Assistant Manager Cybersecurity Governance

About PDAX

At PDAX, we believe that the future of money is digital, and our mission is to empower all Filipinos to grow their wealth through blockchain technology.

As one of the first crypto firms in the Philippine market, we feel a sense of duty to our users and to the ecosystem to set the standard for safety, ease of access, and reliability. We expect our team to share in this responsibility and cherish our vision of a more open and equitable financial system.

We are looking for new team members that are passionate about cryptocurrency, want to work in a disruptive, fast-growing industry, and thrive in a start-up environment.

If this sounds like you, then we’d love to talk.

General Responsibilitie

sCybersecurity Governance & Policy Managemen

• tDevelop, maintain, and enforce cybersecurity policies, standards, and procedure
• sEstablish control frameworks aligned with industry standards (NIST CSF, ISO 27001, CIS, PCI-DSS, etc.
• )Conduct periodic policy reviews and control assessment
• sManage policy exceptions and risk acceptance processe

sSecurity Risk & Complianc

• eLead cybersecurity risk assessments across technologies, vendors, projects, and product
• sMaintain cybersecurity risk registers and KRIs/KPI
• sSupport regulatory audits (internal/external) and compliance reporting requirement
• sEnsure compliance with relevant regulations (BSP MORNBFI, AMLC, PDPA, GDPR, SOC 2, etc.
• )Track remediation activities for findings and vulnerabilitie

sCybersecurity Metrics, Reporting & Governance Meeting

• sPrepare cybersecurity governance reports, dashboards, and cyber posture scorecard
• sLead monthly/quarterly governance meetings with internal stakeholder
• sMaintain audit trails, evidence, and documentatio

nCybersecurity Awareness & Trainin

• gImplement enterprise-wide cybersecurity awareness program
• sCoordinate phishing simulations, awareness content, and training plan
• sTrack participation and measure awareness maturity improvement

sVendor and Third-Party Securit

• yEvaluate vendor cybersecurity capability maturit
• yMaintain third-party security assessment
• sEnsure contractual and regulatory cybersecurity obligation

sIncident Preparedness & Oversigh

• tEnsure cyber incident response policies and playbooks exist and are teste
• dCoordinate tabletop exercises, DR testing, and business continuity check
• sTrack readiness gaps and remediation plan

s
Qualificatio

nsMust Hav

• e:Bachelor’s degree in IT, Computer Science, Cybersecurity, or related fie
• ldMinimum 5+ years experience in cybersecurity, governance, or compliance rol
• esStrong understanding of cybersecurity frameworks and regulatory requiremen
• tsExperience conducting audits, risk assessments, and compliance progra
• msStrong communication and stakeholder management skil

ls
Technical Knowle

• dgeSecurity frameworks: NIST CSF, CIS, ISO 27
• 001Cloud governance (AWS/Azure/G
• CP)Regulatory requirements (BSP, AMLC, PDPA, PCI, SO
• C2)Audit methodolog
• iesCyber risk scoring and dashboar

ds.
Prefer

• red:Professional certifications (CISM, CISSP, CRISC, CCSP, e
• tc.)Experience with BFSI, fintech, or regulated indust
• riesBackground in enterprise architecture, IT audit, or Security Operat

ions
Soft S

• killsStrong documentation and communication s
• killsStrong analytical and risk-based decision-m
• akingAbility to influence without auth
• orityAble to work cross-functionally across business and IT
• teamsExcellent attention to d

etail
Our C

ultureCommuni

• cationWe prioritize clear and transparent communication, ensuring that there is clarity among everyone we work
• with.We aim to have a collaborative environment, where innovative ideas in investment strategies are shared openly and constructively, driving the industry fo

rward.Customer

• -focusWe think about how our decisions impact our customers and ensure we provide the best experience that w
• e can.We believe in building lasting relationships with our clients, constantly learning from and listening to them, and always striving to look out for what’s best for both

sides.Comm

• itmentWe always aim to do the right thing and to do the right thing, excellently. We take accountability seriously and uphold ourselves to high standards, ensuring that we execute with attention to d
• etail.We are dedicated to the long-term success of our clients in the dynamic world of financial technology, maintaining integrity and professionalism in every aspect of our