Director of IT, Infrastructure & Security

FieldAI•Irvine, CA

1d•Onsite

About The Position

Field AI is seeking a Director of IT, Infrastructure & Security to manage the company's IT operations, corporate and cloud security, and compliance program. This role involves overseeing an existing program with SOC 2 Type II in place and CMMC in progress, with the goal of maturing the program and advising the executive team on IT and security risks. The ideal candidate will be comfortable with Google Workspace, Slack, Github, Jira as core platforms, and Linux/Ubuntu as the primary operating system. This position requires operating closely with the work, leading a small IT team, managing MSP relationships, and collaborating with Engineering, Legal, Sales, and Executive leadership to ensure Field AI remains secure, compliant, and productive. Success hinges on sound judgment, urgency, and practicality in implementing effective controls, building cross-functional alignment, and delivering solutions efficiently.

Requirements

10+ years of experience in IT, infrastructure, corporate technology, identity, security operations, or related functions.
Experience leading IT operations in a high-growth technology company.
Hands-on experience driving SOC 2 Type II audits.
Experience with at least one of FedRAMP, ISO 27001, or CMMC.
CISSP or equivalent senior security certification/experience.
Strong network infrastructure experience equivalent to CCNA-level knowledge, including switches, firewalls, VLANs, routing, VPNs, Wi-Fi, segmentation, and network troubleshooting.
Strong working knowledge of corporate cybersecurity controls, including endpoint security, IAM, MFA, vulnerability management, patching, logging, EDR, SIEM/SOC coordination, vendor risk, incident response coordination, network security, and security awareness.
Ability to evaluate security tooling, work with MSP/MSSP partners, identify meaningful risks, and make practical security decisions without overengineering the environment.
Experience working with SIEM, EDR, vulnerability management, logging, and SOC/MSSP workflows.
Ability to evaluate alerts, coordinate incident response, and work with internal and external partners to keep security operations effective.
Comfort using scripting, APIs, workflow automation, or low-code tools to improve onboarding, offboarding, access management, asset tracking, SaaS administration, reporting, and compliance evidence collection.
Experience supporting technical organizations where Linux-based systems are the norm.

Responsibilities

Oversee day-to-day IT operations, including help desk, employee onboarding/offboarding, endpoint support, Google Workspace and JumpCloud administration, Linux/Ubuntu endpoint support, and service delivery across multiple sites.
Manage the procurement, deployment, tracking, maintenance, and retirement of IT assets like laptops, desktops, mobile devices, peripherals, and software licenses through a disciplined asset lifecycle process.
Own the operation and lifecycle of Field AI’s physical and corporate network infrastructure, including switches, firewalls, routers, Wi-Fi, VPNs, VLANs, network segmentation, secure remote access, ISP/vendor management, monitoring, documentation, and refresh planning.
Maintain and improve Field AI’s compliance programs, including SOC 2 Type II, ISO 27001, and CMMC readiness/certification efforts.
Manage day-to-day compliance operations, including control monitoring, evidence collection, access reviews, asset records, policy maintenance, vendor coordination, and audit support.
Own corporate security controls, including endpoint security, IAM, MFA, patching, vulnerability remediation, logging, EDR, SIEM/SOC coordination, vendor risk, incident coordination, and security awareness.
Ensure security controls are effective, lightweight, and appropriate for a fast-moving engineering company.
Communicate risk in plain language to engineers, executives, and customers.
Lead architectural review for security-sensitive changes.
Build buy-in for essential controls and create efficient paths for less critical ones.