Logo for Driven Brands Inc.

Vice President, IT Infrastructure and Chief Information Security Officer (CISO)

Roles & Responsibilities

  • 15+ years of progressive technology leadership experience
  • Bachelor's degree in Information Technology, Computer Science, Information Systems, Engineering, or a related field
  • Demonstrated experience serving as a senior technology, infrastructure, and/or cybersecurity executive
  • Professional security, risk, or technology management certification is strongly preferred

Requirements:

  • Lead the enterprise infrastructure strategy, roadmap, operating model, and investment plan
  • Drive operational excellence across incident management, problem management, and service delivery
  • Lead the enterprise cybersecurity strategy, governance model, and technology risk management practices
  • Prepare and deliver updates to the Board of Directors and Executive Leadership Team

Job description

Company:Driven Brands

Driven Brands is North America's largest automotive services company with a portfolio of iconic brands including Take 5 Oil Change®, Meineke Car Care Centers®, Maaco®, 1-800-Radiator & A/C®, Auto Glass Now®, and CARSTAR®. Our vision is to fuel the pursuit with the simplest, most convenient, and most reliable car care experience.

Headquartered in Charlotte, NC, Driven Brands is more than a workplace. We're a launchpad — for careers, for dreams, and for people driven to do great things.

Every day, we fuel the pursuit — for our customers chasing life's moments, for our franchisees building lasting legacies, and for each other as we grow, lead, and succeed together.

Performance matters. We take pride in it. We own it. We show up for one another and for our communities.

Because at Driven Brands, we're not just fixing cars. We're building futures, unlocking potential, and fueling what's possible — together.

JOB DESCRIPTION:

The VP, IT Infrastructure and CISO is responsible for the strategy, performance, resilience, risk posture, cost profile, and modernization of the company's core technology environment. This includes enterprise networks, telecom, cloud and on-premises infrastructure, compute, storage, endpoints, mobility, collaboration platforms, identity platforms, monitoring, patching, backup, disaster recovery, and operational support processes.

This role will serve as the senior leader for both infrastructure operations and cybersecurity governance. On the infrastructure side, the role must improve platform stability, service delivery, observability, lifecycle management, field supportability, vendor accountability, and technology debt reduction. On the security side, the role must mature cybersecurity controls, technology risk management, incident readiness, audit readiness, and executive risk reporting.

A critical requirement for this role is demonstrated experience presenting to and advising the Board of Directors and/or Audit Committee on infrastructure reliability, technology resilience, operational availability, cyber risk, control maturity, incident readiness, disaster recovery, technology debt, regulatory obligations, and enterprise risk posture.

How you will Own It: 

Enterprise Infrastructure Leadership and Platform Operations

  • Lead the enterprise infrastructure strategy, roadmap, operating model, engineering standards, and investment plan across networks, compute, storage, cloud, data center or co-location services, endpoints, collaboration platforms, telecommunications, monitoring, backup, disaster recovery, and shared technology services.
  • Own infrastructure availability, performance, capacity, scalability, reliability, service quality, cost management, and operational resilience across corporate, field, franchise, and shared-service environments.
  • Establish clear infrastructure service ownership for network, telecom, cloud, server, storage, endpoint, collaboration, monitoring, backup, and disaster recovery capabilities, with defined service levels, escalation paths, and measurable outcomes.
  • Create and maintain infrastructure roadmaps that address business growth, field and franchise needs, lifecycle refresh, platform standardization, technical debt, automation, cloud adoption, vendor strategy, and cost optimization.
  • Ensure infrastructure teams provide stable, secure, and responsive services to business units, field operations, franchise partners, enterprise applications, M&A programs, and major transformation initiatives.

Infrastructure Service Delivery, Reliability, and User Experience

  • Drive operational excellence across incident management, problem management, change management, request fulfillment, patch management, asset lifecycle management, monitoring, alerting, capacity planning, service reporting, and root cause analysis.
  • Improve end-user and field technology experience by strengthening endpoint reliability, collaboration platform performance, network connectivity, telecom services, device standards, support processes, and service restoration practices.
  • Develop and manage infrastructure KPIs and service dashboards, including availability, major incident trends, MTTR, recurring incidents, patch compliance, backup success, endpoint health, network performance, ticket aging, change success, and vendor SLA performance.
  • Drive practical modernization of aging platforms, fragmented tooling, manual processes, inconsistent standards, and legacy operating models while maintaining business continuity and financial discipline.
  • Hold internal teams and external service providers accountable for reliable delivery, timely remediation, clear communication, documented procedures, and continuous service improvement.

Cybersecurity, Technology Risk, and Security Governance

  • Lead the enterprise cybersecurity strategy, governance model, control framework, security operations program, and technology risk management practices in alignment with the infrastructure operating model.
  • Protect the confidentiality, integrity, and availability of company, customer, franchisee, employee, and business partner information through practical, risk-based security controls.
  • Oversee security operations, incident response, vulnerability management, identity and access management, privileged access, endpoint security, data protection, third-party security risk, and threat monitoring.
  • Maintain a security and technology risk register with clear ownership, likelihood, impact, mitigation plans, target dates, compensating controls, risk acceptance, and executive visibility.
  • Ensure security controls are embedded into infrastructure operations, architecture review, change management, project intake, vendor selection, cloud adoption, and business transformation activities.

