Senior Network Security Engineer

Introduction

Since 1973, East West Bank has served as a pathway to success. With over 120 locations across the U.S. and Asia, we are the premier financial bridge between the East and West. Our teams of experienced, multi-cultural professionals help guide businesses and community members on both sides of the Pacific looking to explore new markets and create new opportunities, and our sustained growth and expertise in industries like real estate, entertainment and media, private equity and venture capital, and high-tech help build sustainable businesses and expand our associates’ potential for career advancement. Headquartered in California, East West Bank (Nasdaq: EWBC) is a top performing commercial bank with an exclusive focus on the U.S. and Greater China markets. With a strong foundation, and enterprising spirit and a commitment to absolute integrity, East West Bank gives people the confidence to reach further.

Overview

Design, build, deploy and support global network security infrastructure. Perform and maintain day-to-day Network Security operations. Proactively monitoring, analyze, and troubleshooting to ensure the Bank's network security infrastructure is running optimally, high availability, and a secure environment. Participate and collaborate among internal departments and external vendors to implement solutions to fulfill business objective and requirements.

Responsibilities

• Configure and deploy access policy and enforcement for TACACS/RADIUS authentication on networking devices such as routers, switches, firewalls, VPN, and wireless.
• Build, analyze and enforce security and access control policies different security tools
• Design, configure, deploy, and maintain Next Generation Firewalls/IPS to provide access control to different security zones in both US and Asia environments
• Configure, deploy, maintain, and troubleshoot remote access VPN; and site-to-site VPNs peering with 3rd party vendors.
• Maintain and operate Web-Proxy solutions, to configure and deploy policy rule-sets accordance to bank security policy and interact with InfoSec team to meet business justification.
• Provide support for network security operations service availability issues and troubleshooting for internal, external, and 3rd party vendors such as ACL, NAT, VPN, WCCP, and Policy inspection.
• Monitoring and analyzing network security related hardware/software alerts, health, and performance; and resolve issues in a timely manner to minimize impact.
• Perform system upgrade and deployment as part of vulnerabilities/bugs remediation, and product refresh
• Research, evaluate, design and deploy new and emerging technologies
• Provide training and mentor lower-level engineers
• Develop technical documentation describing the deployment, configuration, and management of network infrastructure.
• Respond to existing audits and ensures required controls are implemented as required
• Perform recurring firewall review program for ACL clean-up
• Assist and support Asia IT team as Tier II Network support

Qualifications

• B.S in CS, engineering, MIS, or equivalent related work experience
• Minimum of 5 years of experience in Network Security Engineering
• Cisco CCNP security and/or other relevant security certification is highly desired
• Experience with Cisco ISE configuration and troubleshooting
• Experience with Cisco ASA/FTD/SFR/FMC/ISE is preferred
• Experience with Azure firewalls, gateways and NSG
• Knowledge of cloud network solutions
• Knowledge of McAfee Web-Proxy or related solutions is a plus
• Knowledge of Fortinet FW, Splunk, ExtraHop, WireShark, SolarWinds NCM and Cloud based FW/IPS, and Linux is a plus
• Strong oral and written communication skills
• Strong interpersonal skills
• Be able to travel within and outside of the US
• Presentation experience
• Ability to prioritize along with good time management skills
• Desire and willing to learn and adapt emerging technologies and skills

Compensation

The base pay range for this position is USD $110,000.00/Yr. - USD $130,000.00/Yr. Exact offers will be determined based on job-related knowledge, skills, experience, and location.