Hiring.Camp

Director IT Information Security

Texas Roadhouse

·

1 week ago

Location
Support Center, United States of America
Type
Full-time
Department
Security
Seniority
Director
Education
Master
Source
Workday

Description

Position Overview

The Director, Information Security is responsible for leading and maturing the organization’s information security program across security architecture, engineering, governance, risk, compliance, and security operations. This role partners closely with the Head of Information Security, IT leadership and business leaders to protect company systems, data, technology platforms, restaurants, Support Center operations, and end users. The Director provides strategic direction and hands-on leadership for enterprise security architecture, threat detection, incident response, vulnerability management, third-party risk, policy and control governance, security tooling, and security awareness. The ideal candidate brings a strong background in security architecture, engineering, GRC, and/or security operations, with the ability to translate complex technical risk into clear business impact and practical recommendations.

Responsibilities

Serve as a trusted advisor to technology and business leadership on cybersecurity risk, emerging threats, operational readiness, and risk-based decision making.

Establish and maintain security architecture standards for infrastructure, cloud, applications, identity and access management, endpoints, networks, data protection, logging, and monitoring.

Partner with enterprise architecture, infrastructure, application, engineering, and business teams to embed security into technology decisions, system designs, integrations, and implementation plans.

Review new systems, platforms, integrations, and vendor solutions to ensure appropriate security controls are designed, documented, implemented, and monitored.

Partner with Legal, Compliance, Internal Audit, Finance, Operations, restaurants, and business leaders to support applicable regulatory, contractual, audit, and operational requirements, including SOX, PCI, HIPAA, or other applicable standards.

Oversee the Security Operations Center (SOC) and security monitoring, detection, triage, escalation, and response activities, including coordination with managed security service providers or external partners, as applicable.

Lead the enterprise incident response program, including containment, eradication, recovery, communication, post-incident review, and continuous improvement of response processes.

Manage and mature threat detection, threat intelligence, proactive threat hunting, vulnerability management, prioritization, remediation tracking, and risk reporting.

Oversee and optimize security technologies and processes, including SIEM/XDR, EDR, firewall monitoring, network security operations, log collection, correlation, alerting, detection engineering, and SOAR capabilities.

Develop, maintain, and regularly test incident response playbooks, runbooks, escalation procedures, tabletop exercises, breach simulations, and security drills.

Partner with IT and business leaders on disaster recovery, business continuity, cyber resilience, and crisis communication planning.

Establish, monitor, and report security metrics and key performance indicators, such as vulnerability remediation progress, security control effectiveness, mean time to detect, mean time to respond, and program roadmap progress.

Oversee third-party/vendor security risk assessments, vendor security expectations, ongoing monitoring, and vendor/contract relationships related to security operations or security services.

Manage operational budgets, tooling costs, vendor relationships, and resource planning for security programs and security operations, as assigned.

Develop and lead cybersecurity awareness and training efforts to promote shared accountability for protecting company information, systems, restaurants, Roadies, and guests.

Prepare and deliver clear written and in-person communications regarding cybersecurity posture, operational readiness, key risks, incidents, and program progress to IT leadership, senior leadership, audit-related forums, restaurants, and end users, as appropriate.

Lead, coach, hire, and develop Security Operations Roadies, Security Analysts, Security Engineers, information security team members, vendors, consultants, or cross-functional project teams, as assigned.

Stay current on cybersecurity trends, emerging threats, technology changes, and regulatory developments, and recommend actions to reduce risk and strengthen resilience.

Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions.

Qualifications

Education and Experience

Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Engineering, Information Technology, or a related field required; Master’s degree or MBA preferred.

10+ years of progressive experience in information technology, cybersecurity, information security, security operations, security engineering, enterprise architecture, IT risk, or related technology leadership required.

Majority of experience should include information security, security operations/SOC, security architecture, engineering, GRC, incident response, vulnerability management, or related cybersecurity responsibilities.

5+ years of people leadership experience required, including managing teams, programs, vendors, budgets, or cross-functional security initiatives.

Demonstrated experience building, leading, or maturing an enterprise information security program and/or security operations capability.

Technical and Functional Expertise

Strong background in one or more of the following areas: security architecture, security engineering, enterprise architecture, governance/risk/compliance, security operations, SOC leadership, cloud security, infrastructure security, identity and access management, threat detection, vulnerability management, or incident response.

Experience leading incident response and security monitoring operations, including detection, triage, escalation, containment, eradication, recovery, and post-incident reviews.

Knowledge of cybersecurity frameworks, standards, and control environments such as NIST, CIS Controls, ISO 27001, SOC 2, PCI DSS, SOX, HIPAA, or similar frameworks and requirements.

