ERP Security & Compliance Lead

ERP Security & Compliance Lead

Who Are We

At ERMCO, we energize the world by empowering people. Our team keeps your lights on and your future bright. We welcome innovation, test ideas fearlessly, and turn them into scalable, market-ready solutions. We're driven by purpose, aligned in our goals, and agile in the face of change. If you're ready to be part of a company with a strong legacy and even stronger vision, we’re ready to meet you. Join a team where your career can truly TRANSFORM.

Who Are You

The ERP Security & Compliance Lead plays a pivotal role in protecting the integrity, confidentiality, and availability of the organization’s ERP systems—particularly Infor LN—and broader IT environment. This position not only safeguards business systems and ensures regulatory compliance but also serves as a strategic leader in the creation and maturation of a comprehensive internal GRC function.

The ERP Security & Compliance Lead will be responsible for building and evolving internal processes, leading cross-functional efforts, and supporting the development of a scalable security and compliance framework. This role also provides an opportunity to lay the foundation for a dedicated internal team and will be instrumental in shaping ERMCO’s long-term GRC roadmap.

What Will You Do

Governance and Compliance:

• Conduct regular audits of ERP access, security controls, and processes to ensure adherence to internal and regulatory compliance.
• Develop, implement, and manage IT governance and compliance frameworks aligned with industry standards (e.g., ISO 27001, NIST, SOC 2, GDPR).
• Monitor and report on compliance with internal policies, regulatory requirements, and contractual obligations.
• Support the creation of a scalable governance function by documenting frameworks and mentoring future GRC team members.

Strategic Function Development:

• Partner with leadership to define the vision and roadmap for GRC initiatives across the enterprise.
• Design and implement internal processes, metrics, and reporting systems to support a growing compliance and security infrastructure.
• Lead or support the establishment of an internal GRC/security team, helping to onboard, train, and mentor new personnel as the function evolves.

Risk Management:

• Identify, assess, and mitigate risks related to ERP and IT operations, including data security, system vulnerabilities, and third-party integrations.
• Manage the IT risk register and partner with business functions (Finance, HR, etc.) to ensure risks are proactively mitigated.
• Facilitate cross-functional risk assessments and implement strategies aligned with enterprise risk management goals.

Security Monitoring and Response:

• Manage ERP security, including configuring Infor LN and Factory Track roles, user assignments, and access provisioning.
• Monitor IT infrastructure and ERP environments for security threats, unauthorized access, and potential breaches.
• Enforce user access controls, role-based permissions, and MFA protocols.
• Collaborate with IT to lead root cause investigations and apply lessons learned to prevent recurrence.

Policy Development and Training:

• Develop and maintain policies, standards, and procedures to ensure the confidentiality and integrity of business systems and data.
• Deliver training programs that promote awareness of IT policies and security best practices.
• Track emerging risks and ensure policies adapt to new threats, technologies, and regulations.

Collaboration and Support:

• Act as a liaison between IT, ERP support, and business stakeholders to balance operational needs with security requirements.
• Support acquisition integrations through risk assessments and onboarding into the enterprise compliance framework.
• Prepare documentation and evidence for internal and external audits and regulatory reviews.

What Will You Need

• Bachelor’s degree in Cybersecurity, Information Technology, or a related field.
• 7+ years of experience in ERP, IT security, GRC, or risk management (manufacturing environment preferred).
• Strong knowledge of ERP security (preferably Infor LN).
• Familiarity with industry frameworks such as ISO 27001, NIST CSF, or SOC 2.
• Hands-on experience with access controls, risk registers, and audit support.
• Strong communication, stakeholder engagement, and problem-solving skills.
• Certifications such as CISA, CISM, or CISSP are highly desirable.

Preferred Skills:

• Experience in establishing and leading internal control and segregation of duties processes.
• Familiarity with automation and middleware connecting ERP platforms.
• Experience securing SaaS and hybrid environments.
• Background in user access reviews and role-based permission structures.
• Demonstrated ability to lead cross-functional teams or projects.

Let’s Build the Future Together
At ERMCO, your ideas matter, your growth is supported, and your impact is real. If you're ready to take the next step in your career and help us drive innovation in manufacturing, we’d love to hear from you