Identity & Access Management Engineer

For more than 40 years, East West Bank has served as a pathway to success. With over 130 locations across the U.S. and Greater China, we are the premier financial bridge between the East and West. Our teams of experienced, multi-cultural professionals help guide businesses and community members on both sides of the Pacific looking to explore new markets and create new opportunities. And our sustained growth and expertise in industries like real estate, entertainment and media, private equity and venture capital, high-tech and aviation help build sustainable businesses and expand our employees' potential for career advancement.
Headquartered in California, East West Bank (Nasdaq: EWBC) is a top performing commercial bank with an exclusive focus on the U.S. and Greater China markets. With assets of $37.7 billion, we're ranked among the 30 largest banks in the United States and currently top 5 in "America's 100 Best Banks" by Forbes, a list where we've consistently been in the top 15 since 2010. With a strong foundation, an enterprising spirit and a commitment to absolute integrity, East West Bank gives people the confidence to reach further.
East West Bank is currently seeking an Identity & Access Management (IAM) Engineer with hands on SailPoint IdentityIQ experience for the IT Risk Management & Compliance team within the Enterprise IT Risk Management department. Reporting to the Head of IT Risk Management & Compliance, this critical role will be responsible for the design, implementation, administration, configuration and support of the Bank's Identity and Access Management solution.
As an East West Bank employee, you will be part of a growing and stable organization that provides career path development opportunities while serving a growing and profitable market.
As a valuable East West Bank team member, your duties (not limited to) will include:
Onboard applications to SailPoint IdentityIQ for automated user and entitlement certifications.
Configure and develop/code (Beanshell) SailPoint IdentityIQ correlation rules, escalation rules, certification exclusion rules, pre-delegation rules, aggregation tasks, etc.
Administer user and entitlement certification campaigns via SailPoint IdentityIQ.
Design and configure SailPoint IdentityIQ's Identity and Application Risk Models.
Establish privileged access and segregation of duties monitoring controls for identifying and mitigating risks associated with access rights.
Perform SailPoint IdentityIQ application upgrades and patching of underlying software (i.e., Java JDK and Apache).
Remediate vulnerabilities identified from regular vulnerability scans and penetration testing for the IAM applications and servers.
Administer user and entitlement certification campaigns via SailPoint IdentityIQ.
Maintain, migrate, and deploy code between environments.
Perform ongoing performance tuning and system resource optimization.
Develop documentation including user guides, desktop procedures, run books, etc.
Develop and facilitate end user trainings as necessary.
Act as the Subject Matter Expert for IAM suite of tools to assist with critical technical, operational, and strategic decisions.
Perform role mining and implement role based access for the enterprise.
Design and implement SailPoint IdentityIQ Lifecycle Manager for automated provisioning and access removal.
Required Skills & Qualifications:
Minimum of 5+ years of hands on experience in IAM system design, architecture, implementation and administration.
A minimum of a Bachelor's Degree or equivalent proven work experience.
Basic to expert Beanshell, HTML and SQL scripting/coding skills required.
Minimum of 2+ years of hands on experience with SailPoint IdentityIQ (e.g., implementation, configuration, and administration).
Ability to work well with others, and communicate (verbal and written) effectively with all levels of management.
Thorough attention to detail, excellent organizational, time management, project management and multi-tasking skills.
Competency in data gathering and analysis and conceptual problem solving.
Proficiency with Microsoft Office Suite (MS PowerPoint, Word, Excel, Visio etc.)
Available to be on-call for incident response as needed.
Ability to work in a fast-paced environment.
Additional Desired Skills and Qualifications:
CIAM, CISSP and/or other relevant certifications

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.