Senior Security Engineer

Introduction

Since 1973, East West Bank has served as a pathway to success. With over 110 locations across the U.S. and Asia, we are the premier financial bridge between the East and West. Our teams of experienced, multi-cultural professionals help guide businesses and community members on both sides of the Pacific looking to explore new markets and create new opportunities, and our sustained growth and expertise in industries like real estate, entertainment and media, private equity and venture capital, and high-tech help build sustainable businesses and expand our associates’ potential for career advancement. 

Headquartered in California, East West Bank (Nasdaq: EWBC) is a top-performing commercial bank with a strong foundation, an enterprising spirit and a commitment to absolute integrity. East West Bank gives people the confidence to reach further.

Overview

The Senior Information Security Engineer will participate in establishing and maintaining a corporate-wide information security management program to ensure that information assets are adequately protected. As an East West Bank employee, the Information Security Engineer will be part of a growing and stable organization that provides career path development opportunities while serving a growing and profitable market. The Security Engineer is responsible for overseeing the design, implementation, and continuous improvement of security platforms and capabilities, including the Security Information and Event Management (SIEM) infrastructure and Identity and Access Management (IAM) solutions such as multi-factor authentication (MFA), federation/single sign-on (SSO), and Privileged Access Management (PAM). This role ensures the organization’s logging, monitoring, alerting, and access control capabilities are robust and compliant. The position plays a critical role in supporting incident detection, response, and forensic investigations while collaborating across IT, compliance, and business units.

Responsibilities

• SIEM Infrastructure & Operations
  • Engineer, build, and maintain logging infrastructure to support SIEM and Security Operations teams.
  • Monitor and manage SIEM performance, ensuring optimal data ingestion, correlation, and alerting.
  • Tune and configure SIEM rules to reduce noise and improve detection accuracy.
• Identity & Access Management (IAM) Engineering
  • Engineer, implement, and support identity and access controls across on-prem and cloud environments, including Active Directory and Azure AD.
  • Perform security reviews and continuous tuning of Azure AD Conditional Access policies (e.g., MFA enforcement, device compliance, location/risk-based access) to reduce account compromise risk.
  • Administer and enhance MFA, federation, and single sign-on (SSO) integrations using platforms such as Okta and ADFS; partner with application owners on secure onboarding/offboarding.
  • Design, implement, and operate Privileged Access Management (PAM) solutions (e.g., privileged account onboarding, vaulting, session management/recording, and least-privilege controls).
  • Establish and review access control standards, privileged access workflows, and periodic access recertification; integrate IAM/PAM events into monitoring and alerting processes.
• Security Monitoring & Incident Response
  • Investigate security incidents and lead response efforts as applicable
  • Monitor and analyze security logs and events from diverse sources (cloud network, endpoint)
  • Create technically detailed reports on SIEM Status, metrics, and incident trends.
• Compliance & Governance
  • Ensure SIEM logging standards meet regulatory and internal compliance requirements.
  • Collaborate with IT Governance, Risk, and Compliance teams to define log retention, access controls, and masking/encryption policies.
• Collaboration & Enablement
  • Work with application developers and system owners to ensure proper log generation and forwarding
  • Assist customers and internal teams in optimizing SIEM capabilities and workflows
• May perform other duties as assigned

Qualifications

• Bachelor's degree in Cybersecurity, Computer Science, or a related field; advanced degree preferred.
• 5+ years of hands‑on information security engineering experience.
• 3+ years of experience in data security, data protection, or similar roles.
• Hands‑on experience with data masking and handling tools such as Delphix or other.
• Experience building or operating DSPM, data discovery, or data governance programs. Hands-on experience with Purview, Cyera or equivalent tools.
• Proficiency with DLP and data governance tools such as Microsoft Purview, Digital Guardian, Forcepoint, Varonis, or similar.
• Experience integrating security tooling with SIEM platforms (e.g., Splunk, LogRhythm, InsightIDR, Sumo Logic).
• Familiarity with AI security risks, data usage controls, and governance in AI‑enabled environments.
• Strong automation and scripting capabilities.
• Experience working in regulated environments, preferably financial services.

Preferred Qualifications

• Professional certifications such as CISSP, CISM, CCSP, GIAC, CEH, or CISA.
• Experience securing data in cloud environments (AWS, Azure, GCP).
• Strong analytical, troubleshooting, and communication skills

Applicants must have legal authorization to work in the United States. We do not offer visa sponsorship at this time.

Compensation