Board, Audit Committee, and Executive Reporting

  • Prepare and deliver clear, defensible updates to the Board of Directors, Audit Committee, and Executive Leadership Team covering infrastructure reliability, service performance, platform resilience, technology debt, cybersecurity risk, control gaps, major incidents, remediation progress, and investment priorities.
  • Translate complex technical, infrastructure, security, and operational issues into business, financial, regulatory, legal, customer, field, and franchise-impact terms.
  • Develop executive reporting on infrastructure availability, major incidents, service performance, disaster recovery readiness, vendor performance, security risks, control gaps, threat trends, remediation progress, risk acceptance, and material initiatives.
  • Partner with executive leadership to define acceptable levels of infrastructure, security, technology, and operational resilience risk.
  • Ensure Board and Audit Committee materials are concise, accurate, risk-based, operationally grounded, and aligned with enterprise risk management and audit expectations.

Infrastructure Resilience, Business Continuity, and Disaster Recovery

  • Own the technology resilience program for critical infrastructure platforms, including backup, recovery, disaster recovery, monitoring, alerting, incident escalation, crisis coordination, and service restoration practices.
  • Partner with business continuity, application, operations, and security teams to define recovery objectives, validate recovery plans, conduct testing, document gaps, and drive remediation to completion.
  • Ensure infrastructure and security incident response plans are integrated, tested, and actionable across technology, business, legal, communications, vendor, field, and executive stakeholders.
  • Drive continuous improvement in service reliability, mean time to detect, mean time to respond, mean time to recover, root cause analysis, recurring incident elimination, and post-incident learning.
  • Provide executive visibility into availability trends, major outages, chronic service issues, disaster recovery readiness, infrastructure debt, remediation plans, and required investments.

Architecture, Modernization, and Technology Governance

  • Participate in enterprise architecture, technology governance, investment prioritization, project intake, and change approval processes to ensure infrastructure reliability, security, scalability, resilience, supportability, and cost are embedded into technology decisions.
  • Provide infrastructure and security oversight for cloud platforms, networks, endpoints, identity platforms, enterprise applications, franchise systems, integrations, collaboration tools, telecom services, and shared technology services.
  • Ensure infrastructure and security requirements are incorporated into major initiatives, system implementations, platform migrations, cloud adoption, M&A activity, divestitures, and business transformation programs.
  • Partner with application, data, business, and operations leaders to balance usability, speed, security, resilience, platform standardization, cost, serviceability, and operational performance.
  • Promote practical standards for architecture, engineering, observability, automation, documentation, lifecycle management, operational handoff, and production readiness.

What you’ll Bring: 

  • Demonstrated experience serving as a senior technology, infrastructure, and/or cybersecurity executive in a complex, multi-location enterprise environment.
  • Proven experience presenting to and advising the Board of Directors, Audit Committee, Executive Leadership Team, and other senior stakeholders on cybersecurity, technology risk, infrastructure reliability, control maturity, incidents, remediation, and investment priorities.
  • Direct experience partnering with Internal Audit and external auditors on SOX, IT general controls, audit findings, control remediation, evidence management, and risk-based assurance activities.
  • Deep knowledge of cybersecurity operations, technology risk management, incident response, vulnerability management, identity and access management, privileged access, data protection, third-party risk, and security governance.
  • Strong enterprise IT infrastructure leadership experience across networks, compute, storage, endpoints, cloud infrastructure, data center or co-location services, collaboration platforms, telecommunications, monitoring, patching, backup, disaster recovery, and service operations.
  • Experience managing managed service providers, infrastructure vendors, security vendors, cloud providers, telecom providers, budgets, contracts, service levels, performance reporting, and cost optimization initiatives.
  • Experience developing or maturing cybersecurity and infrastructure metrics, KRIs, KPIs, service dashboards, risk dashboards, executive reporting, and operational scorecards.
  • Ability to communicate clearly with technical teams, business leaders, auditors, executives, and Board members, translating complex security and infrastructure matters into practical business decisions.
  • 15+ years of progressive technology leadership experience spanning enterprise IT infrastructure, cybersecurity, information security, and technology risk management, with demonstrated accountability for service reliability, operational resilience, vendor performance, budget management, executive reporting, and enterprise risk reduction.
  • Bachelor’s degree in Information Technology, Computer Science, Information Systems, Engineering, or a related field
  • Professional security, risk, or technology management certification is strongly preferred, such as CISSP, CISM, CRISC, CGEIT, CCSP, ITIL, or relevant cloud/infrastructure architecture certifications.
  • Ability to work in the United States, on an on-going basis, without company sponsorship.

 

Applicants for our positions are considered without regard to race, ethnicity, national origin, sex, sexual orientation, gender identity or expression, age, disability, religion, military or veteran status, or any other characteristics protected by law. 

#LI-DM1

#LI-Remote

#DBCORP

Position Location:

North Carolina

Compensation Range:

$199,200.00 - $355,800.00

Compensation Frequency:

Annual

Base pay offered may vary depending on actual location, job-related knowledge, skills, and experience. Supplemental pay types may include commissions or bonus incentives, depending on the role. Driven Brands offers a variety of health and wellness benefits including paid time off and holiday pay. Details regarding our benefits can be found here: https://www.drivenbrandsbenefits.com

Get early access to 50% of your earned wages at any time through our myFlexPay program.

IT Infrastructure Manager Related jobs

Other jobs at Driven Brands Inc.

We help you get seen. Not ignored.

We help you get seen faster — by the right people.

🚀

Auto-Apply

We apply for you — automatically and instantly.

Save time, skip forms, and stay on top of every opportunity. Because you can't get seen if you're not in the race.

AI Match Feedback

Know your real match before you apply.

Get a detailed AI assessment of your profile against each job posting. Because getting seen starts with passing the filters.

Upgrade to Premium. Apply smarter and get noticed.

Upgrade to Premium

Join thousands of professionals who got noticed and hired faster.