Information Security Manager
Please Enable Cookies to Continue Please enable cookies in your browser to experience all the personalized features of this site, including the ability to apply for a job. Returning Candidate? Information Security & Risk Manager Location US-CA-Palo Alto Job ID 2019-7190 Category Other Position Type Full-Time
For more than 40 years, East West Bank has served as a pathway to success. With over 130 locations across the U.S. and Greater China, we are the premier financial bridge between the East and West. Our teams of experienced, multi - cultural professionals help guide businesses and community members on both sides of the Pacific looking to explore new markets and create new opportunities, and our sustained growth and expertise in industries like real estate, entertainment and media, private equity and venture capital, high-tech and aviation help build sustainable businesses and expand our employees' potential for career advancement.
Headquartered in California, East West Bank (Nasdaq: EWBC) is a top performing commercial bank with an exclusive focus on the U.S. and Greater China markets. With assets of $41 billion, we've ranked among the 30 largest banks in the United States. And since 2010, we have been recognized by Forbes as one of the top 15 best banks in America. With a strong foundation, and enterprising spirit and a commitment to absolute integrity, East West Bank gives people the confidence to reach further.
East West Bank is currently seeking a Information Security and Risk Managerfor its Digital Bank. Reporting directly to the Chief Information Security Officer (CISO) for Digital Banking and working day-to-day to secure and grow the Digital Bank. This critical role will be responsible for information security, risk management, cybersecurity, data privacy, mobile application security, and cloud risk management. Digital business enablement across the product leads, enterprise technology, development, and operations teams is key to success.
- Mobile security of digital banking applications
- Secure SDLC and DevSecOps controls and enhancements
- Cloud and API security architecture and controls
- Oversee security assessments of applications and infrastructure
- Mobile threat protection
- Customer data privacy
- Security logging and monitoring
- Security and Risk Roadmap and Strategy
- Web Application and Cyber Security
- Develop and maintain a deep understanding of the digital business.
- Embed as part of the business to ensure information risks are identified, assessed, mitigated and controlled through the release lifecycle of a global mobile bank.
- Work with IT Operations, Fraud Prevention, Information Security and Application Development teams to assist in the development of strategies and plans for improving infrastructure, architecture and application security.
- Assist in the review, development, testing and implementation of security plans, products and control techniques, including enhancement of existing processes and service offerings.
- Provide technical hands on leadership and ownership to business management and staff in risk assessments and implementation of appropriate data security procedures and products.
- Determine the appropriate levels of controls to safeguard sensitive data and validate those controls are being implemented.
- Provide ongoing awareness of good Information Security practices.
- 5+ years of Cybersecurity, and/or Information Security experience in an increasing complex environment.
- Mobile application security (iOS and Android)
- Proven ability to effectively apply risk principles to challenging business situations.
- Bachelor’s Degree in Information Technology, Computer Science, Information Security, or other related area.
- Advanced degree a plus.
- One or more relevant security and risk certifications: CISSP, CISM, CRISC, or other similar certifications.
- Deep understanding of concepts, technologies and controls related to the security of mobile applications, cloud, APIs and data
- Experience in information security, incident response, vulnerability management, security architecture, and other technology related risks.
- Knowledge of IT governance, risk management and compliance frameworks such as FFIEC, NIST, ISO, SOX, GLBA, CSA, and/or COBIT.
- Global experience a plus.
- Experience evaluating threats/risks
- Proficiency with Cloud types and configurations (SaaS, IaaS, PaaS, public, private, hybrid, etc.).
- Excellent verbal and written communication skills. Ability to communicate with business leaders and tech-savvy stakeholders.
- Create reports, presentations and analyze reports for a diverse group of stakeholders.
- Thorough attention to detail, excellent organizational, time management, project management and multi-tasking skills.
Additional Desired Skills & Qualifications
- Self-starter and quick-learner, capable of learning new subjects and can adapt to a high-paced team.
- Proficiency with Microsoft Office Suite (MS PowerPoint, Word, Excel, Visio, etc.).
- Ability to take ownership of an initiative/issue through completion.
- Ability to work in a collaborative environment.
- Strong analytical skills/problem solving/conceptual thinking.
Options Sorry the Share function is not working properly at this moment. Please refresh the page and try again later. Share on your newsfeed Connect With Us! Not ready to apply? for general consideration. East West Bank is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other legally protected status. Reasonable accommodations for disability are provided to applicants and employees in accordance with applicable law.
Software Powered by iCIMS