Lead, Security Threat and Exposure Specialist

Do you want to take the first step in making Filipinos’ lives better everyday? Here in GCash we want to stay at the forefront of the FinTech industry by creating innovative, meaningful, and convenient financial solutions for the nation! G ka ba? Join the G Nation today!

Key Responsibilities:

• Organize and manage the completion of third party cybersecurity risk assessments and closure of identified risks

• Conduct thorough cybersecurity risk assessments of third parties, providing risk identification, analysis and recommended controls

• Act as a security consultant for projects and initiatives involving third parties.

• Provide leadership and mentorship to a team of security analysts.

• Present and report cybersecurity items to key stakeholders

• Collaborate with procurement, legal, and other key teams to ensure contractual security obligations are met.

• Develop and implement continuous improvement initiatives to enhance third-party security management process

What We’re Looking For:

• Minimum of 3 years of proven experience in Information Security Risk Management, IT Risk Management, or IT Audit, demonstrating a strong foundation in managing security risks in a dynamic environment.

• In-depth knowledge of Third-Party CyberSecurity Risk Management, with a solid track record of performing thorough risk assessments and developing mitigation strategies.

• Comprehensive understanding of information security frameworks and controls, particularly those based on industry standards such as ISO 27001, NIST, PCI DSS, CIS, etc. ensuring alignment with best practices.

• Working knowledge and exposure with security technologies, including encryption, Data Loss Prevention (DLP), firewalls, and Identity Access Management (IAM) solutions, contributing to a well-rounded technical skill set.

• Exposure to emerging areas such as cloud security and AI security, with the ability to adapt to evolving cybersecurity trends and technologies.

• Exceptional communication skills, both written and verbal, with the ability to convey complex technical information to diverse audiences, including senior leadership, third-party vendors, and cross-functional teams.

• Strong organizational capabilities, with a proven ability to manage multiple priorities, work efficiently under pressure, and maintain attention to detail while meeting deadlines.

• A strategic thinker with the capacity to build and nurture collaborative relationships with key internal stakeholders and third parties, driving alignment across departments.

• Certification in Information Security or Risk Management (e.g., CISSP, CISA) is highly desirable and will be considered a strong asset.

What We Offer

Opportunity for career growth and development in the #1 FinTech company in the country Working with a dynamic and highly collaborative team who want to change the game A company that values their people with highly competitive and flexible compensation and benefits package