Chief Information Officer
Role details
Job location
Tech stack
Job description
Reporting directly to the COO, the CIO is ARC's senior technology executive and a strategic peer to the VP of Engineering. This is a governance, security, and infrastructure leadership role-responsible for how ARC's technology systems, information security, and data strategy are built and scaled.
The CIO owns the information technology and security engine of the business. Internally, that means building the governance frameworks, security programs, and vendor strategies that allow ARC to grow with confidence and discipline. Externally, it means ensuring ARC can meet the security and compliance expectations of the world's largest enterprises-consistently, and at scale.
This is a builder and a strategist role. The right leader defines the technology roadmap, operates ahead of risk, and drives AI adoption across the organization-while maintaining the guardrails that protect ARC and its clients.
Responsibilities
Technology Strategy & Roadmap
- Define and maintain a 12-18 month technology roadmap; present quarterly to executive leadership and update as business priorities evolve.
- Evaluate and approve adoption of new tooling and platforms; govern the technology stack to prevent sprawl and ensure cost optimization.
- Sponsor and drive company-wide AI adoption strategy, including agentic AI tools for operational teams; define target tools and decommission unused ones.
- Partner with the VP of Engineering as a strategic peer, collaborating on technology direction while owning distinct domains: information security, data governance, IT operations, and vendor management
Information Security
- Own and annually update the company's Information Security Program, including: Information Security Policy, Acceptable Use Policy, Vulnerability Management Plan, SDLC Policy, Incident Management Plan, and Disaster Recovery Plan.
- Lead periodic tabletop exercises for Business Continuity, Incident Management, and Disaster Recovery; maintain and test RTO/RPO targets.
- Complete Information Security Assessments for prospective enterprise clients; serve as primary security contact during client procurement and due diligence reviews.
- Establish the governance, risk management, and security guardrails within which the broader technology organization operates.
Data Governance
- Define and own ARC's data governance framework: data classification, retention policies, access controls, and PII handling standards for data received from enterprise clients.
- Drive systems decisions that improve data visibility and support performance management across the business.
- Ensure ARC's data infrastructure can support enterprise client compliance and audit requirements.
Vendor Management
- Manage strategic vendor relationships (including Google Cloud, Atlassian, Cumulus Global, Kettle River, New Relic, GitLab, Peplink/InControl, Via Technology); negotiate contracts, manage SLAs, and conduct semi-annual performance reviews.
- Own and manage the annual IT budget: develop the plan, present to leadership, and maintain accountability to monthly actuals vs. forecast.
- Drive cost optimization across the technology vendor portfolio.
Team Leadership
- Lead and develop direct reports, including the IT & Network Operations Manager (future hire); set clear expectations, conduct regular 1:1s, and deliver performance reviews.
- Build scalable team structures and operating discipline within the IT and security organization.
- Serve as executive technology representative to enterprise clients, the board, and investors as needed.
Success Measures
- Technology roadmap is current, sequenced, and tied to business priorities; executive team has clear visibility into investment and progress
- Information Security Program is complete, current, and audit-ready; zero critical gaps in policy coverage
- ARC passes enterprise client InfoSec assessments and security questionnaires with confidence and speed
- AI adoption strategy is active and measurable; operational teams are using defined tools with clear outcomes
- Data governance framework is in place and enforced; PII handling and access controls meet enterprise client standards
- Vendor portfolio is optimized; SLAs are managed, contracts are current, and costs are tracked against plan
- IT budget is built with rigor and managed to forecast; no material surprises
- Security incidents are detected early and managed to defined RTO/RPO targets; tabletop exercises completed on schedule
Direct Reports
- IT & Network Operations Manager (future hire)
- Security Operations Team
Requirements
Do you have experience in Vendor relationship management?, Do you have a Bachelor's degree?, * Bachelor's degree in Information Technology, Computer Science, or a related field (or equivalent professional experience)
- Advanced degree such as an MBA, MS, or Master's in IT Management or Engineering a plus
- 10+ years of progressive IT leadership experience, with at least 3 years in a Director, VP, or CIO-level role
- Demonstrated experience building and leading technology teams, including managing direct reports and developing high-performing technologists
- Proven track record owning IT budgets, managing vendor contracts, and driving cost optimization across a technology portfolio
- Hands-on experience owning information security programs using compliance frameworks such as PCI-DSS, SOC 2, ISO-27001, or equivalent
- Experience with enterprise data integration architecture: REST APIs, SFTP, SAML/SSO, Active Directory, and cloud-based data pipelines
- Working knowledge of SaaS platform architecture, IoT/connected device systems, and enterprise network infrastructure
- Strong executive communication skills-able to translate technical complexity into clear business terms for boards, enterprise clients, and non-technical leaders
- Demonstrated background in AI technology adoption-candidates must show evidence of active, hands-on engagement with AI tools and strategy in prior roles, * Experience as a CIO or senior IT leader at a Series A-C SaaS or IoT company (50-300 employees), ideally in retail tech, workforce management, or device-as-a-service
- PCI DSS 4.0.1 program ownership experience
- Background supporting enterprise client InfoSec assessments and security questionnaires (e.g., for Fortune 500 procurement reviews)
- Demonstrated background in AI/ML tool adoption strategy and operationalizing AI for internal teams
- Relevant certifications: CISSP, CISM, PMP, or equivalent
- Proven experience operating in fast-growth, founder-led environments
- Comfort operating in a lean, dynamic environment where structure is still being built
Qualifications for All Team Members
You think several steps ahead. You are relentless, strategic, and a long-term thinker. You believe the details are important and so you get them right. You are a fast learner. You care about getting to the best outcome, and do not focus on being right or wrong.
Benefits & conditions
Pulled from the full job description
- Health insurance
- 401(k) matching
- Paid time off
- Vision insurance
- Dental insurance
- Flexible spending account, * Health, dental and vision insurance
- Healthcare FSA
- 401(k) plan with matching company contributions
- Executive compensation includes meaningful long-term incentive
- Paid time off
- Hybrid work environment
Why Join Us
We're building something ambitious and doing it with collaboration, conviction, and purpose. The team gels in a way that is special. Our alchemy is rooted in realness, curiosity, appreciation for each other's differences, celebration of each other's strengths, and a trust that fosters open feedback when we see an opportunity to do something better.
If our mission and values resonate with you, we'd love to hear how you'd like to contribute and be part of the journey.