Key skills
Access control frameworksIdentity governanceRole-based access control modelsPersonnel eligibility requirementsRegulatory compliance interpretationAudit evidence managementControlled data environmentsAccess governanceIdentity managementCFIUS regulatory frameworkFOCI regulatory frameworkIdentity Management
About this role
Lenovo is a global technology powerhouse focused on delivering Smarter Technology for All. The Senior Manager, Access Controls and Protected Data Governance will oversee access to Protected Data, ensuring compliance with security practices and regulations while maintaining robust access control systems.
Responsibilities:
- Serve as the control authority for approving or denying access to Protected Data and systems containing Protected Data
- Ensure all access is limited to Trusted Personnel and Trusted Third-Party Providers in accordance with NSA Article II.D
- Oversee personnel eligibility validation, including citizenship requirements and screening alignment with Data Security Practices and the Data Security Plan
- Maintain and enforce role-based access control models aligned to NSA restrictions
- Review and validate access provisioning, de-provisioning, and privileged access controls
- Evaluate proposed system, integration, or operational changes for impact to Protected Data access and enforce compliance gating
- Maintain authoritative records of access decisions, approvals, and supporting evidence for audit and reporting purposes
- Partner with Integration and Change Governance to ensure no access is granted prior to required approvals
- Escalate any unauthorized access, policy violations, or eligibility concerns to the Security Officer
Requirements:
- Deep expertise in access control frameworks, identity governance, and role-based access models
- Strong understanding of personnel eligibility requirements in regulated environments
- Ability to interpret regulatory requirements and translate them into enforceable access controls
- Strong documentation discipline with audit-ready evidence management
- Experience operating in controlled or restricted data environments
- Bachelor's degree in cybersecurity, information systems, or related field required
- 12+ years of experience in access governance, identity management, or regulated security environments
- U.S. citizenship required
- Experience supporting CFIUS, FOCI, or similar regulatory frameworks strongly preferred