Director, IT Infrastructure & Security

About Torchy's

The Torchy’s legacy began in Austin, Texas in 2006 with an idea, a dedicated executive chef and a food trailer. Today, Torchy’s Tacos operates across the country, all with the determination to deliver on our “Damn Good” food promise.

The Director, IT Infrastructure & Security is responsible for the design, security, and day‑to‑day reliability of enterprise network and infrastructure across Torchy’s Support Center and restaurant environments nationwide. This role owns the architecture and governance of our network, cloud platforms, and identity systems, while also leading the company's security compliance across frameworks like PCI‑DSS and SOX. It's a hands‑on leadership role that requires both big‑picture thinking and the ability to dig in when it matters most.

• Network Architecture & Strategy — You will lead the planning, design, and ongoing optimization of enterprise network infrastructure across corporate and restaurant environments, establishing standards, governance processes, and best practices for network design and operational excellence.
• Security Architecture — You will oversee enterprise firewall architecture, security policies, VPN connectivity, network segmentation, and access controls to protect Torchy’s systems and data.
• Cloud Infrastructure — You will direct cloud infrastructure strategy and operations across Microsoft Azure, Office 365, and SaaS platforms, ensuring reliability, scalability, and security.
• Team Leadership & Development — You will lead, coach, and develop a team of IT professionals, fostering a culture of accountability, continuous learning, and collaboration.
• Identity & Access Management — You will manage Microsoft identity environments including Active Directory, Azure AD, ADFS, MFA, PKI, and hybrid identity services to ensure appropriate access controls are in place across the organization.
• PCI‑DSS Compliance — You will manage the annual PCI‑DSS assessment engagement with external vendors, facilitate quarterly and annual penetration testing and vulnerability scanning, and maintain a complete repository of compliance artifacts and correspondence.
• Security Policy & Governance — You will ensure the creation, validation, and execution of information security policies, standards, and procedures using the NIST CSF Framework as a guide, with appropriate governance to drive adoption at all levels.
• IT General Controls & Audit — You will manage IT General Controls for Digital and Enterprise IT, coordinating all responses to internal and external audit inquiries related to technology services, platforms, and projects, including annual reviews of controls, narratives, and process flows.
• Risk & Vulnerability Management — You will evaluate exposure to security risks and threats, recommend appropriate mitigation strategies, and coordinate PCI vulnerability scanning and analysis of internal and external systems.
• Vendor & Telecom Management — You will manage relationships with telecommunications and technology vendors — including AT&T, Spectrum, Verizon, and others — to ensure service levels meet Torchy’s operational needs.
• Incident Response & Escalation — You will lead network troubleshooting and incident response efforts, including advanced packet capture analysis and root cause remediation, and provide leadership for after‑hours escalation support when critical incidents arise.
• Technology Budget & Assets — You will oversee the technology budget for your area of responsibility and manage the acquisition, installation, and maintenance of the organization’s hardware and software.
• Emerging Technology — You will maintain a working knowledge of emerging tools — including AI — and demonstrate the ability to responsibly apply new technology to support business operations and decision‑making.
• Additional Responsibilities — You will perform other duties as assigned to support the team and the business.

• Clear Communication — This role touches nearly every part of the business, from restaurant operations to finance and legal. Translating complex technical concepts into plain language is essential for getting things done and keeping…