Cybersecurity Architect

Overview

Who Are We

AT ERMCO, we propel the world through energizing and empowering people. Our family works to keep your family powered. We confidently develop smart ideas without fear of failure and test, refine and scale them to become marketable products and services. We remain aligned on where and how we focus our efforts, when to shift and what to do next when great idea strikes. We're looking for THE BEST PEOPLE for our dedicated team. ERMCO offers top-of-the-line pay and benefits and job security with a company rich in history and alive with opportunity. Help us write our legacy, and we'll help you write yours!

Who Are You

The Cybersecurity Architect is essential in shaping and executing the organization’s cybersecurity strategy, architecture, and processes. This role focuses on ensuring that security solutions are aligned with business objectives, risk management strategies, and industry best practices. The Cybersecurity Architect will develop a robust cybersecurity framework across all environments, including on-premises and cloud infrastructure.

This role provides flexible work arrangements, including on-site, hybrid, or remote options. Candidates must be available to work on-site at our Dyersburg, TN office as needed, depending on project requirements.

Responsibilities

What Will You Do

Security Strategy & Architecture

- Develop and maintain a security architecture framework that integrates business, technology, and threat considerations.

- Design cybersecurity strategies and roadmaps based on enterprise architecture best practices.

- Establish and document cybersecurity configurations, standards, and procedures for systems, networks, and identity and access management (IAM).

- Define and implement security best practices for data encryption and network segmentation.

- Evaluate and document security requirements throughout the system development lifecycle.

- Conduct security assessments and risk management reviews to identify vulnerabilities and recommend mitigation strategies.

Security Assurance & Compliance

- Continuously monitor the cybersecurity landscape and recommend security enhancements.

- Validate IT infrastructure, security configurations, and security controls to ensure adherence to security best practices.

- Support security risk assessments, threat modeling, and penetration testing initiatives.

- Work closely with internal audit teams to evaluate the effectiveness of security controls.

- Ensure compliance with regulatory standards such as ISO 27001 and NIST CSF.

Collaboration & Stakeholder Engagement

- Act as a liaison between cybersecurity, IT, and business teams to align security strategies with business objectives.

- Collaborate with vendor management teams to assess third-party security risks.

- Engage with facility and operations teams to evaluate security risks in operational technology (OT) and Internet of Things (IoT) systems.

- Assist in business continuity planning and incident response strategies.

Qualifications

What Will You

Education & Certifications

- Bachelor’s in Computer Science, Information Systems, Cybersecurity, or a related field.

- Certifications: CISSP Certification Required, (CISM, CISA, or GIAC nice to have) or the ability to obtain the CISSP Certification within six months of employment

- Experience with security architecture frameworks such as Zachman, or TOGAF nice to have.

Technical Expertise

- Extensive experience in security infrastructure, including firewalls, IPS, WAF, SIEM, endpoint protection, and log management.

- Strong knowledge of cloud security (AWS, Azure, GCP) and hybrid environments.

- Hands-on experience with vulnerability management and threat modeling.

- Expertise in IAM solutions such as Active Directory, LDAP, AWS IAM, Okta, or Azure AD.

- Familiarity with IT service management (ITIL), including change, configuration, asset, and incident management.

Business & Analytical Skills

- Ability to translate complex security issues into business-friendly language.

- Experience in security budgeting, cost analysis, and ROI assessments for security investments.

- Strong project management skills for security initiatives and technology deployments.

Key Competencies

- Strategic Thinking: Ability to assess evolving threats and align security initiatives with business objectives.

- Problem-Solving: Strong analytical skills to assess security risks and propose effective solutions.

- Communication & Leadership: Ability to engage with technical and non-technical stakeholders and provide security guidance.

- Adaptability: Ability to thrive in a fast-paced environment with evolving cybersecurity challenges.

- Continuous Learning: Commitment to staying current with cybersecurity trends, technologies, and best practices.