Fractional CISO (vCISO)
Arcanys is a high-growth Swiss software development partner with a 300+ person operation in the Philippines. We are looking for a Fractional CISO (Chief Information Security Officer) to transition our security posture to "enterprise-grade".
Who you are (Requirements):
Proven experience leading security governance in mid-sized companies (200–500 employees), including SOC 2 or ISO 27001 certification, ideally in outsourcing/software services companies.
Strong technical foundation across SDLC, CI/CD security, and cloud platforms (AWS, Google Workspace).
Effective communicator and mentor, able to explain security concepts to both junior technical staff and non-technical stakeholders.
Experience handling client security audits and vendor assessments.
Experience working with distributed teams (Europe/Asia/Australia) and with early-stage startups is a plus.
Relevant certifications such as CISSP, CISM, or CISA preferred.
Key Responsibilities:
1. Security Strategy
Design a 12-month security roadmap that balances "Swiss Quality" expectations with the agility of a software outsourcing firm.
Establish a Risk Register and prioritize remediation based on business impact.
2. Mentorship & Team Elevation
Act as the direct mentor to our IT Manager, transforming technical tasks into security controls.
Establish "Security Office Hours" to train our lead developers on secure coding (OWASP) and DevSecOps.
3. Cross-Border Compliance
Ensure all data handling meets the European GDPR, the Philippines Data Privacy Act and the Australian Privacy Act standards, among other regulations.
Standardize our response to client security questionnaires to accelerate the sales cycle.
4. Incident & Policy Management
Draft and implement core policies (Incident Response, Access Control, BCP/DR) that are practical, not just theoretical.
Oversee the selection and implementation of essential security tools (EDR, SIEM, Vulnerability Scanners) without over-complicating the stack.
5. Venture Portfolio Security & Advisory
Define a "Right-Sized" security framework for Arcanys Ventures’ portfolio companies, ensuring they have essential protections without stifling their growth or speed.
Assist the leadership team during the investment process by evaluating the technical security and data privacy risks of potential new ventures.
Act as a fractional advisor for our startups, helping their founders establish basic security policies, data privacy compliance (GDPR/DPA), and a "Security by Design" culture from day one.
- Department
- Cybersecurity
- Locations
- Cebu, Europe, Australia
- Remote status
- Fully Remote
- Employment type
- Part-time
Workplace, Culture & Diversity
Our people come first. We foster well-being, trust, and autonomy, working only on projects we believe in. Every challenge is tackled with the same dedication as if it were our own.
About Arcanys
Meet one of the happiest, most impactful software firms