AppSec Jobs
← Back to all jobs

East West Bank

Senior Security Engineer AppSec

San Marino, CAWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About East West Bank

East West Bank is a full-service commercial bank based in Pasadena, California, and is the primary subsidiary of East West Bancorp, Inc. With total assets exceeding $75-80 billion and over 120 branches, the bank focuses on serving as a financial bridge between the United States and Greater China/Asia. Founded in 1973, it has grown significantly under the leadership of CEO Dominic Ng, transitioning from a federally chartered savings institution to a full-service bank in 1995. The bank offers a wide range of banking solutions for individuals and businesses, including personal banking services like loans and deposits, commercial banking with small business lending and treasury management, and wealth management services. East West Bank also specializes in cross-border transactions and supports various sectors such as technology, entertainment, and clean energy. It is recognized for its commitment to inclusion, diversity, and equity, serving a diverse clientele that includes notable organizations like the Los Angeles Lakers and Seafood City.

Industry

banking

Employees

3,100

154 engineers

Revenue

$4.7B

Website

Visit →

Security at East West Bank

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • The AppSec team aims to embed security controls into CI/CD pipelines using GitHub workflows with a focus on collaboration and training rather than strict gating.
  • The approach emphasizes delivering targeted training sessions based on impact analysis and vulnerability trends, utilizing a data-driven approach to prioritize efforts.
  • A key goal is to tune and configure SIEM rules to reduce noise and improve detection accuracy.

Security Team

  • The AppSec team is responsible for overseeing the design, implementation, and continuous improvement of security platforms and works closely with developers to ensure proper log generation and forwarding.
  • The function falls under the Global CISO, led by Matt Fearin.
  • Active AppSec job postings include approximately 2 positions with emphasis on GitHub Advanced Security, CI/CD integration, API security (Data Theorem), and vulnerability tracking in ServiceNow/Jira.

Key Initiatives

  • The team actively works to embed security controls into CI/CD pipelines using GitHub workflows and manages GitHub Advanced Security configurations.
  • Vulnerability management includes Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and API security assessments.
  • The team validates findings, coordinates remediation with development teams, and tracks progress in ServiceNow and Jira.
  • Recent initiatives focus on GitHub Advanced Security rollout and API security monitoring integration.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.