Director, IT Infrastructure & Security

The Director, IT Infrastructure & Security is responsible for the design, security, and day-to-day reliability of enterprise network and infrastructure across Torchy's Support Center and restaurant environments nationwide. This role owns the architecture and governance of our network, cloud platforms, and identity systems, while also leading the company's security compliance across frameworks like PCI-DSS and SOX. It's a hands-on leadership role that requires both big-picture thinking and the ability to dig in when it matters most., * Network Architecture & Strategy - You will lead the planning, design, and ongoing optimization of enterprise network infrastructure across corporate and restaurant environments, establishing standards, governance processes, and best practices for network design and operational excellence.

• Security Architecture - You will oversee enterprise firewall architecture, security policies, VPN connectivity, network segmentation, and access controls to protect Torchy's systems and data.
• Cloud Infrastructure - You will direct cloud infrastructure strategy and operations across Microsoft Azure, Office 365, and SaaS platforms, ensuring reliability, scalability, and security.
• Team Leadership & Development - You will lead, coach, and develop a team of IT professionals, fostering a culture of accountability, continuous learning, and collaboration.
• Identity & Access Management - You will manage Microsoft identity environments including Active Directory, Azure AD, ADFS, MFA, PKI, and hybrid identity services to ensure appropriate access controls are in place across the organization.
• PCI-DSS Compliance - You will manage the annual PCI-DSS assessment engagement with external vendors, facilitate quarterly and annual penetration testing and vulnerability scanning, and maintain a complete repository of compliance artifacts and correspondence.
• Security Policy & Governance - You will ensure the creation, validation, and execution of information security policies, standards, and procedures using the NIST CSF Framework as a guide, with appropriate governance to drive adoption at all levels.
• IT General Controls & Audit - You will manage IT General Controls for Digital and Enterprise IT, coordinating all responses to internal and external audit inquiries related to technology services, platforms, and projects, including annual reviews of controls, narratives, and process flows.
• Risk & Vulnerability Management - You will evaluate exposure to security risks and threats, recommend appropriate mitigation strategies, and coordinate PCI vulnerability scanning and analysis of internal and external systems.
• Vendor & Telecom Management - You will manage relationships with telecommunications and technology vendors - including AT&T, Spectrum, Verizon, and others - to ensure service levels meet Torchy's operational needs.
• Incident Response & Escalation - You will lead network troubleshooting and incident response efforts, including advanced packet capture analysis and root cause remediation, and provide leadership for after-hours escalation support when critical incidents arise.
• Technology Budget & Assets - You will oversee the technology budget for your area of responsibility and manage the acquisition, installation, and maintenance of the organization's hardware and software.
• Emerging Technology - You will maintain a working knowledge of emerging tools - including AI - and demonstrate the ability to responsibly apply new technology to support business operations and decision-making.
• Additional Responsibilities - You will perform other duties as assigned to support the team and the business.

Do you have experience in SOX?, Do you have a Bachelor's degree?, * Sound Judgment Under Pressure - Security incidents and infrastructure outages don't follow a schedule. The ability to stay calm, assess situations quickly, and make good decisions when the stakes are high is critical in this role.

• Attention to Detail - Whether it's a firewall rule, a compliance artifact, or an audit finding, the details matter. Missing something small in security or compliance can have big consequences.
• Cross-Functional Partnership - This role works closely with teams across the organization. Building strong working relationships and earning trust across functions is key to getting alignment and moving work forward.
• Adaptability - Torchy's is growing fast, and the technology landscape is always changing. The ability to shift priorities, learn quickly, and keep up with new tools and threats is what keeps the business protected and moving forward., * Bachelor's degree in Information Technology, Computer Science, or a related field, or an equivalent combination of education and work experience
• 10+ years of experience in IT infrastructure, information security, or IT risk management
• Strong working knowledge of network security concepts including firewalls, IDS/IPS, SIEM, VPN, and encryption
• Experience managing SOX and/or PCI-DSS compliance programs with internal and external auditors
• Experience with Microsoft cloud and identity environments (Azure, Azure AD, Active Directory, MFA)
• Must be authorized to work in the United States without employer sponsorship, * Experience in a multi-unit restaurant or retail environment
• Active security certifications such as CISSP, CISM, CISA, CRISC, or equivalent
• Experience working with telecommunications vendors (e.g., AT&T, Spectrum, Verizon)

The Torchy's legacy began in Austin, Texas in 2006 with an idea, a dedicated executive chef and a food trailer. Today, Torchy's Tacos operates across the country, all with the determination to deliver on our "Damn Good" food promise.