virtual Chief Information Security Officer (vCISO)GXA • San Fernando, Pampanga, Philippines

virtual Chief Information Security Officer (vCISO)

GXA • San Fernando, Pampanga, Philippines

3 hours ago

Job description

The Virtual Chief Information Security Officer (vCISO) plays a critical role in providing strategic cybersecurity leadership and guidance to several of our small and medium-sized business (SMB) clients. This role involves delivering on-demand CISO services tailored to the unique needs of each client, ensuring the effective management of information security risks and compliance requirements. The vCISO collaborates closely with client executives, offering expert insights to protect information assets, enhance security posture, and maintain regulatory compliance.

The vCISO will oversee a comprehensive information security program, including :

Information Security Leadership
Risk Management
Security Governance
Compliance Alignment
Security Monitoring and Reporting
Security Architecture and Technology
Incident Response and Management
Vendor Risk Management
Security Awareness and Training

The ideal candidate must have a robust technical background, extensive experience in security and compliance, exceptional customer-facing skills, and an executive presence that inspires confidence. This role requires strategic vision, leadership, and excellent communication skills to effectively guide SMB clients in establishing and maintaining a secure digital environment.

Key Responsibilities :

1. Strategic Information Security Leadership :

Develop a deep understanding of each client's business environment, compliance requirements, and cybersecurity challenges.

Collaborate with client executives to design and implement comprehensive cybersecurity programs aligned with business objectives.

Establish trusted advisor relationships with client leadership to enhance governance, risk management, and compliance initiatives.

Proactively anticipate emerging security and compliance challenges, providing strategic guidance to mitigate potential risks.

2. Risk Management and Compliance :

Effectively manage IT risks to align with business goals and reduce risk exposure.

Assist clients in achieving and maintaining compliance with relevant frameworks, including ISO27001, SOC2 Type2, CMMC, HIPAA, PCI, GDPR, and other industry standards.

Conduct security assessments and deliver detailed presentations of findings and recommendations.

Facilitate annual security ceremonies, including risk assessments, tabletop exercises, and third-party audits.

3. Security Architecture and Technology Oversight :

Provide strategic security guidance and leadership to internal GXA IT teams and client IT teams.

Ensure the implementation of effective security controls aligned with the client’s security program.

Conduct research to identify security enhancements and provide informed recommendations to clients.

Stay up-to-date with emerging information technology trends and evolving security standards.

4. Incident Response and Cybersecurity Management :

Develop and implement effective incident response plans to minimize the impact of security breaches.

Prepare and lead Information Security Review meetings to communicate risks, incidents, and mitigation strategies.

Provide guidance during security incidents, ensuring a coordinated response to minimize impact and recovery time.

5. Vendor Risk Management and Data Protection :

Collaborate with clients to manage and assess the security risks associated with third-party vendors and suppliers.

Assist clients in identifying and safeguarding sensitive data, ensuring data privacy through encryption, access controls, and data loss prevention measures.

6. Security Awareness and Training :

Promote a culture of security awareness among client employees to minimize human error and social engineering risks.

Design and implement security training programs tailored to each client's needs.

7. Client Relationship Management :

Build and maintain strong client relationships through regular meetings, strategic engagements, and transparent communication.

Inspire clients by showcasing the value of effective information security in reducing cyber risks and enhancing business resilience.

Foster a positive client experience by being engaged, energetic, and solution-oriented.

Results and Key Accountabilities :

Effective Risk Management : Ensure that clients’ information security risks are identified, assessed, and mitigated effectively.

Enhanced Security Posture : Improve clients' overall security posture through the implementation of robust security controls, policies, and procedures.

Compliance Adherence : Guide clients in complying with relevant regulations and industry standards, including GDPR, HIPAA, ISO 27001, and NIST.

Cybersecurity Incident Response : Develop and implement incident response plans to minimize the impact of security incidents and breaches.

Security Awareness : Promote a culture of security awareness to reduce risks associated with human error and social engineering.

Vendor Risk Management : Assess and manage security risks related to third-party vendors and suppliers.

Data Protection : Help clients safeguard sensitive data with appropriate security measures, including encryption and access controls.

Client Relationship Building : Engage with clients regularly to build and maintain strong business relationships.

Operational Excellence : Maintain high standards of discipline, excellence, and diligence to deliver consistent results.

Client Engagement and Inspiration : Inspire clients to see the potential of InfoSec in reducing cyber risks and achieving business objectives.

Relevant certifications such as CISSP, CISM, CISA, or CCISO are highly desirable.

Prior MSP or MSSP in similar role or experience overseeing multiple clients is required.

Strong IT background and skills.

Exceptional communication abilities and executive presence are essential.

Possessing a bachelor's degree in computer science is a desirable qualification.

Exhibiting high levels of energy and a determined drive is imperative.

Capable of handling multiple tasks and adept at adapting swiftly to changing circumstances.

Self-motivated and able to excel in a fast-paced working environment.

7+ years of experience in information security leadership, with a focus on governance, risk management, and compliance.

Proven experience as a CISO, vCISO, or in a senior cybersecurity leadership role.

