Senior Manager of Information Security Operations

Introduction

Since 1973, East West Bank has served as a pathway to success. With over 110 locations across the U.S. and Asia, we are the premier financial bridge between the East and West. Our teams of experienced, multi-cultural professionals help guide businesses and community members on both sides of the Pacific looking to explore new markets and create new opportunities, and our sustained growth and expertise in industries like real estate, entertainment and media, private equity and venture capital, and high-tech help build sustainable businesses and expand our associates' potential for career advancement.

Headquartered in California, East West Bank (Nasdaq: EWBC) is a top-performing commercial bank with a strong foundation, an enterprising spirit and a commitment to absolute integrity. East West Bank gives people the confidence to reach further.

Overview

The Senior Manager of Information Security Operations is responsible for providing leadership, as well as operational and tactical directions to diverse teams, including analysts, engineers and architects. The security manager provides strategic direction, but at the direction of the CISO / Deputy CISO. The security manager leads the team through the information security program by establishing highly effective policies, corporate protocols and appropriate collaboration among teams.

In addition, this leader assumes responsibility for the education and enforcement of those protocols and matters of compliance.

The security manager possesses a strong technical background and understands risk, mitigation and technical controls. The manager is expected to lead teams that perform technical work and must possess leadership qualities.

This position requires strong written and oral communication skills, as well as the ability to communicate detailed, technical information in a manner comprehensible by individuals at varying degrees of experience and skill level. This role requires the ability to speak confidently in front of large groups and with corporate management, vendors and service providers. The information security manager also contributes to the company IT security strategy and roadmap.

Responsibilities

* Be actively informed and engaged in daily security operations. Oversee day‑to‑day security operations, including SOC monitoring, alert triage, and investigation across SIEM, EDR/XDR/IDS/IPS network, cloud, and identity platforms.

* Ensure continuous security coverage through internal teams and managed security service providers (MSSPs) on a 24x7 basis.

* Maintain operational runbooks, playbooks, and escalation procedures aligned with regulatory expectations.

* Manage the end‑to‑end security incident response lifecycle, including detection, containment, eradication, recovery, post‑incident reviews, and forensic analysis.

* Monitor enterprise spam and phishing emails and participate in developing social engineering exercises

* Monitoring DLP incidents, investigation, and tuning of DLP solution

* Adhere to service level agreements (SLAs), metrics and business scorecard obligations for ticket handling of security incidents and events.

* Gather, analyze and assess the current and future threat landscape, and assist in providing leadership with a realistic overview of risks and threats in the enterprise environment.

* Review audit trails, system logs and other monitoring data sources regularly and ensure they are in compliance with policies and audit requirements.

* Work with business units and with other risk functions to identify security requirements, using methods that may include risk and business impact assessments.

* Partner with the security engineering team to improve tool usage and workflow and mature monitoring and response capabilities.

* Analyzes technologies and establishes highly effective processes and protocols to ensure comprehensive protection exists to prevent unauthorized entry into the company networks and systems.

* Supports automation and orchestration to maximize team talent and reduce routine tasks.

* Actively recruits and leads by example to create a culture where employees want to work.

* Mentors security team and places a heavy…