Job details

Offensive Risk Strategist

Get a free resume review

Introduction

Since 1973, East West Bank has served as a pathway to success. With over 110 locations across the U.S. and Asia, we are the premier financial bridge between the East and West. Our teams of experienced, multi-cultural professionals help guide businesses and community members on both sides of the Pacific looking to explore new markets and create new opportunities, and our sustained growth and expertise in industries like real estate, entertainment and media, private equity and venture capital, and high-tech help build sustainable businesses and expand our associates’ potential for career advancement.

Headquartered in California, East West Bank (Nasdaq: EWBC) is a top-performing commercial bank with a strong foundation, an enterprising spirit and a commitment to absolute integrity. East West Bank gives people the confidence to reach further.

Overview

The Offensive Risk Strategist is responsible for leading and managing the organization’s vulnerability assessment program which includes threat modeling / assessments, red teaming, and penetration testing programs to proactively identify, analyze, and mitigate risks. This role ensures a comprehensive security posture by overseeing simulated attack scenarios and delivering actionable insights for remediation.

As an East West Bank employee, the Threat and Vulnerability Manager will be part of a growing and stable organization that provides career path development opportunities while serving a growing and profitable market. This position is key to strengthening the organization’s defenses, driving innovation in security practices, and collaborating with a talented team in a dynamic and fast-paced environment.

Responsibilities

Develop, implement, and maintain a comprehensive vulnerability assessment program.
Perform regular vulnerability assessments across IT systems, applications, cloud platforms, and networks.
Assess and prioritize vulnerabilities based on risk levels, potential business impact, and threat intelligence.
Manage Attack Surface Monitoring.
Update and disseminate threat intelligence on active Threat Actors (Threat Actor Profiles).
Deliver regular briefings to leadership on vulnerability trends and risk status.
Establish automated threat Intelligence process for ingestion of TI and development of action plans.
Establish an effective Threat Assessment, Red Teaming and Threat Modeling capability for the bank.
Oversee internal and external penetration testing engagements, ensuring alignment with industry standards such as OWASP, NIST, and MITRE ATT&CK.
Validate the effectiveness of remediation actions through follow-up assessments.
Evaluate new tools and technologies to enhance the efficiency and effectiveness of security assessments
Stay updated on emerging threats, vulnerabilities, and attack techniques to adapt assessment methodologies.
Incorporate threat intelligence and industry best practices into vulnerability and red team programs.
Support automation and orchestration to maximize team talent and reduce routine tasks.
Support regulatory reviews, assessments as well and monitor and lead reporting and remediating identified control and regulatory issues
Foster collaboration between security, IT operations, and business teams to ensure alignment on security goals.
Promote a culture of security awareness across the organization.

Qualifications

Expertise in vulnerability management and penetration testing tools and techniques.
Proficiency in red teaming methodologies and frameworks (e.g. MITRE ATT&CK, TIBER-EU)
Knowledge of secure coding practices and application security testing.
Familiarity with cloud security (AWS, Azure, or GCP) and DevSecOps practices
Excellent communication skills for technical and non-technical audiences.
Strong analytical and problem-solving abilities.
Highly organized and efficient. Ability to work independently and as part of a team in a fast-paced, dynamic environment.
Bachelor's degree in Cybersecurity, Information Technology or related field required, advanced degree (Masters level) preferred
Minimum of 5 years in cybersecurity, with at least 3+ years in vulnerability management, penetration testing, or red teaming.
Hands-on experience in vulnerability assessments, penetration testing methodologies, and red teaming strategies.
Strong understanding of both offensive and defensive security techniques.
Preferred Certification such as CCSP, CISSP, CEH, OSCP, OSCE, GPEN, GWAPT, CVA, or other red team and penetration testing credentials.

Compensation

The base pay range for this position is USD $120,000.00/Yr. - USD $180,000.00/Yr. Exact offers will be determined based on job-related knowledge, skills, experience, and location.

Average salary estimate

$150000 / YEARLY (est.)

min

max

$120000K

$180000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Offensive Risk Strategist, UNAVAILABLE

At East West Bank, we’re on the lookout for an Offensive Risk Strategist to join our dynamic team in San Marino. This isn’t just any role; it’s an opportunity to lead our vulnerability assessment program, where you will play a crucial part in ensuring our organization stays a step ahead of potential threats. You’ll get to flex your skills in threat modeling, red teaming, and penetration testing while managing the organization’s overall security posture. Imagine being at the forefront of proactive risk management, where you’ll conduct regular assessments across our IT systems, applications, and networks to identify potential vulnerabilities. With your strategic insights, you’ll aid senior leadership in making informed decisions about our security tactics and enhance our defensive mechanisms. Not just a numbers game, you will collaborate with talented professionals and foster a culture of security awareness throughout the bank. Your input will drive innovation in our security practices and pave the way for career advancement within our growing bank. If you're passionate about cybersecurity and ready to protect and serve our clients while advancing your career, East West Bank is eager to welcome you. Join us and help shape a secure future!

Frequently Asked Questions (FAQs) for Offensive Risk Strategist Role at UNAVAILABLE

What are the daily responsibilities of an Offensive Risk Strategist at East West Bank?

As an Offensive Risk Strategist at East West Bank, your daily responsibilities will include developing and managing a vulnerability assessment program, performing regular assessments on IT systems, applications, and networks, and prioritizing vulnerabilities based on risk levels and potential business impacts. You will also oversee penetration testing engagements, conduct risk assessments, and deliver briefings to leadership on threat intelligence trends, ensuring the bank maintains a robust security posture.