Director of Information Security
Srm Concrete
Leads SRM's enterprise cybersecurity strategy, governance, risk, and operations across hybrid clouds.
7 days ago ago
Expert & Leadership (13+ years)
Full Time
Smyrna, TN
Office Full-Time
Company Size
4,000 Employees
Service Specialisms
Ready Mix Concrete
Construction Services
Sector Specialisms
Commercial
Industrial
Energy
Infrastructure
Residential
Role
What you would be doing
security strategy
risk management
incident response
iam strategy
vulnerability management
security architecture
- Develop security strategies for operational technology (OT) and industrial IoT environments, including plant networks, weigh systems, and telemetry.
- Design and oversee the implementation of security controls across network, system, application, and cloud infrastructures (Azure, OCI, O365).
- Establish and oversee third-party and supply-chain risk management processes, ensuring that vendor systems and services meet SRMâs security and privacy requirements.
- Oversee enterprise security operations and incident response, leveraging SIEM, threat intelligence, and analytics to detect and mitigate risks, while leading disaster recovery planning, simulation exercises, periodic threat assessments and penetration testing, and post-incident reviews to strengthen organizational resilience.
- Partner with CIO and IT Leadership, along with Legal and HR teams to ensure adherence to evolving data privacy and regulatory requirements.
- The Director of Information Security is responsible for the full lifecycle of SRMâs cybersecurity program â from strategic planning and design through implementation, monitoring, and continuous improvement.
- Develop and manage enterprise-wide security awareness and training programs to promote a strong security culture.
- Oversee identity and access management (IAM) strategy, ensuring proper integration with Microsoft Entra ID (Azure AD), Active Directory, and role-based access controls, as well as other identity strategies to be evaluated and implemented.
- Manage risk assessments, vulnerability management, and remediation activities, prioritizing mitigation efforts based on business impact.
- Lead and mentor the information security team, fostering a culture of collaboration, accountability, and ongoing professional development.
- Coordinate audits and compliance efforts related to security, privacy, and data protection (SOX, PCI, GDPR, etc. as applicable).
- Establish and maintain cybersecurity policies, standards, and procedures in alignment with industry best practices (NIST, CIS, ISO 27001).
- Evaluate emerging threats and technologies, recommending appropriate security solutions and investments.
- Collaborate with IT leadership to integrate security into all technology projects, ensuring secure design, configuration, and deployment practices.
- Develop and execute SRMâs enterprise-wide information security strategy, roadmap, and governance framework, ensuring consistent control design, secure system integration, and architectural alignment with Zero Trust principles.
- Define and track risk metrics on key cybersecurity performance indicators (KPIs) including health, incidents, and strategic initiatives and provide executive reports to CIO and IT leadership regularly and C-suite as needed.
- Collaborate across IT disciplines (systems, networking, applications) to ensure end-to-end resilience, visibility, and alignment of security priorities with operational needs.
What you bring
nist
iso 27001
siem
zero trust
cissp
10+ years
- Knowledge of risk management frameworks such as NIST CSF, ISO 27001, and CIS Controls.
- Proven ability to develop, budget for, and manage information security projects ensuring strategic investment in technologies, tools, and personnel are implemented timely and with minimal service impact.
- Knowledge of data loss prevention (DLP), MFA, SIEM/SOAR, and endpoint detection and response (EDR) platforms.
- Proven experience implementing and managing security programs across hybrid (on-prem/cloud) infrastructures.
- 10+ years of progressive experience in IT and information security, including at least 5 years in a leadership or management role.
- Experience with industrial or operational technology (OT) environments is a plus.
- Excellent communication, leadership, and interpersonal skills; able to influence across technical and executive levels.
- Experience with Zero Trust architecture and cloud-native security solutions.
- Strong analytical and strategic thinking skills with the ability to translate complex security issues into business terms.
- Demonstrated success developing policy, governance, and compliance programs.
- Strong technical foundation in network, system, and cloud security, including firewalls, SIEM, endpoint protection, identity management, and incident response.
- Deep understanding of various security suites for endpoint management and security (Defender, Entra ID, Intune, SentinelOne, Avanon, Azure Security Center and similar).
- Experience leading incident response teams or managing security operations centers (SOC).
- Bachelorâs degree in Information Security, Computer Science, or related field (Masterâs preferred).
- Relevant certifications such as CISSP, CISM, CISA, or CRISC.
Information not given or found
Training + DevelopmentInformation not given or found
Interview process
Information not given or found
Visa SponsorshipInformation not given or found
Security clearanceInformation not given or found
Company
Overview
- Founded with a commitment to providing top-quality ready-mix concrete solutions.
- Serves a broad range of industries, focusing on timely and efficient delivery.
- Has grown to become a trusted partner for residential, commercial, and large-scale infrastructure projects.
- Invests in state-of-the-art equipment and fleet for consistent delivery performance.
- Specializes in projects requiring precision and flexibility, including challenging construction environments.
- Footprint spans multiple regions, with an emphasis on supporting long-term community growth.
- Portfolio includes small-scale residential developments to large municipal and industrial builds.
- Known for deep understanding of the concrete supply chain and ability to execute complex logistics with ease.
98% Safety Score
Employee Safety Standards
Achieved a 98% safety performance score through comprehensive safety programs and training initiatives.
95% Satisfaction
Customer Approval
Maintains a 95% customer satisfaction rate by focusing on high-quality products and responsive service.
3rd in Innovation
Tech Innovation Index
Ranked 3rd in the global Tech Innovation Index for the fifth consecutive year.
- Commitment to customer satisfaction
- Quality in all products and services
- Strong teamwork and respect for all employees
- Integrity and ethical business practices
- Accountability and responsibility in all operations
Net Zero by 2050
Carbon Emissions Target
Committed to reducing greenhouse gas emissions to achieve net zero by the year 2050.
- Committed to reducing environmental footprint through sustainable practices
- Uses environmentally-friendly materials and processes to minimize waste and energy consumption
- Optimizing delivery routes to reduce fuel consumption and emissions
- Recycling of returned concrete for future use
- Investing in electric fleet for sustainable operations
- Strives to foster an inclusive workplace with equal opportunities for all employees
- Focus on diversity in recruitment and talent development
- Dedicated initiatives to support women and minorities in the workforce
Articles
Kablio AIIf you're someone who helps build and power the world (or dreams to), Kablio AI is your pocket-sized recruiter that gets you hired.
Copyright Âİ 2025 Kablio