Senior Director, Infrastructure

About the role

The Senior Director of Infrastructure is a critical enterprise technology executive responsible for the architecture, delivery, automation, and security of the organization's entire infrastructure ecosystem. This role leads the cloud modernization and automation program, with deep expertise in AWS Organizations governance, Infrastructure-as-Code (IaC), Governance-as-Code, Cloud PAM, FinOps, and next-generation networking and security architectures. The Senior Director also holds executive oversight of IT Service and Support operations, ensuring a modern, high-performing end-user experience across the business. Reporting directly to the Chief Information Technology Officer, this leader operates with a high degree of financial accountability, executive communication fluency, and organizational influence that extends well beyond the scope of a Director-level role. The position is a combination of hands-on cloud engineering depth, enterprise governance leadership, cyber hygiene mastery, and the executive presence required to translate complex infrastructure strategy into clear business value for senior stakeholders. The role targets a multi-cloud environment with AWS as the primary platform and Azure as a secondary component. Essential Functions Cloud Modernization & Automation Leadership Design and own the enterprise cloud strategy across AWS (primary) and Azure (secondary), driving a scalable, automated, and secure multi-cloud operating model aligned to business objectives. Lead the design and implementation of a scalable AWS Organizations OU structure to support business unit growth, compliance, and governance - including Business Unit OUs, account vending automation, and organizational policy enforcement. Implement account-level guardrails, Service Control Policies (SCPs), Resource Control Policies (RCPs), and baseline configurations across all organizational accounts. Define and enforce tagging strategy, standard definitions, and account onboarding procedures to support ongoing manageability, cost allocation, and compliance reporting. Drive Infrastructure-as-Code (IaC) standardization using Terraform as the enterprise-standard toolchain, including module libraries, pipeline integration, SCP-based validation, and IaC-driven enforcement. Architect and deliver scalable AWS account and organizational automation, including account vending pipelines and automated security baseline validation. Implement advanced IAM V2 capabilities including MFA enforcement, RBAC, service account management, and hybrid identity federation. Lead IAM V3 / Cloud PAM architecture and delivery - encompassing privileged access workflows, jump server and AppStream design, break-glass implementation, role segregation, and dual-ID auditing. Oversee Cloud PAM backport activities including role segregation, dual-ID auditing, and alignment to least-privilege principles across all cloud environments. Governance-as-Code & Policy Automation Define and operationalize the Governance-as-Code program, translating compliance and security controls into codified, automatically enforced policies. Implement SCP-driven enforcement, automated compliance validation, and continuous drift detection and reporting across the AWS Organization. Develop IAM policy-as-code frameworks and AWS service onboarding guardrails to ensure new services meet security and compliance baselines before production deployment. Own Security Alignment programs, integrating SCP, RCP, and IAM policy-as-code into a unified governance posture that supports audit readiness and regulatory compliance. Drive automated policy validation, security baseline testing, and tagging compliance enforcement across all cloud accounts. NextGen Networking & Security Architecture Architect and manage advanced cloud and on-premises network infrastructure including Transit Gateway, Cloud WAN, and hybrid connectivity topologies. Lead Route 53 strategy including DNS architecture, private hosted zones, resolver rules, DNS security controls, and failover routing design. Design and implement NextGen networking and security architectures including network segmentation, micro-segmentation, and zero-trust network access patterns. Oversee firewall policy, WAF, VPC design, and inter-account routing to maintain a secure, scalable, and auditable network posture. Partner with the security organization to ensure network architecture aligns with threat modeling, compliance requirements, and incident response capabilities. Cyber Posture, Hygiene & Security Leadership Own the organization's infrastructure cyber posture program, establishing and continuously improving security baselines, hardening standards, and vulnerability remediation SLAs. Lead implementation and operationalization of cloud-native and third-party security tooling including CSPM, CWPP, CNAPP, SIEM, and endpoint security platforms. Direc