Senior Linux & Ansible Engineer

Introduction:

Since 1973, East West Bank has served as a pathway to success. With over 120 locations across the U.S. and Asia, we are the premier financial bridge between the East and West. Our teams of experienced, multi-cultural professionals help guide businesses and community members on both sides of the Pacific looking to explore new markets and create new opportunities, and our sustained growth and expertise in industries like real estate, entertainment and media, private equity and venture capital, and high-tech help build sustainable businesses and expand our associates’ potential for career advancement.

Headquartered in California, East West Bank (Nasdaq: EWBC) is a top performing commercial bank with an exclusive focus on the U.S. and Greater China markets. With a strong foundation, an enterprising spirit, and a commitment to absolute integrity, East West Bank gives people the confidence to reach further.

Overview:

The Cyber Security Engineer - Linux will participate in establishing and maintaining a corporate wide information security management program to ensure that information assets are adequately protected. We are seeking a highly skilled and motivated Cyber Security Engineer with significant Linux expertise to manage and secure our Linux infrastructure. The ideal candidate will play a key role in designing, implementing, and maintaining robust security controls for our systems and networks. A key part of this role will involve managing automation through Ansible, ensuring consistent configuration management, and strengthening security controls across environments. You will collaborate with the cybersecurity and IT teams to mitigate risks, respond to security incidents, and ensure compliance with industry standards and best practices.

As an East West Bank employee, the security engineer will be part of a growing and stable organization that provides career path development opportunities while serving a growing and profitable market. The Information Security Engineer will work with senior members of the team to enhance and mature the security operations program.

Responsibilities:

Linux System Administration:

• Install, configure, and maintain Linux systems (e.g., Red Hat, Ubuntu, CentOS, Debian) across the organization.
• Ensure that all Linux servers are secure, optimized, and running efficiently.
• Apply system patches, updates, and security configurations in line with industry best practices.

Cybersecurity Management:

• Implement and manage cybersecurity tools for Linux environments.
• Conduct regular security assessments and audits to identify and mitigate risks within Linux systems.
• Acquire responsibility for additional security engineering tools, management and support.

Ansible Management & Automation:

• Manage Ansible playbooks to automate routine system and security tasks, ensuring consistency and security across Linux environments.
• Develop and maintain Ansible roles for security compliance, patch management, system hardening, and configuration management.
• Collaborate with DevOps and IT teams to integrate Ansible into CI/CD pipelines for security automation.

Security Compliance & Governance:

• Ensure all Linux systems comply with security frameworks such as CIS, NIST, and ISO 27001.
• Maintain compliance with regulations and industry standards (e.g., GDPR, HIPAA, PCI-DSS).
• Create and maintain security documentation, including system configurations, incident reports, and security protocols.

Vulnerability Management:

• Perform vulnerability scans on Linux environments using tools like Nessus, OpenVAS, or Qualys.
• Identify and prioritize remediation efforts for vulnerabilities and security gaps.
• Collaborate with development and IT teams to implement security patches and vulnerability fixes.

Automation & Scripting:

• Develop and maintain scripts for automating routine security tasks (e.g., patch management, log analysis) using Bash, Python, or Ansible.
• Leverage configuration management tools (e.g., Ansible, Puppet, Chef) to enforce security policies across Linux environments.

Incident Response & Monitoring:

• Act as a key responder to cybersecurity incidents involving Linux systems, leading investigations and remediation efforts.
• Monitor system logs, SIEM tools, and other indicators to identify potential threats or breaches.
• Collaborate with the broader security team to ensure a coordinated response to threats and incidents.

Access Control & Identity Management:

• Manage user access controls, privileges, and secure authentication (e.g., LDAP, SSH keys, PAM).
• Implement multifactor authentication (MFA) and encryption methods to safeguard sensitive data.

Disaster Recovery & Backup:

• Maintain and test disaster recovery and backup solutions for Linux systems.
• Ensure business continuity through efficient recovery processes and secure backups.

Collaboration & Training:

• Work with IT and development teams to implement security best practices in system design and deployment.
• Provide guidance and training to team members on Linux security, Ansible automation, and administration.

Qualifications:

Education:

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience).

Experience:

• 5+ years of experience in Linux system administration and cybersecurity.
• Strong understanding of cybersecurity principles, tools, and techniques (encryption, firewalls, IDS/IPS, etc.).
• Experience with Ansible automation for system configuration, patch management, and security compliance.
• Experience with vulnerability management, penetration testing, and Linux security hardening.
• Experience in automating security tasks using Bash, Python, Ansible, or similar scripting languages.

Certifications:

• Linux certifications such as RHCSA, LPIC, or Linux Foundation Certified SysAdmin (LFCS) preferred.
• Security certifications such as CompTIA Security+, CEH, CISSP, or GIAC certifications (GSEC, GCUX) are highly desirable.

Key Competencies:

• Deep knowledge of Linux/Unix operating systems and security.
• Familiarity with cloud platforms (AWS, Azure, Google Cloud) and securing Linux instances in the cloud.
• Strong analytical and problem-solving skills.
• Ability to prioritize and manage multiple tasks in a fast-paced environment.
• Strong communication and collaboration skills, with the ability to work across teams.

Compensation:

The base pay range for this position is USD $120,000.00/Yr. - USD $185,000.00/Yr. Exact offers will be determined based on job-related knowledge, skills, experience, and location.