Director, Cybersecurity & Risk

Overview Director, Cybersecurity & Risk Who We Are Electric Research and Manufacturing Cooperative, Inc. (ERMCO) is the leading manufacturer of distribution transformers and engineered electrical solutions, serving electric utilities, Original Equipment Manufacturers (OEMs), and industrial customers across North America. Headquartered in Dyersburg, Tennessee, ERMCO delivers reliable, high-quality products that power homes, businesses, and communities across North America. With a commitment to safety, operational excellence, and continuous improvement, ERMCO is at the forefront of supporting grid modernization and energy transition. Our vertically integrated operations, customer-focused culture, and investment in people and technology make ERMCO the Most Valued Partner for delivering resilient, sustainable power infrastructure for the future. Who Are YouThe Director, Cybersecurity & Risk leads the organization’s cybersecurity and risk management programs, ensuring alignment with business priorities and regulatory requirements. This role manages internal and vendor cybersecurity teams, drives enterprise-wide governance and risk frameworks, and supports the development of a resilient security posture across IT and operational (OT) environments. The Director collaborates with senior leadership to integrate security into business processes, oversee risk mitigation strategies, and guide technology investments that enhance detection, prevention, and response capabilities. This role is critical to safeguarding ERMCO’s operational continuity, protecting intellectual property, and enabling secure growth across digital and physical domains. • This position is remote in the following states: FL, GA, IL, KS, NC, NE, SD, TN, TX, WI, WY. Responsibilities What Will You Do Security Program Leadership • Lead the implementation and continuous improvement of enterprise cybersecurity and risk programs. • Develop and enforce security policies, standards, and governance processes to manage organizational risk. • Oversee Governance, Risk, and Compliance (GRC) programs, including audits, assessments, and exception management. • Ensure compliance with relevant frameworks (NIST, ISO 27001, SOX, GDPR) and industry standards. Enterprise Risk & Threat Management • Conduct enterprise-wide risk assessments and threat analysis, prioritizing risks and defining mitigation strategies. • Build and maintain threat intelligence capabilities to anticipate emerging threats. • Develop incident response and crisis management plans for high-severity events. • Define metrics and reporting processes to keep the CIO and senior leadership informed of risk posture. Security Architecture & Technology Oversight • Guide evaluation and deployment of cybersecurity technologies (SIEM, EDR, XDR, CSPM, SOAR, DLP, IAM). • Support development of security architecture, including Zero Trust principles and cloud security strategies. • Optimize tools, processes, and teams to meet evolving threats and business requirements. • Ensure security architecture supports both IT and OT environments, including SCADA and industrial control systems Leadership & Collaboration • Manage cybersecurity teams, both internal and vendor-based, ensuring delivery on program objectives. • Advise business units and leadership on security risks and recommendations. • Lead awareness and training programs to cultivate a security-conscious culture. • Collaborate with external partners, regulatory bodies, and industry groups to stay ahead of cybersecurity trends. Qualifications What Will You Need • Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or related field. • 10–12+ years in cybersecurity or IT security, with 5+ years in leadership roles. • Experience managing cross-functional cybersecurity teams and vendor relationships. • Deep knowledge of cybersecurity frameworks, risk management, and emerging threat landscapes. • Strong experience with advanced security architectures, such as Zero Trust or SABSA. • Relevant certifications preferred (CISSP, CISM, or equivalent). • Excellent communication skills, with ability to translate cyber risks into business implications for executive leadership. • Experience in manufacturing or industrial environments a plus, including OT security and supply chain risk. Preferred Qualifications: • Master’s degree in Cybersecurity, Information Systems, or Business Administration. • Experience leading cybersecurity programs in mid-to-large enterprises ($500M+), preferably in manufacturing or industrial sectors. • Demonstrated success in building security programs that scale across multiple sites, geographies, and business units. • Familiarity with IT/OT convergence strategies and securing industrial control systems. • Experience engaging with executive leadership and boards on enterprise risk and cybersecurity strategy. Core Competencies • Integrity & Ethics – Acts with transparency, fairness, and accountability; safeguards sensitive data and organizational trust. • Confidence & Courage – Challenges assumptions, makes tough calls, and provides clear guidance even in high-pressure situations. • Thought Leadership – Anticipates emerging cyber and risk trends, shapes strategy, and positions ERMCO as a security leader. • Decision Strength – Evaluates complex risks and trade-offs, prioritizes effectively, and makes timely, sound decisions. • Versatility – Adapts across diverse environments (IT, OT, supply chain, regulatory), shifting seamlessly between strategy and execution. Let’s Build the Future Together At ERMCO, your ideas matter, your growth is supported, and your impact is real. If you are ready to take the next step in your career and help us drive innovation in manufacturing, we would love to hear from you. Join ERMCO and TRANSFORM your career! Apply tot his job