[LPS] IT Security Officer (ITSO)

Why Work at Lenovo

We are Lenovo. We do what we say. We own what we do. We WOW our customers.

Lenovo is a US$57 billion revenue global technology powerhouse, ranked #248 in the Fortune Global 500, and serving millions of customers every day in 180 markets. Focused on a bold vision to deliver Smarter Technology for All, Lenovo has built on its success as the world’s largest PC company with a full-stack portfolio of AI-enabled, AI-ready, and AI-optimized devices (PCs, workstations, smartphones, tablets), infrastructure (server, storage, edge, high performance computing and software defined infrastructure), software, solutions, and services. Lenovo’s continued investment in world-changing innovation is building a more equitable, trustworthy, and smarter future for everyone, everywhere.

Description and Requirements

Lenovo PCCW Solutions (LPS) is a leading IT and technology solutions provider in the Asia Pacific region. We partner with governments and enterprises to achieve digital transformation excellence, driving business growth through our market-leading solutions and industry best practices. As a proud member of Lenovo Group, we have unlocked new synergies with Lenovo’s global reach and technological capabilities, focusing on AI, data practice and cloud.

IT Security Officer (ITSO) – In this new role, you will be responsible for maintaining the overall security posture of the IT infra. ITSO will be the single point of contact for all security related tasks which includes reporting, managing security tools, assist in handling security incidents, Security Governance, Compliance and Auditing.

You Will:

• Be the point of contact for IT security matters for 24hrs x 7 days.
• Provide IT security consultancy and advisory to Agency.
• Assist agency to consolidate, track and report the status of security advisory received from GITSIR, CSA, NCSC etc.
• Follow up with respective Facilities Management Team on the implementation of the remediation against the security advisory received, IOC scanning and reporting, patching of the system and vulnerability for systems in HQ DC.
• Provide ad hoc, monthly report for Privilege Access Manager, Early Detection and Response solution, Database Activities Monitoring, log review, account review etc.
• Review logs captured in the syslog server from all the systems in HQ.
• Support in the IT security audit, compliance audit, and security related matters.
• Work on quarterly Vulnerability scanning and remediation with ATFM and provide reporting and track the status.
• ITSO resources will be full-time dedicated to support all related IT security requirements.
• ITSO shall work with IT security engineer to conduct quarterly or on-demand VA Scan all system and follow up with IT Facility Management on the remediation to meet IM8 timeline.
• Share domain and technical expertise, providing technical mentorship and cross-training to other peers and team members.

You Bring:

• 5+ years IT security experience required.
• Experience with Networks, Servers (Windows and UNIX), Database.
• Experience in IT security auditing, security assessments.
• Understand protocols, traffic flows, ability to analyze logs from various sources.
• Knowledge of Active Directory, Endpoint protection solutions, Early Detection and Response solution, Database Activities Monitoring tools, SIEM etc.
• Excellent written and verbal communication, presentation skills.
• Proficiency in Microsoft Excel.
• Flexible, team player, “get-it-done” personality.
• Ability to organize and plan work independently.
• Ability to work in a rapidly changing environment.
• Ability to multi-task and context-switch effectively between different activities and teams.
• CISSP, CISM, Security+, IT security tools certifications (Imperva, Carbon Black) is a plus.