Position Summary:The Director of Information Technology will lead Nth Cycle's IT strategy, infrastructure, cybersecurity, and systems operations across corporate and plant environments. This role is responsible for building a scalable, secure, and compliant technology foundation - including SOX IT general controls, enterprise systems (ERP, HRIS, financial reporting tools), data governance, and the convergence of information technology (IT) and operational technology (OT) within Nth Cycle's refining and manufacturing facilities. The Director will serve as a key partner to Finance, Legal, Operations, and Engineering leadership, and will report regularly on IT risk, security posture, and systems performance to senior leadership and as needed, the Audit Committee.
Key Responsibilities:IT Strategy & Leadership:- Develop and execute an enterprise IT roadmap aligned with Nth Cycle's growth plan, company reporting requirements, and operational needs across corporate and plant sites.
- Build and lead an internal IT team, supplemented by managed service providers and contractors as appropriate for the company's current scale.
- Own the IT budget, vendor contracts, and technology capital planning, ensuring cost-effective and scalable solutions.
- Partner with Finance, Legal, HR, and Operations leadership to align technology investments with business priorities.
Company Compliance & Controls:- Design, implement, and maintain IT General Controls (ITGCs) required for Sarbanes-Oxley (SOX) compliance, working closely with the external auditor and internal finance team.
- Ensure systems supporting financial reporting (ERP, consolidation tools, access management) meet SOX control requirements, including change management, access provisioning/de-provisioning, and segregation of duties.
- Support quarterly and annual reporting cycles by ensuring system availability, data integrity, and control evidence are audit-ready.
- Maintain documentation of IT policies, disaster recovery/business continuity plans, and control frameworks suitable for company governance standards.
Cybersecurity & Risk Management:- Own the company's cybersecurity program, including endpoint protection, network security, identity and access management, and incident response planning.
- Assess and mitigate risk across both corporate IT systems and industrial control/OT environments at refining and recycling facilities.
- Establish security monitoring, vulnerability management, and third-party risk assessment processes appropriate for a company handling sensitive financial, operational, and employee data.
- Lead incident response and breach notification protocols, including coordination with Legal and executive leadership.
Enterprise Systems & Infrastructure:- Own selection, implementation, and administration of core enterprise systems, including ERP, HRIS, procurement, and collaboration platforms.
- Oversee network, server, cloud, and end-user computing infrastructure across corporate offices and industrial sites.
- Manage IT/OT convergence initiatives, ensuring plant floor systems (SCADA, historians, automation platforms) are appropriately integrated and secured without disrupting production.
- Establish data governance standards, including data retention, backup, and recovery practices across the organization.
Team & Vendor Management:- Hire, develop, and manage IT staff and/or oversee outsourced IT service providers.
- Negotiate and manage vendor and software licensing agreements, ensuring favorable terms and appropriate risk allocation.
- Provide responsive IT support and training to end users across all levels of the organization.
Qualifications:Required:- Bachelor's degree in Information Technology, Computer Science, Engineering, or a related field (or equivalent experience).
- 10+ years of progressive IT leadership experience, including at least 3-5 years in a director-level or equivalent role.
- Direct experience with SOX ITGC requirements and working with external auditors.
- Demonstrated experience implementing and managing enterprise systems (ERP, HRIS, financial systems) in a growing or scaling organization.
- Strong cybersecurity fundamentals, including experience building or maturing a security program.
- Excellent communication skills, with the ability to translate technical risks and strategy for non-technical executives and board-level audiences.
Salary range: $170 - $200K