Do you want to take the first step in making Filipinos’ lives better everyday? Here in GCash we want to stay at the forefront of the FinTech industry by creating innovative, meaningful, and convenient financial solutions for the nation! G ka ba? Join the G Nation today!
Who you’ll be working with:
If you have a strong background in IT, computer science, or software engineering, and are analytical, technologically savvy, solutions and process-focused, then the Technology & Operations team may be for you!
You’ll be responsible for the following:
- Defining and leading the overall strategy for enterprise-wide vulnerability management and risk assessment.
- Developing and enforcing standards, policies, and procedures for vulnerability assessments and remediation.
- Representing vulnerability management in risk committees, audit reviews, and executive briefings.
- Overseeing the end-to-end vulnerability lifecycle including scanning, validation, risk classification, ticketing, remediation tracking, and metrics reporting.
- Implement KPIs and dashboards to measure the effectiveness and maturity of the program (e.g., SLA compliance, Mean-Time-To-Remediate).
- Maintain alignment with NIST, ISO 27001, CIS Controls, PCI DSS, and other security frameworks and standards.
- Managing and mentoring a team of vulnerability analysts, engineers and managers.
- Coordinating with Security Defense Team, IT Ops, AppSec, and DevSecOps teams to support patching and configuration remediation activities.
- Oversee the deployment, configuration, and tuning of scanning tools (e.g., Qualys, Nessus, Rapid7, CrowdStrike Falcon Spotlight).
- Lead efforts in integrating vulnerability data into ticketing systems (e.g., JIRA, ServiceNow) and CMDBs for accurate asset-risk correlation.
We’re looking for:
- Bachelor’s or Master’s degree in Cybersecurity, Information Technology, or a related field
- 8–12 years of experience in IT security with 5+ years in vulnerability management and risk assessment.
- 5+ years of experience in a managerial or leadership role.
- Strong understanding of CVSS, EPSS, threat intelligence, and risk-based prioritization models.
- Experience with vulnerability scanning platforms and asset discovery tools.
- Familiarity with cloud security (AWS, Azure, GCP, Alibaba), container security, and CI/CD pipelines.
- Excellent communication, analytical thinking, and stakeholder management skills.
- Relevant certifications preferred (e.g., CISSP, CISM, GIAC GCCC, OSCP, CRISC).
What We Offer
Opportunity for career growth and development in the #1 FinTech company in the country Working with a dynamic and highly collaborative team who want to change the game A company that values their people with highly competitive and flexible compensation and benefits package