Do you want to take the first step in making Filipinos’ lives better everyday? Here in GCash we want to stay at the forefront of the FinTech industry by creating innovative, meaningful, and convenient financial solutions for the nation! G ka ba? Join the G Nation today!

ROLES AND RESPONSIBILITIES:

• Incident Detection: Monitor network and system logs, security tools, and alerts to identify potential security incidents. Utilize intrusion detection systems, SIEM solutions, and other technologies to detect and report anomalies.
• Incident Analysis: Investigate and analyze security incidents to determine the scope, impact, and root cause. Identify the nature of the threat, the methods used, and potential vulnerabilities exploited.
• Incident Mitigation: Develop and implement strategies to contain and mitigate security incidents. This may involve isolating affected systems, patching vulnerabilities, and applying appropriate security controls.
• Response Planning: Create and maintain incident response plans and playbooks to ensure an organized and effective response to different types of incidents. Collaborate with relevant teams to establish incident response procedures.
• Coordination: Work closely with IT, security, legal, and compliance teams to coordinate incident response efforts. Ensure clear communication and collaboration during incident handling.
• Documentation: Maintain detailed records of incident response activities, including evidence, actions taken, and lessons learned. Prepare incident reports for management and stakeholders.
• Threat Intelligence: Stay current with the latest cybersecurity threats, vulnerabilities, and attack techniques. Leverage threat intelligence sources to enhance incident detection and response capabilities.
• Forensics: Conduct digital forensics and malware analysis to understand the nature of incidents and gather evidence for potential legal actions.
• Continuous Improvement: Review incident response processes and procedures regularly, identifying areas for improvement, and recommending updates to enhance the organization's security posture.
• Working Schedules: Able to work outside of regular business hours to respond to incidents promptly.

SKILLS, QUALIFICATIONS, AND COMPETENCIES

• Must have any 1 of the following:

CEH: Certified Ethical Hacker

GIAC Certified Incident Handler

CISSP: Certified Information Systems and Security Professional

Comptia Security +

• With 4-6 years experience on Security Operations and Incident Response
• Has experienced in Splunk Admin such as data parsing and indexing
• Must have a strong position around Information Security and must have handled either or both ISO27001 and PCI-DSS certifications
• Proficient in identifying threats in network, endpoints, APIs and user behavior.
• Knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management, etc.
• Knowledge of various operating system flavors including but not limited to Windows and Linux
• Knowledge in cloud environment (AWS, Alibaba Cloud)
• Knowledge of applications, databases, middleware to address security threats against the same.
• Proficient in preparation of reports, dashboards and documentation
• Good Analytical skills, Problem solving and Interpersonal skills
• Working knowledge and experience with Google products with proficiency in Google sheet
• Some tasks may involve high-pressure situations and the need for quick decision-making.
• Experience using a scripting language such as Python, Bash, OR PowerShell.
• Knowledge with Infrastructure as Code tools like Terraform
• Experience with Cloud Native applications (Kubernetes, Docker) is an advantage.

What We Offer

Opportunity for career growth and development in the #1 FinTech company in the country Working with a dynamic and highly collaborative team who want to change the game A company that values their people with highly competitive and flexible compensation and benefits package

Please refer to job description.