ERP Security & Compliance Lead

ERP Security & Compliance Lead

Who Are We

Electric Research and Manufacturing Cooperative, Inc. (ERMCO) is the leading manufacturer of distribution transformers and engineered electrical solutions, serving electric utilities, Original Equipment Manufacturers (OEMs), and industrial customers across North America. Headquartered in Dyersburg, Tennessee, ERMCO delivers reliable, high-quality products that power homes, businesses, and communities across North America.

With a commitment to safety, operational excellence, and continuous improvement, ERMCO is at the forefront of supporting grid modernization and energy transition. Our vertically integrated operations, customer-focused culture, and investment in people and technology make ERMCO the Most Valued Partner for delivering resilient, sustainable power infrastructure for the future.

Who Are You

The ERP Security & Compliance Lead plays a pivotal role in protecting the integrity, confidentiality, and availability of the organization’s ERP systems—particularly Infor LN—and broader IT environment. This position not only safeguards business systems and ensures regulatory compliance but also serves as a strategic leader in the creation and maturation of a comprehensive internal GRC function.

The ERP Security & Compliance Lead will be responsible for building and evolving internal processes, leading cross-functional efforts, and supporting the development of a scalable security and compliance framework. This role also provides an opportunity to lay the foundation for a dedicated internal team and will be instrumental in shaping ERMCO’s long-term GRC roadmap.

*This position is remote in the following states: FL, GA, IL, KS, NC, NE, SC, SD, TN, TX, WI, WY

What Will You Do

Governance and Compliance:

• Conduct regular audits of ERP access, security controls, and processes to ensure adherence to internal and regulatory compliance.
• Develop, implement, and manage IT governance and compliance frameworks aligned with industry standards (e.g., ISO 27001, NIST, SOC 2, GDPR).
• Monitor and report on compliance with internal policies, regulatory requirements, and contractual obligations.
• Support the creation of a scalable governance function by documenting frameworks and mentoring future GRC team members.

Strategic Function Development:

• Partner with leadership to define the vision and roadmap for GRC initiatives across the enterprise.
• Design and implement internal processes, metrics, and reporting systems to support a growing compliance and security infrastructure.
• Lead or support the establishment of an internal GRC/security team, helping to onboard, train, and mentor new personnel as the function evolves.

Risk Management:

• Identify, assess, and mitigate risks related to ERP and IT operations, including data security, system vulnerabilities, and third-party integrations.
• Manage the IT risk register and partner with business functions (Finance, HR, etc.) to ensure risks are proactively mitigated.
• Facilitate cross-functional risk assessments and implement strategies aligned with enterprise risk management goals.

Security Monitoring and Response:

• Manage ERP security, including configuring Infor LN and Factory Track roles, user assignments, and access provisioning.
• Monitor IT infrastructure and ERP environments for security threats, unauthorized access, and potential breaches.
• Enforce user access controls, role-based permissions, and MFA protocols.
• Collaborate with IT to lead root cause investigations and apply lessons learned to prevent recurrence.

Policy Development and Training:

• Develop and maintain policies, standards, and procedures to ensure the confidentiality and integrity of business systems and data.
• Deliver training programs that promote awareness of IT policies and security best practices.
• Track emerging risks and ensure policies adapt to new threats, technologies, and regulations.

Collaboration and Support:

• Act as a liaison between IT, ERP support, and business stakeholders to balance operational needs with security requirements.
• Support acquisition integrations through risk assessments and onboarding into the enterprise compliance framework.
• Prepare documentation and evidence for internal and external audits and regulatory reviews.

What Will You Need

• Bachelor’s degree in Cybersecurity, Information Technology, or a related field.
• 7+ years of experience in ERP, IT security, GRC, or risk management (manufacturing environment preferred).
• Strong knowledge of ERP security (preferably Infor LN).
• Familiarity with industry frameworks such as ISO 27001, NIST CSF, or SOC 2.
• Hands-on experience with access controls, risk registers, and audit support.
• Strong communication, stakeholder engagement, and problem-solving skills.
• Certifications such as CISA, CISM, or CISSP are highly desirable.

Preferred Skills:

• Experience in establishing and leading internal control and segregation of duties processes.
• Familiarity with automation and middleware connecting ERP platforms.
• Experience securing SaaS and hybrid environments.
• Background in user access reviews and role-based permission structures.
• Demonstrated ability to lead cross-functional teams or projects.

Let’s Build the Future Together
At ERMCO, your ideas matter, your growth is supported, and your impact is real. If you're ready to take the next step in your career and help us drive innovation in manufacturing, we’d love to hear from you. Join ERMCO and TRANSFORM your career!