Vice President-IT, Cyber, Risk and Compliance

Location: Remote with travelThe Vice President, IT

- Cybersecurity, Risk and Compliance develops the organization's cybersecurity strategy and investment plan aligned with the strategy, required capabilities and risk exposure and posture of the enterprise. This is a hands-on leader that enables and oversees the operational components in this space. Leader of experts and partners that ensure that the organization's technology landscape is secured through established guidelines, procedures, processes, partners and technologies. This individual holds expectations for the function's compliance with global, regional, and local regulations, dynamics and requirements in this space. This trusted role requires a great balance of technical expertise, strategic thinking, executive presence, cyber landscape awareness and business acumen.

Specific Responsibilities:

•Serves as a member of the Information Technology leadership team, contributing as a thought partner and representative of the function as the department interfaces with senior management and the C-Suite.

•​Provides leadership, coaching, and talent management of a global team to drive engagement, effective delivery, and associate development.

•Creates, implements, and manages the enterprise-wide and risk-based IT cyber security strategies consistent with overall corporate and IT strategic plans.

•Delivers return on investment-justified architectures/solutions enabling required compliance.

•Develops and maintains IT security policies, standards, and guidelines related to personnel, data, and technology assets.

•Proactively identifies and evaluates risks and is transparent in reporting findings that meet compliance and regulatory requirements.

•Defines, classifies, and identifies critical information assets, and performs assessments of threats and vulnerabilities regarding those. Implements safeguard recommendations for identified assets.

•Oversees the investigation of security breaches and policy violations, helping with disciplinary and legal matters as necessary.

•Takes ownership of the framework and risk analysis and assessment and acceptance processes to review new facilities, applications, or technology environments during the development or acquisitions process to ensure compliance with corporate security policies and directions.

•Supports, coaches, and consults for new business initiatives to ensure alignment and compliance of these projects/initiatives with the IT Security risk and control framework. Ensure adherence through auditing and review. Serves as a liaison between Internal Audit and IT for review of all audit reports and responses to ensure timeliness and the effectiveness of the corrective actions.

•Evangelizes and champions IT security programs across the business. using a variety of change management tools. Advises business leaders and technical personnel on the implementation of security programs in their respective areas. Provides on-going associate awareness and training programs.

•Serves as a liaison to the physical security department regarding overlapping information security issues, such as investigations, badge access, and associated issues pertaining to information technology. This may include background checks for security-sensitive positions and terminations due to policy non-compliance.

•Ensures that the function is the focal point for IT security incident response planning, execution, and awareness to ensure the proper level of executive visibility and that the crisis is managed properly both internally and externally. Leads and oversees cyber security incidents.

•Manages the cybersecurity budget. ​

Requirements:

• 10+ years of proven leadership of a global team in a diverse, multi-region, complex, cross-functional enterprise, with an emphasis on cyber security, risk, and compliance. Must possess depth of experience in infrastructure technology, systems development, audit, and risk management.

• Experience in a manufacturing environment is required.

• Bachelor's degree in information technology or related field required, with a preference towards a master's degree, ideally in business.

• Deep understanding of threat landscapes, risk management, incident response, and security architecture.

• Familiarity with industrial control systems (ICS), SCADA, and OT (Operational Technology) security.

Regulatory & Compliance Knowledge

• Expertise in global standards like NIST, ISO 27001, GDPR, and industry-specific regulations (e.g., CMMC, ITAR).

• Ability to align security practices with legal and compliance requirements across regions.

Risk Management & Governance

• Proficiency in enterprise risk frameworks and ability to quantify and communicate cyber risk to executives.

• Experience in building governance models that integrate IT and OT security.

Technology Integration

• Understanding of cloud security, IoT, AI/ML in cybersecurity, and secure software development practices.

• Ability to work with ERP systems (e.g., SAP), MES, and other manufacturing platforms securely.

Incident Response & Crisis Management

• Skilled in leading cross-functional teams during cyber incidents.

Cybersecurity Expertise

• Experience with tabletop exercises, forensics, and post-incident reviews.

Leadership Characteristics

Strategic Vision

• Ability to align cybersecurity initiatives with business goals and digital transformation strategies.

• Forward-thinking approach to emerging threats and technologies.

Influence & Communication

• Strong communicator who can translate technical risks into business language for the C-suite and board.

• Capable of building a security culture across diverse teams and geographies.

Collaboration & Stakeholder Engagement

• Works effectively with IT, OT, legal, HR, and external partners.

• Builds trust and credibility across the organization.

Adaptability & Resilience

• Navigates complex global environments and adapts to changing threat landscapes.

• Maintains composure and decisiveness under pressure.

Talent Development

• Invests in building and mentoring a high-performing cybersecurity team.

• Promotes diversity, innovation, and continuous learning.Applicants must be authorized to work in the US without requiring sponsorship now or in the future.​Rehlko hires candidates only in states where we have an established business presence. We do not hire candidates residing in the following states: AK, AR, DE, HI, ME, ND, NE, VT, WV, WY. Remote work opportunities are also unavailable for these locations.​