Experience with security technologies and operating processes such as SIEM/XDR, EDR, firewalls, network security monitoring, vulnerability scanning, log management, threat intelligence, detection engineering, and SOAR preferred.

Experience leading risk assessments, control reviews, audit support, remediation plans, vendor security reviews, incident response planning, and executive risk reporting.

Experience with cloud platforms such as Microsoft Azure, AWS, or Google Cloud preferred.

Experience in a multi-location, hospitality, restaurant, retail, consumer services, or high-growth environment preferred.

Certifications

Professional certification such as CISSP, CISM, CISA, CRISC, CCSP, GIAC, GCIH, GCIA, CEH, or similar certification required or preferred based on business needs.

Leadership Competencies

Strong business acumen with the ability to balance security priorities, operational needs, risk tolerance, and business objectives.

Ability to translate complex technical risk into clear, practical, business-focused recommendations for technical and non-technical audiences.

Strong collaboration, communication, influence, judgment, confidentiality, and executive presence.

Ability to lead through change, prioritize competing needs, make sound decisions, and remain calm and effective during incidents or high-pressure situations.

Demonstrated commitment to developing people, building strong partnerships, driving accountability, and leading with integrity.

This job description includes essential functions and basic duties and is intended to provide guidelines for job expectations and the employee’s ability to perform the position described. It is not an exhaustive list of all functions, responsibilities, skills, and abilities. Additional functions and requirements may be assigned by supervisors as appropriate. This document is not a contract of employment, and the Company reserves the right to change this job description and/or assign tasks for the employee to perform, as the Company may deem appropriate.

We are proud to be an equal opportunity employer. We are committed to providing equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, age, gender, pregnancy, gender identity, disability, veteran status, sexual orientation, citizenship, national origin, or any other legally-protected status. We encourage and welcome all applicants to apply.

Skills

AWSAzureCybersecuritySIEMSOCSOXComplianceSOC 2HIPAAISO 27001CISSP

Similar Jobs

22

Director of IT, Information Security & Data Privacy

Energage · Exton, PA +1

1 month ago

Director, Information Technology (IT)

Rapidsos · New York (Remote), Boston (Remote), Dallas (Remote), Orlando (Remote) · Remote

1 month ago

Director of IT & Information Security

Hidden Level · East Syracuse, NY

1 month ago

Information Technology (IT) Director

Pawnee Mental Health · JC Ash +4

2 months ago

Director, Information Technology (IT)

Prime Buchholz · PORTSMOUTH, NH

3 months ago

Director, Information Technology (IT)

Prime Buchholz · PORTSMOUTH

3 months ago

Information Technology (IT) Director

Pawnee Mental Health Services · Manhattan, KS

4 months ago

Director of Information Technology (IT)

Ulabs Systems Inc · Memphis, TN · Hybrid

1 week ago

Assistant Director of IT Support, Information Technology, Kirk Kerkorian School of Medicine [R0152558]

Nshe · UNLV1-Medical District, United States of America

1 week ago

Director, Information Systems and IT Operations

Medfar · Montreal, Quebec, Canada

1 week ago

Director of Information Technology (IT)

Foothill Federal Credit Union · Arcadia, CA

1 month ago

IT Director EDGE Projects (Information Technology Project and Portfolio Manager 3)

Oregon Job Opportunities · Salem | OHA | Fairview Industrial Drive 3990, United States of America

1 month ago

IT Director / Head of IT & Information Security (m/w/d)

Kemmler Kemmler Gmbh · Berlin, Berlin

1 month ago

IT Director / Head of IT & Information Security (m/w/d)

Kemmler Kemmler Gmbh · Berlin, Berlin

1 month ago

Associate Director - R&D Information Research IT (Hybrid)

AbbVie · South San Francisco, CA, United States · Hybrid

2 months ago

Director of Information Technology (IT) and D

Americhem · Cuyahoga Falls, OH

2 months ago

Director of Information Technology (IT)

Westward Association Management LLC · Chicago +4

2 months ago

Director of Information Technology (IT)

Westward360 · Chicago, IL

3 months ago

Director of Information Technology (IT)

Excelsportsmanagement · New York, New York, United States

5 months ago

Director Chief Information Security Officer - IT Infrastructure and Operations

SPH Business Unit · Helena, MT, United States, US · Hybrid

2 weeks ago

Director, Security Consulting — Business Information Security Officer (BISO) Commercial IT

AstraZeneca is · US - Gaithersburg - MD, United States of America

1 month ago

Director, Security Consulting — Business Information Security Officer (BISO) Commercial IT

AstraZeneca · Gaithersburg, MD,US, US

1 month ago