Senior Security Consultant **General Information** Req # WD00083348 Career area: Information Technology Country/Region: Hong Kong City: Hong Kong Date: Monday, June 16, 2025 Working time: Full-time **Additional Locations** : * Hong Kong **Why Work at Lenovo** We are Lenovo. We do what we say. We own what we do. We WOW our customers. Lenovo is a US$57 billion revenue global technology powerhouse, ranked #248 in the Fortune Global 500, and serving millions of customers every day in 180 markets. Focused on a bold vision to deliver Smarter Technology for All, Lenovo has built on its success as the world’s largest PC company with a full-stack portfolio of AI-enabled, AI-ready, and AI-optimized devices (PCs, workstations, smartphones, tablets), infrastructure (server, storage, edge, high performance computing and software defined infrastructure), software, solutions, and services. Lenovo’s continued investment in world-changing innovation is building a more equitable, trustworthy, and smarter future for everyone, everywhere. Lenovo is listed on the Hong Kong stock exchange under Lenovo Group Limited (HKSE: 992) (ADR: LNVGY). This transformation together with Lenovo’s world-changing innovation is building a more inclusive, trustworthy, and smarter future for everyone, everywhere. To find out more visit www.lenovo.com , and read about the latest news via ourStoryHub (https://news.lenovo.com/) . **Description and Requirements** **The Job** + Conduct comprehensive risk and control assessments to identify, evaluate, monitor, and mitigate risks across IT systems, applications, and network operations. + Conduct red/purple team operation and penetration testing to identify vulnerabilities and assess the effectiveness of security controls. + Implement remediation plans based on test findings to strengthen the security posture. + Support security teams in defining, assessing, and managing security operations through appropriate policies, procedures, and control frameworks. + Proactively evaluate IT control processes and activities to ensure the control environment is effectively designed and functioning. + Facilitate audit and security control reviews with internal teams and external parties, prioritizing and mitigating risks to acceptable levels. + Enhance security measures such as threat detection, attack penetration, and mitigation based on current and emerging threats. + Promote communication and collaboration between internal teams and external parties on risk and cybersecurity matters. **The Person** + Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Software Engineering, or related fields. + 5+ years of hands-on experience in red/purple team exercises, penetration testing, and DevSecOps. + Sound knowledge in Information Security, Business Continuity, Project Management, Application Security and industry best practices. + Holder of one or more of the following certifications is a plus: CISSP, CISA, CISM, CISP, OSCP, CEH, CRTP, and CRT. \#LPS **Additional Locations** : * Hong Kong * Hong Kong