×
Register Here to Apply for Jobs or Post Jobs. X
More jobs:

Product Security Engineer – PSIRT

Job in Morrisville, Wake County, North Carolina, 27560, USA
Listing for: Lenovo
Full Time position
Listed on 2026-07-14
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 120000 - 150000 USD Yearly USD 120000.00 150000.00 YEAR
Job Description & How to Apply Below

We are Lenovo. We do what we say. We own what we do. We WOW our customers.

Lenovo is a US $83 billion revenue global technology powerhouse, ranked #196 in the Fortune Global 500, and serving millions of customers every day in 180 markets. Focused on a bold vision to deliver Smarter Technology for All, Lenovo has built on its success as the world’s largest PC company with a full-stack portfolio of AI-enabled, AI-ready, and AI-optimized devices (PCs, workstations, smartphones, tablets), infrastructure (server, storage, edge, high performance computing and software defined infrastructure), software, solutions, and services.

Lenovo’s continued investment in world-changing innovation is building a more equitable, trustworthy, and smarter future for everyone, everywhere. Lenovo is listed on the Hong Kong stock exchange under Lenovo Group Limited (HKSE: 992) (ADR: LNVGY).

This transformation together with Lenovo’s world-changing innovation is building a more inclusive, trustworthy, and smarter future for everyone, everywhere. To find out more visit , and read about the latest news via our Story Hub.

In this role, you will work as part of Lenovo’s Product Security Incident Response Team (PSIRT). You will be responsible for supporting the end-to-end response to product security vulnerabilities, including technical investigation, driving remediation with product teams, and publishing security advisories to customers.

This role operates as an experienced individual contributor, capable of independently handling complex vulnerability cases while collaborating across global teams. Candidates may come from PSIRT, software development, vulnerability management, or security research backgrounds, with a strong emphasis on application‑level security and the ability to automate and scale workflows.

Responsibilities
  • Independently own end‑to‑end handling of product security vulnerabilities, from intake through remediation and disclosure
  • Perform hands‑on technical investigation and validation of reported issues across software, firmware, and system components
  • Drive cross‑functional coordination with development teams to ensure timely and effective remediation
  • Draft security advisories, clearly communicating risk and mitigation to customers
  • Assign and manage CVE, CWE, and CVSS scoring for vulnerabilities
  • Engage with external security researchers, customers, and partners, supporting coordinated vulnerability disclosure (CVD)
  • Identify opportunities to automate vulnerability triage, analysis, and reporting workflows, including use of scripting or AI‑based approaches
  • Contribute to PSIRT tooling, automation, and process improvements to support scale and efficiency
  • Monitor external sources and industry channels for vulnerabilities impacting Lenovo products
  • Partner with global stakeholders to ensure consistent PSIRT execution across regions
Qualifications
  • Bachelor’s degree or equivalent experience
  • 5+ years of experience in software engineering, cybersecurity, or a related technical field
  • Experience in at least one of the following areas:
    • PSIRT or vulnerability response
    • Secure software development
    • Vulnerability management or security operations
  • Experience performing technical security investigations or triage
  • Experience with scripting or automation (e.g., Python or similar)
  • Strong written and verbal communication skills
  • Experience working in a PSIRT or coordinated vulnerability disclosure (CVD) environment
  • Software development background, particularly in application or system‑level components
  • Experience with bug bounty programs or security research
  • Familiarity with application security concepts and common vulnerability classes
  • Experience building or leveraging automation, tooling, or AI‑driven workflows
  • Strong understanding of vulnerability management processes, especially when paired with development experience
  • Familiarity with CVE, CVSS, CWE, and vulnerability disclosure practices
  • Understanding of product ecosystems (e.g., firmware, OS, drivers, applications)
Basic Requirements
  • 5+ years of software engineering, cybersecurity, software development, vulnerability management, security operations, and/or technical experience
Equal Opportunity Employer Statement

We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, religion, sexual orientation, gender identity, national origin, status as a veteran, and basis of disability or any federal, state, or local protected class.

#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary