Since 1973, East West Bank has served as a pathway to success. With over 120 locations across the U.S. and Asia, we are the premier financial bridge between the East and West. Our teams of experienced, multi-cultural professionals help guide businesses and community members on both sides of the Pacific looking to explore new markets and create new opportunities, and our sustained growth and expertise in industries like real estate, entertainment and media, private equity and venture capital, and high-tech help build sustainable businesses and expand our associates’ potential for career advancement.
Headquartered in California, East West Bank (Nasdaq: EWBC) is a top performing commercial bank with an exclusive focus on the U.S. and Greater China markets. With a strong foundation, and enterprising spirit and a commitment to absolute integrity, East West Bank gives people the confidence to reach further.
The Threat and Vulnerability Manager is responsible for leading and managing the organization’s vulnerability assessment program which includes threat modeling / assessments, red teaming, and penetration testing programs to proactively identify, analyze, and mitigate risks. This role ensures a comprehensive security posture by overseeing simulated attack scenarios and delivering actionable insights for remediation.
As an East West Bank employee, the Threat and Vulnerability Manager will be part of a growing and stable organization that provides career path development opportunities while serving a growing and profitable market. This position is key to strengthening the organization’s defenses, driving innovation in security practices, and collaborating with a talented team in a dynamic and fast-paced environment.
Responsibilities Develop, implement, and maintain a comprehensive vulnerability assessment program.Perform regular vulnerability assessments across IT systems, applications, cloud platforms, and networks.Assess and prioritize vulnerabilities based on risk levels, potential business impact, and threat intelligence.Manage Attack Surface Monitoring.Update and disseminate threat intelligence on active Threat Actors (Threat Actor Profiles).Deliver regular briefings to leadership on vulnerability trends and risk status.Establish automated threat Intelligence process for ingestion of TI and development of action plans.Establish an effective Threat Assessment, Red Teaming and Threat Modeling capability for the bank.Oversee internal and external penetration testing engagements, ensuring alignment with industry standards such as OWASP, NIST, and MITRE ATT&CK.Validate the effectiveness of remediation actions through follow-up assessments.Evaluate new tools and technologies to enhance the efficiency and effectiveness of security assessmentsStay updated on emerging threats, vulnerabilities, and attack techniques to adapt assessment methodologies.Incorporate threat intelligence and industry best practices into vulnerability and red team programs.Support automation and orchestration to maximize team talent and reduce routine tasks.Support regulatory reviews, assessments as well and monitor and lead reporting and remediating identified control and regulatory issuesFoster collaboration between security, IT operations, and business teams to ensure alignment on security goals.Promote a culture of security awareness across the organization. Qualifications Expertise in vulnerability management and penetration testing tools and techniques.Proficiency in red teaming methodologies and frameworks (e.g. MITRE ATT&CK, TIBER-EU)Knowledge of secure coding practices and application security testing.Familiarity with cloud security (AWS, Azure, or GCP) and DevSecOps practicesExcellent communication skills for technical and non-technical audiences.Strong analytical and problem-solving abilities. Highly organized and efficient. Ability to work independently and as part of a team in a fast-paced, dynamic environment.Bachelor's degree in Cybersecurity, Information Technology or related field required, advanced degree (Masters level) preferredMinimum of 5 years in cybersecurity, with at least 3+ years in vulnerability management, penetration testing, or red teaming.Hands-on experience in vulnerability assessments, penetration testing methodologies, and red teaming strategies.Strong understanding of both offensive and defensive security techniques.Preferred Certification such as CCSP, CISSP, CEH, OSCP, OSCE, GPEN, GWAPT, CVA, or other red team and penetration testing credentials. Compensation The base pay range for this position is USD $140,000.00/Yr. - USD $185,000.00/Yr. Exact offers will be determined based on job-related knowledge, skills, experience, and location. Options Apply for this job onlineApplyShareEmail this job to a friendRefer <p style="margin: 0px;"><span style="color: #54585a;">Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.</span></p> Share on your newsfeedEast West Bank is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other legally protected status. Reasonable accommodations for disability are provided to applicants and employees in accordance with applicable law. Application FAQs
Software Powered by iCIMS
www.icims.com