Director Network

About The Position

Requirements

• Bachelor’s degree in Computer Science, Network Engineering, Cybersecurity, Information Technology, or related field.
• 12–15+ years in IT infrastructure or network engineering, with at least 5 years in a senior leadership role managing enterprise network functions.
• Experience in a multi-site franchise, retail, or QSR environment strongly preferred.
• Deep hands-on and architectural experience with ZTNA, enterprise routing & switching (BGP, OSPF, VXLAN), and next-generation firewalls.
• Strong cloud networking expertise across Azure (vNET, ExpressRoute, Azure Firewall, NSGs, Application Gateway) and AWS (Transit Gateway, VPC, Direct Connect, Security Groups, AWS Network Firewall).
• Hands-on experience designing and operating multi-cloud network topologies at scale, including hub-and-spoke architectures and shared services models.
• Terraform required — demonstrated experience managing enterprise network infrastructure through Terraform at scale, including modular codebases, remote state management, and automated drift detection across multi-cloud environments.
• Proficiency with CI/CD pipelines for network configuration deployment (e.g., GitHub Actions, Azure DevOps).
• Scripting and automation experience (Python, Ansible, or equivalent) to reduce manual operations toil.
• Proven ability to design and operate cloud-native network architectures across Azure and AWS simultaneously.
• Deep understanding of cloud-native networking constructs, routing, security controls, and connectivity patterns in both hyperscalers.
• Experience with cloud network observability, flow logging, and automated remediation.
• CCNP, CCIE, or equivalent networking certification required.
• Proven ability to recruit, develop, and retain high-performing teams; lead blended organizations (FTE + managed services); manage multi-million-dollar budgets; and hold vendors accountable to outcomes.
• Demonstrated track record of building team capability and developing next-level leaders.
• Strong executive communication and stakeholder management skills.
• Excellent communication across technical and executive audiences.
• Ability to translate complex infrastructure topics into business language.
• Comfortable operating in a fast-paced, franchise-driven environment with competing priorities.
• Azure Virtual Networks (VNet) — design, peering, hub-and-spoke topology, route table management, private endpoints, and service endpoints in production enterprise environments.
• AWS VPC — subnet design, routing, VPC peering, PrivateLink, security groups, and network ACLs across multi-account AWS environments.
• AWS Transit Gateway — multi-VPC and multi-account connectivity, route table segmentation, inter-region peering, and centralized inspection architectures.
• Network Security Groups (NSGs) — rule design, governance, and automated enforcement across Azure environments at enterprise scale.
• Guardicore (Akamai Segmentation) — microsegmentation policy design, ring-fencing, label-based policy enforcement, and visibility map analysis across hybrid environments.
• Zero Trust network access (ZTNA) — hands-on implementation and ongoing operations, not just roadmap ownership.
• Terraform — authoring and maintaining production-grade network infrastructure modules for both Azure and AWS; remote state, workspaces, and pipeline integration.
• Cloud network observability — flow logs, network watcher, traffic analytics, and automated alerting in multi-cloud environments.

Nice To Haves

• Azure Network Engineer Associate (AZ-700) or AWS Advanced Networking Specialty preferred.
• HashiCorp Terraform Associate a plus.
• ITIL v4 Foundation a plus.
• Experience in the QSR, franchise, or hospitality industry with multi-site network management at scale (10,000+ locations).
• Hands-on experience migrating from legacy VPN to ZTNA architectures in an enterprise environment.
• Terraform at scale: modular codebases, remote state management, and automated drift detection across multi-cloud environments.
• Experience with Zero Trust maturity frameworks (CISA, Forrester, or NIST SP 800-207) and demonstrated progress implementing Zero Trust controls.
• Working knowledge of PCI-DSS network segmentation requirements for payment card environments.
• Familiarity with AI-assisted network operations — including AIOps platforms, AI-driven anomaly detection, or the use of generative AI tooling to accelerate network automation, runbook creation, and operational troubleshooting.

Responsibilities

• Define and execute the enterprise network strategy spanning corporate WAN/LAN, SD-WAN, restaurant connectivity, data center interconnects, and cloud networking across Azure and AWS.
• Own the ZTNA roadmap, evaluating and implementing zero trust network access solutions.
• Design and maintain DNS, DHCP, IPAM (DDI), load balancing, and traffic management architectures.
• Partner with Cyber Security leadership to ensure network segmentation, micro-segmentation, and firewall policies meet regulatory and compliance requirements.
• Drive cloud-native network architecture across Azure and AWS, including hub-and-spoke topologies, shared services models, and automated network provisioning through infrastructure-as-code.
• Lead the adoption and maturation of Terraform as the primary tool for managing network infrastructure.
• Build and maintain CI/CD pipelines for network configuration deployment using GitHub Actions or Azure DevOps.
• Develop automation frameworks (Python, Ansible, or equivalent) that eliminate manual operations toil.
• Champion an automation-first engineering culture across the network team.
• Implement automated drift detection and remediation pipelines.
• Own the multi-cloud network architecture and operations across Azure and AWS.
• Design and manage cloud network constructs including virtual networks, peering, private endpoints, network security groups, route tables, and cloud-native firewall policies.
• Lead cloud network observability — implementing flow logging, network performance monitoring, and automated alerting.
• Partner with Cloud Engineering and Application teams to design scalable, secure cloud network architectures.
• Drive cloud network cost optimization through right-sizing, traffic engineering, and governance of data egress patterns.
• Oversee network connectivity and performance for 37,000+ Subway restaurant locations globally.
• Drive standardization of restaurant network architectures including POS connectivity, guest Wi-Fi, digital menu boards, and IoT device networking.
• Manage vendor relationships with ISPs, MSPs, and network equipment suppliers.
• Lead and develop a high-performing blended team of FTEs and managed-service/staff augmentation resources.
• Manage relationships with key technology vendors and system integrators.
• Foster a culture of operational excellence, IaC-first thinking, and continuous learning.
• Develop and manage the annual operating and capital budgets for network functions.
• Ensure network controls satisfy SOX, PCI-DSS, GDPR, CCPA, and internal audit requirements.
• Maintain and test disaster recovery and business continuity plans for network infrastructure.
• Proactively identify and mitigate risks related to network availability, lateral movement, and unauthorized access.
• Facilitate change advisory board (CAB) reviews for network changes.

Benefits

• Insurance Plans (Medical, Life)
• Pension/401K/RSP (country specific)
• Competitive Bonus
• Mobility Allowance
• Tuition Reimbursement
• Company Holidays
• Volunteering time