure effective delivery.
Primary responsibilities: The ideal candidate for this Product Security Engagement Program Manager role should have a successful record in developing internal stakeholder engagement and education programs across all phases, leveraging internally developed standards, policies, guidelines and other documentation to promote engagement with internal technical users, such as developers. Responsibilities also include advancing product security compliance with security standards through user awareness, tracking metrics to measure compliance with security standards, and building compliance solutions or programs to meet certification requirements. Continue to advance the ISG PSO program focused on cultivating security knowledge and training for users, or Security Champions, embedded in development teams. Additionally, the ideal candidate will be able to multi-task, adapt, and service diverse security needs; own and prioritize and accreditation efforts.
This role can be a remote position or based in Morrisville, NC
Representative responsibilities include:
- Developing and maintaining a product security engagement and education program
- Creating and socializing security guidance, compliance, and standards documentation Researching, designing, and educating others on security best practices, standards, requirements, procedures, training materials, etc.
- Working with peers, security leadership, developers and cross-functional teams to improve security engagement with continually evolving business and market needs and expectations
- Maintaining an open, thoughtful, respectful, and collaborative team environment
- Assessing products, services, and organizational units for compliance with security requirements
- Analyzing industry standards, guidance, legislation, etc. for applicability, to identify gaps, and to recommend actions and solutions
- Leading assigned product, service, and/or organizational security certification activities across all phases
- Coordinating and tracking finding remediations in accordance with relevant industry standards
Position Requirements
Basic Qualifications:
- Bachelor's or above degree in Management Information Systems, Information Security, Cybersecurity, Computer Science or other related degree is preferred
- Non-degree candidates with additional years of relevant work experience
- 8+ years of industry experience in program or project management with relevant degree
- 3+ years of demonstrated experience in security awareness/education, product security engagement, or product security program management
Preferred Qualifications:
- Experience successfully designing and managing internal user engagement or education programs is preferred
- Practical experience defining and gathering metrics to measure product security compliance to internal and external standards
- Knowledge of secure software development concepts
- Practical experience analyzing and documenting gap analyses between current-state and security standard compliant-state
- Maintain current knowledge of security standards and monitor advancements to ensure organizational adaptation and compliance
- Familiarity with industry and government security standards and compliance frameworks, including one or more of the following: ISO 27000-series, NIST SP 800-series, Common Criteria (CC), European Union Cybersecurity Certification (EUCC), NIST Secure Software Development Framework, Building Security In Maturity Model (BSIMM), O-TTPS / ISO 20243, and similar
- Preferred industry certifications: One or more of PMP, CAPM, CISSP, CISM or similar
- Integrating security into and socializing security initiative for pre-existing processes and technical environments
- Strong collaboration skills over application sharing platforms and teleconferencing
Key Personal Traits:
- Able to cultivate collaborative relationships; navigate sometimes contentious situations; and successfully resolve conflicts - all with respect, equity, and professionalism
- Comfortable working toward what may be loosely defined objectives, clarifying and solidifying those objectives along the way
- Team player, self-starter and entrepreneurial spirit
- Receptive to feedback and guidance from colleagues
- A critical thinker and problem solver, who is naturally curious and a consummate learner
- A good communicator with strong verbal and written presence, capable of clearly explaining and documenting security needs
- Ability to think analytically, gain insight and extrapolate information to reach decisions and offer guidance across different contexts
- Adept at multi-tasking and achieving results in what can be a high-pressure environment while adapting to fluid business demands
- Self-motivated and desire to independently drive the maturity of solutions
- Persistent, keeping end goals in mind, being mindful of opportunities as they present themselves, and appreciating that "not today" doesn't mean "not ever"
Citizenship Requirement:
- Must be a US citizen or US national; US permanent residents or candidates requiring sponsorship cannot be considered
Travel:
- 5% (travel typically not needed, but possible on occasion)
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, religion, sexual orientation, gender identity, national origin, status as a veteran, and basis of disability or any federal, state, or local protected class.
Additional Locations:
* United States of America - North Carolina - Morrisville
* United States of America
* United States of America - Arizona , * United States of America - Connecticut , * United States of America - District of Columbia , * United States of America - Florida , * United States of America - Georgia , * United States of America - Illinois , * United States of America - New Hampshire , * United States of America - New Jersey , * United States of America - New York , * United States of America - North Carolina , * United States of America - Tennessee , * United States of America - Texas
* United States of America - North Carolina - Morrisville
Created: 2024-07-01
Reference: WD00063741
Country: United States
State: North Carolina
City: Morrisville
Similar jobs:
-
eCommerce Reseller Program Manager (Remote Eligible)
Lenovo in Morrisville, North Carolina -
PROGRAM MANAGER (BASE OPERATIONS) (TITLE 32)
Army National Guard Units in Fort Fisher AFB, North Carolina -
Supervisory Management & Program Analyst
Veterans Health Administration in Durham, North Carolina -
R&D Global Program Manager
Veeva Systems in Raleigh, North Carolina -
Senior Program Manager - CCR Practice (Remote)
AECOM Technology Corporation in Raleigh, North Carolina💸 $150000.00 per year -
Senior Workforce Development Program Manager
University of North Carolina at Charlotte in Charlotte, North Carolina💸 $65901 - $75000 per year -
Program Manager
Strategic Staffing Solutions in Charlotte, North Carolina💸 $70 - $75 per hour -
Retail Training Program ManagerĀ
Lenovo in Morrisville, North Carolina -
Wealth Management Associate Program - October 2024
UBS in Charlotte, North Carolina -
Program Manager
Jacobs in Research Triangle Park, North Carolina -
APOS Notifications WW Program Manager
Lenovo in Morrisville, North Carolina -
Strategy & Management Summer Analyst Program - 2025
Bank of America Corporation in Charlotte, North Carolina -
Program Manager, Employee Surveys
SPECTRUM in Charlotte, North Carolina -
Program Manager, HR Implementations - Remote
GXO Logistics, Inc. in High Point, North Carolina -
Program Manager
KBI Biopharma in Durham, North Carolina💸 $95000 - $130000 per year -
Strategic Tier 2 / Tier 3 Component Program Manager
Lenovo in Morrisville, North Carolina -
Program Manager (Environment of Care)
Veterans Health Administration in Asheville, North Carolina -
Deputy Program Manager
General Dynamics Corporation in Liberty, North Carolina💸 $106371 - $177632. per year -
SMB Program Manager - West Coast
Lenovo in Morrisville, North Carolina -
Geotechnical Program Manager - CCR (Remediation) (Remote)
AECOM Technology Corporation in Raleigh, North Carolina💸 $150000.00 per year