Staff Researcher - App Sec Expert

General Information

Req #

WD00090041

Career area:

Research/Development

Country/Region:

Israel

State:

Tel Aviv District

City:

Petach – Tikva

Date:

Tuesday, October 21, 2025

Working time:

Full-time

Additional Locations :

* Israel

Why Work at Lenovo

We are Lenovo. We do what we say. We own what we do. We WOW our customers.
Lenovo is a US$69 billion revenue global technology powerhouse, ranked #196 in the Fortune Global 500, and serving millions of customers every day in 180 markets. Focused on a bold vision to deliver Smarter Technology for All, Lenovo has built on its success as the world’s largest PC company with a full-stack portfolio of AI-enabled, AI-ready, and AI-optimized devices (PCs, workstations, smartphones, tablets), infrastructure (server, storage, edge, high performance computing and software defined infrastructure), software, solutions, and services. Lenovo’s continued investment in world-changing innovation is building a more equitable, trustworthy, and smarter future for everyone, everywhere. Lenovo is listed on the Hong Kong stock exchange under Lenovo Group Limited (HKSE: 992) (ADR: LNVGY).
This transformation together with Lenovo’s world-changing innovation is building a more inclusive, trustworthy, and smarter future for everyone, everywhere. To find out more visit www.lenovo.com , and read about the latest news via our StoryHub .

Description and Requirements

Lenovo Digital Trust Lab is seeking an Application Security Expert focused on securing AI-driven applications across Lenovo’s hybrid AI ecosystem. This role combines classic application security expertise (web, mobile, APIs) with deep knowledge of LLM-powered interfaces, agent integrations, and AI-native threat models .
You will assess, design, and implement controls for AI applications—covering prompt-based interactions, model APIs, multi-agent workflows, and integrations with enterprise services. Beyond assessments, you will also partner with developers to embed security by design, enforce trust boundaries, and evolve secure coding practices for AI-enhanced systems.

Job Responsibilities
Perform application security reviews for AI applications, including LLM-based user interfaces, agent tool integrations, and API gateways.
Conduct threat modeling and penetration testing for AI applications, identifying risks such as prompt injection, model misuse, API abuse, and data leakage.
Design and enforce authentication, authorization, and session management controls for AI-native interactions.
Collaborate with AI researchers and product teams to integrate input/output validation, content moderation, and guardrails into applications.
Contribute to policies, standards, and best practices for AI application security across the organization.

Minimum Requirements
B.Sc. or M.Sc. in Computer Science, Cybersecurity, or related technical field.
5+ years of experience in Application Security / AppSec Engineering .
Strong background in web/mobile/API security
Hands-on experience with penetration testing tools and secure development frameworks.
Familiarity with AI/ML application architectures (LLM APIs, orchestration frameworks, embedding pipelines).

Preferred Requirements
Experience with AI-specific security risks : prompt injection, data leakage, jailbreak attacks, adversarial inputs.
Knowledge of agentic AI frameworks (LangChain, AutoGen, Semantic Kernel, etc.) and related risks.
Familiarity with cloud security controls for AI services (AWS, Azure, GCP AI platforms).
Experience in content filtering, policy enforcement, or guardrail frameworks (NeMo Guardrails, Llama-Guard, etc.).

We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, religion, sexual orientation, gender identity, national origin, status as a veteran, and basis of disability or any federal, state, or local protected class.

Additional Locations :

* Israel

* Israel

AI PROCESSING NOTICE
We use AI-based tools to support some of our processes (e.g. online interviews recordings and transcripts) in order to achieve better efficiency, accuracy and for our documentation purposes. AI can make mistakes, but we always make sure that the outputs are manually reviewed by a human. You can always opt-out or contact us in case of any question.