This new position joins Lenovo's AI Governance and Product Security organization within the Chief AI Office in our mission of enabling security and trust in Lenovo's use of AI technology in product development.

The AI and Product Security Office partners across all Lenovo's business and product areas to ensure AI tools are used in accordance with Company standards and international regulations, and that products are developed and implemented in accordance with industry best practices for AI security.

Working closely with AI and security leaders, the AI Governance and Product Security Analyst will play a key role in shaping and operationalizing the AI/Agent Development Lifecycle (ADLC). This includes embedding security and control requirements, defining architecture principles and establishing governance checkpoints across the lifecycle.

This UK-based role supports Global AI and Product Security programs, offering the opportunity to influence how AI is securely developed and deployed at scale.

Responsibilities

• Shape the future of AI security by supporting the development of AI and Product Security policies, standards, and guidelines.
• Apply secure design principles to real-world AI/ML systems, ensuring security is built in from the start.
• Embed security, privacy, and compliance controls into the AI/Agent Development Lifecycle (ADLC).
• Collaborate with cross-functional teams (security, engineering, AI governance) to align on best practices.
• Translate complex regulations and policies into practical, developer-friendly guidance.
• Support AI security testing, including risk identification and remediation tracking.
• Provide guidance to development teams on secure coding practices and vulnerability management.
• Drive AI security awareness through training, internal communication, and monitoring of emerging trends and regulations.

Basic Qualifications

• Bachelor’s degree in Cybersecurity, Computer Science or a related field (or equivalent experience).
• 5 years of experience in cybersecurity, with exposure to areas such as security engineering, application security, risk management or security operations.
• Experience working collaboratively across teams to support delivery of security or technology initiatives.
• Foundational understanding of application security, cloud security principles and secure development practices.
• Awareness of AI/ML concepts and an interest in applying security practices to emerging technologies.

Preferred Qualifications

• Exposure to AI governance, Responsible AI concepts, or emerging AI-related regulatory frameworks and standards (EU AI Act, ISO 42001).
• Familiarity with AI security frameworks or guidance (OWASP Top 10 for LLMs, MITRE ATLAS, NIST AI RMF).
• Experience supporting risk assessments, threat modelling, or security reviews.
• Understanding of data protection principles (e.g. GDPR).
• Relevant certifications (e.g. CISSP, CISM, or equivalent) are beneficial but not required.
• Strong communication skills, with the ability to explain technical concepts to a range of audiences.
• Comfortable working in a global, collaborative environment.