About PDAX
At PDAX, we believe that the future of money is digital, and our mission is to empower all Filipinos to grow their wealth through blockchain technology.
As one of the first crypto firms in the Philippine market, we feel a sense of duty to our users and to the ecosystem to set the standard for safety, ease of access, and reliability. We expect our team to share in this responsibility and cherish our vision of a more open and equitable financial system.
We are looking for new team members that are passionate about cryptocurrency, want to work in a disruptive, fastgrowing industry, and thrive in a startup environment.
If this sounds like you, then we'd love to talk.
General Responsibilities
Key Responsibilities
Threat Detection & Incident Response
- Operate and continuously improve SIEM, EDR/XDR, and cloud security monitoring
- Develop and tune detection use cases mapped to MITRE ATT&CK
- Lead and support incident response for malware, phishing, account takeover, data exfiltration, ransomware, DDoS, and cloudnative attacks
- Perform root cause analysis and postincident reviews
Incident Response Readiness & Playbooks
- Design, create, and maintain incident response playbooks for highimpact attack scenarios
- Define triage steps, containment actions, escalation paths, and decision points
- Align playbooks with tooling, internal teams, and MSOC workflows
- Conduct tabletop exercises and simulations to validate readiness
Managed Security Operations (MSOC) Alignment
- Act as the primary security engineering lead for the organization's Managed Security Operations (MSOC)
- Ensure the MSOC has proper log sources, telemetry, and monitoring coverage across endpoints, networks, cloud, and identity
- Define and enforce alerting thresholds, escalation criteria, and severity definitions
- Establish and maintain clear communication and escalation channels between the MSOC and the internal cyber defense team
- Lead regular operational reviews with the MSOC to assess detection quality, false positives, and response effectiveness
- Validate MSOC incident handling through drills, VAPT exercises, and real incidents
Defensive Engineering & Posture Hardening
- Execute containment actions (endpoint isolation, credential revocation, network blocking)
- Identify defensive gaps exposed through incidents, MSOC findings, and testing
- Improve logging, alert fidelity, and response workflows
- Endpoint, Identity & Cloud Defense
Detect and respond to endpoint, identity, and cloudbased threats
- Investigate suspicious service accounts, API keys, and programmatic access
- Monitor for IAM abuse, privilege escalation, and token misuse
- Internal & External VAPT / Attack Simulation
Design and execute internal VAPT and attack simulations
- Lead external VAPT engagements, ensuring realistic scoping and attack paths
- Align testing with crownjewel assets and threat models
- Track remediation, retesting, and closure of findings
Threat Intelligence & Hunting
- Translate threat intelligence into actionable detections and threat hunts
- Conduct proactive threat hunting across endpoints, networks, and cloud telemetry
Reporting & Communication
- Produce clear incident, VAPT, and MSOC performance reports
- Communicate effectively with technical teams, MSOC providers, and leadership
- Maintain incident metrics, lessons learned, and readiness documentation
Qualifications
Experience
- 35+ years in Security Operations, Blue Team, or Incident Response
- Hands-on experience responding to real-world cyber attacks
- Proven experience working with or managing Managed Security Operations (MSOC) providers
- Experience designing incident response playbooks and leading VAPT exercises
Technical Skills
- Strong understanding of attack techniques across endpoint, network, identity, and cloud
- Deep familiarity with MITRE ATT&CK
- Hands-on experience with SIEM, EDR/XDR, cloud security telemetry, and vulnerability management
- Scripting or automation skills (Python, Bash, PowerShell)
Soft Skills
- Calm, structured decision-making under pressure
- Strong coordination and vendor-management skills in incident scenarios
- Ability to drive clarity across internal teams and external providers
- Clear technical and executive-level communication
Our Culture
Communication
- We prioritize clear and transparent communication, ensuring that there is clarity among everyone we work with.
- We aim to have a collaborative environment, where innovative ideas in investment strategies are shared openly and constructively, driving the industry forward.
Customer focus
- We think about how our decisions impact our customers and ensure we provide the best experience that we can.
- We believe in building lasting relationships with our clients, constantly learning from and listening to them, and always striving to look out for what's best for both sides.
Commitment
- We always aim to do the right thing and to do the right thing, excellently. We take accountability seriously and uphold ourselves to high standards, ensuring that we execute with attention to detail.
- We are dedicated to the longterm success of our clients in the dynamic world of financial technology, maintaining integrity and professionalism in every aspect of our work.
