Security SOC Manager

Why Work at Lenovo

We are Lenovo. We do what we say. We own what we do. We WOW our customers.

Lenovo is a US$57 billion revenue global technology powerhouse, ranked #248 in the Fortune Global 500, and serving millions of customers every day in 180 markets. Focused on a bold vision to deliver Smarter Technology for All, Lenovo has built on its success as the world’s largest PC company with a full-stack portfolio of AI-enabled, AI-ready, and AI-optimized devices (PCs, workstations, smartphones, tablets), infrastructure (server, storage, edge, high performance computing and software defined infrastructure), software, solutions, and services. Lenovo’s continued investment in world-changing innovation is building a more equitable, trustworthy, and smarter future for everyone, everywhere. Lenovo is listed on the Hong Kong stock exchange under Lenovo Group Limited (HKSE: 992) (ADR: LNVGY).

Description and Requirements

Job Description: Security SOC Manager (IT Security Manager)

Job Summary:

We are seeking an experienced Security SOC Manager to lead our Security Operations Center (SOC) team in protecting our client IT environment from cyber threats. The successful candidate will be responsible for managing the SOC team, developing security strategies, and ensuring the overall security posture of our cloud environment (AWS, Azure or GCP).

Key Responsibilities:

• Team Management: Lead and manage the SOC team, providing guidance, training, and development opportunities.
• Security Strategy: Develop and implement Azure security strategies, aligning with industry best practices and regulatory requirements.
• Threat Detection: Oversee threat detection, incident response, and security analytics for Azure environment.
• Security Operations: Manage security operations, including monitoring, incident response, and vulnerability management.
• Compliance: Ensure Azure environment compliance with security policies, regulations, and industry standards.
• Collaboration: Collaborate with other teams, such as DevOps and IT, to ensure security is integrated into Azure deployments.
• Continuous Improvement: Continuously improve cloud security posture by identifying vulnerabilities and implementing security enhancements.

Requirements:

• Minimum 5 -7 years of IT experience in cybersecurity management, with a focus on incident response, vulnerability management, with governance risk and compliance.
• Hands-on experience with security technologies, either one of the following

- Application Security

- Open Web Application Security

- Penetration Testing

- Vulnerability management systems (e.g., Tenable, Nessus)

- Security information and event management (SIEM) systems

- Identity and access management (IAM/PAM/MFA) systems

• Industry-recognized certifications, must have at least one of :

- CISSP

- CISM

- GIAC/CISA

- CEH, or any other professional security certification will have an added advantage

• Strong experience in security SOC leadership, threat identification, protect, detection, and incident response and recovery/remediation
• Strong knowledge of Cloud security services, including native services such as Azure Security Center, Azure Sentinel, and Azure Firewall.
• Experience with Cloud and on premises security operations, threat detection, and incident response.
• Familiarity with compliance frameworks and regulations, such as CIS, HIPAA, PCI-DSS, and GDPR.
• Excellent leadership, communication, and collaboration skills.
• Strong analytical and problem-solving skills.

Preferred Skills:

• Azure security certifications, such as Microsoft Certified: Azure Security Engineer Associate.
• Experience with cloud security, including AWS or GCP.
• Knowledge of DevOps practices and tools, such as Azure DevOps.
• Familiarity with security frameworks, such as NIST Cybersecurity Framework.

Professional Attributes

• Collaboration: Ability to work effectively with various teams and stakeholders.
• Adaptability: Ability to adapt to changing security landscapes and priorities.
• Time Management: Ability to prioritize tasks and manage time effectively.
• Communication: Ability to communicate complex security concepts to non-technical stakeholders.
• Leadership: Ability to motivate and inspire team members to achieve security goals.

#LPS