Strong knowledge of security frameworks and compliance standards, including ISO27001, SOC2, NIST, GDPR, and HIPAA.

Expertise in risk management, incident response, security architecture, and vendor risk management.

Advanced proficiency in cybersecurity tools, technologies, and best practices.

Exceptional communication, leadership, and client relationship management skills.

#J-18808-Ljbffr

Create a job alert for this search

Chief Information Officer • San Fernando, Pampanga, Philippines

Related jobs

Sales Officer (Subic)

HRTX • Subic, Zambales, Philippines

The Sales Executive is responsible for developing and executing individual sales action plans that align with the overall sales strategy, ensuring a targeted and effective approach to drive busines...Show more

Last updated: 30+ days ago • Promoted

Head of Security - Dragonfly Portfolio

P2P • Valenzuela, Metro Manila, Philippines

Head of Security - Dragonfly Portfolio.Portfolio • Remote • Full-time.Dragonfly is a crypto-native venture capital and research firm with $2B+ in assets under management and 160+ portfolio companie...Show more

Last updated: 3 hours ago • Promoted • New!

Remote vCISO for SMBs : Strategy & Compliance

GXA • Manila, Metro Manila, Philippines

A leading cybersecurity consulting firm in the Philippines is seeking a virtual Chief Information Security Officer (vCISO). The ideal candidate will provide strategic cybersecurity leadership and gu...Show more

Last updated: 9 hours ago • Promoted • New!

Store Supervisor / Assistant Supervisor - SICC San IldefonsoBulacan (SIDB)

MR DIY Philippines • San Ildefonso, Bulacan, Philippines

Bachelor's / College Degree in any field.Required language(s) : Filipino, English.Year(s) of working experience in Retail Industry. Required Skill(s) : Excellent Organizational Skills, Leadership and Co...Show more

Last updated: 30+ days ago • Promoted

Store Cashier - SICC San Ildefonso Bulacan (SIDB)

MR DIY Philippines • San Ildefonso, Bulacan, Philippines

Candidate must possess bachelor’s degree (on Business course or any 4 year course).Has sufficient background in cashiering, preferably with POS experience. Has the ability to provide quality custome...Show more

Last updated: 30+ days ago • Promoted

Deputy Chief Risk Officer

HR TechX Corp. • Makati, Metro Manila, Philippines

Location : Makati, On-site (Morning Shift).Base pay range : 180,000 - 200,000.The Deputy Chief Risk Officer is responsible for leading the development, implementation, and continuous improvement of t...Show more

Last updated: 30+ days ago • Promoted

Quality Specialist - Service Desk (Clark) | Onsite

TASQ Staffing Solutions • Angeles, Pampanga, Philippines

Conduct process audits, deploy designed processes, analyze and report performance on quality.Conduct RCAs on transaction monitoring to create action plans to reduce errors and improve service deliv...Show more

Last updated: 30+ days ago • Promoted

Revenue Officer

Resourcestaff • Central Luzon, Philippines

RSS is seeking for an experienced Revenue Officer to join our established team.In this role, the successful candidate will be required to work closely with clients and stakeholders.This role is bas...Show more

Last updated: 30+ days ago • Promoted

Store Cashier - NE Pacific Mall (NEPA)

MR DIY Philippines • Cabanatuan City, Nueva Ecija, Philippines

Last updated: 30+ days ago • Promoted

Head of Security, Blockchain & Crypto Risk (Remote)

P2P • Cainta, Rizal, Philippines

A leading security firm is seeking a Head of Security to oversee cybersecurity and operational risk management.This remote role requires 10+ years of experience in security leadership, with experti...Show more

Last updated: 3 hours ago • Promoted • New!

Chief Technology Officer

Permhunt • Manila, Metro Manila, Philippines

Our client is a multinational with a 24 / 7 operations center supporting emergency response across the country.They are hiring a CIO / CTO to own technology strategy and day-to-day mission-critical ope...Show more

Last updated: 30+ days ago • Promoted

Remote Head of Security — DevSecOps & Cloud Risk Leader

EXUS • Makati, Metro Manila, Philippines

A global enterprise software company is seeking a Head of Security to drive cloud security strategies and lead a security team to enhance managed services. This full-time, remote role demands expert...Show more

Last updated: 2 days ago • Promoted

Chief Information Officer (CIO)

Michael Page • Makati, Metro Manila, Philippines

Lead transformative technology initiatives for a fast-growing multi‑brand group.Direct impact on innovation and business growth. A rapidly expanding multi‑brand group in retail, medical, hospitality...Show more

Last updated: 3 days ago • Promoted

Chief Technology Officer

Lewis Personnel Management • Mabalacat, Pampanga, Philippines

We are seeking an experienced CTO to lead the design, development, and evolution of our core technology platforms.This is a senior leadership role ideal for someone who thrives in a fast-growing, t...Show more

Last updated: 2 days ago • Promoted

Head of Security (Fully Remote)

EXUS • Valenzuela, Metro Manila, Philippines

Be among the first 25 applicants.Get AI-powered advice on this job and more exclusive features.EXUS launched its Financial Suite (EFS) in 2003 with the aim to support financial entities worldwide t...Show more

Last updated: 30+ days ago • Promoted