Senior Director, Information Security
About The Position
Our secret to leading the way in hospitality? We put our people first! At Shake Shack, our mission is to Stand For Something Good in all that we do. From our teams to our neighborhoods, we're committed to always doing the right thing. As one of the fastest-growing hospitality brands, we're all about crafting unforgettable experiences for our guests. We offer endless learning opportunities and the chance to make a lasting impact on our business, restaurants, and communities. As a member of the #ShackFam, you’ll have access to hands-on mentorship, training, and growth potential, all in a fun and inclusive environment. Join us and Be a Part of Something Good. The Senior Director, Information Security is Shake Shack’s senior enterprise security leader, accountable for protecting corporate systems, restaurant technology, and guest and employee data. Reporting to the VP Infrastructure and Operations, this role owns the company’s information security, cybersecurity, risk, and compliance programs, enabling business growth through trust, resilience, and strong governance.
Requirements
- 12+ years in information security leadership.
- Deep experience with PCI, SOX, privacy, third-party risk, and incident response.
- Strong executive presence with experience advising senior leadership and Boards.
Responsibilities
- Security Strategy & Leadership Own enterprise security strategy, roadmap, and execution across cybersecurity, identity and access management, data protection, monitoring, and compliance. Serve as primary decision-maker for security risk prioritization, exceptions, and trade-offs impacting corporate and restaurant operations. Translate technical risk into clear, executive-level business impact.
- Regulatory, Compliance & Audit Executive lead for PCI DSS, SOX IT controls, privacy, and security governance. Ensure continuous audit readiness, remediation tracking, and policy enforcement.
- Security Operations & Incident Response Provide executive oversight of the SOC, incident response, and threat monitoring. Act as decision authority during high-severity incidents and lead post-incident reviews.
- Resilience, DR & BCP Oversee disaster recovery, business continuity, and enterprise resilience planning. Ensure secure, standardized infrastructure and cloud deployments.
- Third-Party & Vendor Risk Own vendor security risk management, assessments, monitoring, and executive escalation. Manage MSSPs and strategic security vendors with budget accountability.
Benefits
- Weekly Pay and Performance bonuses
- Shake Shack Meal Discounts
- Exclusive corporate discounts for travel, electronics, wellness, leisure activities and more
- Medical, Dental, and Vision Insurance
- Employer Paid Life and Disability Insurance
- 401k Plan with Company Match
- Paid Time Off
- Paid Parental Leave
- Access to Employee Assistance Program on Day 1
- Pre-Tax Commuter and Parking Benefits
- Flexible Spending and Dependent Care Accounts
- Development and Growth Opportunities
- Eligibility criteria applies
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Executive
Education Level
No Education Listed
