Do you want to take the first step in making Filipinos’ lives better everyday? Here in GCash we want to stay at the forefront of the FinTech industry by creating innovative, meaningful, and convenient financial solutions for the nation! G ka ba? Join the G Nation today!
About the job
Do you want to help protect and shape the digital future of millions of Filipinos? At GCash, we operate at a massive scale in one of the most targeted industries in the world - financial services. To stay ahead, we don’t just react to threats; we actively simulate them.
We are looking for a Lead, Offensive Security Engineer to lead and execute advanced red team and offensive security operations. This role is for someone who thinks like an attacker, operates with discipline, and can translate technical findings into meaningful security improvements across the organization.
If you enjoy breaking things responsibly and influencing security strategy, not just running tools, this role is for you.
Key Responsibilities
Lead and execute red team and advanced penetration testing engagements that simulate real-world threat actors across applications, infrastructure, cloud, and identity environments
Identify, exploit, and chain vulnerabilities to demonstrate realistic attack paths and business impact
Design and improve adversary simulation scenarios aligned with real-world threat intelligence and the MITRE ATT&CK framework
Partner closely with blue team, security engineering, and security operations teams to improve detection, response, and overall security posture
Develop tooling, automation, or research to identify security weaknesses at scale and improve testing efficiency
Produce high-quality technical and executive-level reports, clearly communicating risk, impact, and remediation guidance
Stay ahead of emerging threats, techniques, and tooling, continuously evolving red team tradecraft
Preferred Qualifications
1-3 years of hands-on experience in red teaming, offensive security, advanced penetration testing
Proven track record of discovering impactful vulnerabilities, including complex or chained attack paths
Strong understanding of attacker tradecraft, including web, cloud, identity, and infrastructure attack vectors
Practical experience with adversary simulation and the MITRE ATT&CK framework
Ability to lead, mentor, and influence (this is a hands-on leadership role, not just an individual contributor position)
Strong written and verbal communication skills, with the ability to explain technical risk to both engineers and executives
-
At least one practical security certification, such as:
OSCP, OSEP, OSWE, OSED, OSWP, CRTO, CRTL, CRTP, CRTE, GRTP, CPTS, CWEE, CAPE
Candidates are encouraged to include write-ups, research, bug bounty findings, or internal/external reports demonstrating offensive security work.
What We Offer
The opportunity to help build and lead offensive security capabilities in the country’s #1 FinTech platform
Work alongside a highly skilled, collaborative, and mission-driven security team
Real impact - your work directly protects millions of users and high-value financial systems
A culture that values technical excellence, ownership, and continuous improvement
What We Offer
Opportunity for career growth and development in the #1 FinTech company in the country Working with a dynamic and highly collaborative team who want to change the game A company that values their people with highly competitive and flexible compensation and benefits package
