HiringCafe
Posted 3w ago

Director of IT Infrastructure and Security

@ Sunflower Services
View All Jobs
Washington or Durham
$124k-$146k/yrHybridFull Time
Responsibilities:Define infrastructure strategy, Maintain security policies, Lead incident response
Requirements Summary:15+ years IT infrastructure/security; 5+ years leadership; cloud (Azure) experience; vendor/MSP management; incident response and risk management; SOC 2/compliance exposure; nonprofit or professional services experience; strong communication.
Technical Tools Mentioned:Azure, Azure AD/Entra ID, Intune, Networking, Cloud security, SOC 2, MSP management
Save
Mark Applied
Hide Job
Report & Hide
Job Description
Job Title: Director, IT Infrastructure and Security
Department: Information Technology
Location: Hybrid, based in Washington, DC, or Durham, NC; or Remote in Illinois, Maryland, New Jersey, New York, North Carolina, or Virginia
 
Who We Are
Today’s societal challenges are more complex, interconnected, and urgent than ever. Sunflower Services is comprised of over 240 professionals with deep expertise in the philanthropic sector. We provide support services to fiscal sponsors and intermediaries—and their hundreds of mission-driven projects—that are creating meaningful change. We welcome jobseekers who are motivated by results and driven by impact. For a list of current job openings at Sunflower, please visit our LinkedIn page.
 
Sunflower Services is an independent, nonprofit-owned Public Benefit Corporation dedicated to providing operational excellence to nonprofit and social impact organizations. Sunflower delivers integrated solutions in finance, HR, grants management, compliance, and other administrative areas, helping mission-driven organizations and changemakers focus on what matters most: their impact.
 
Position Overview
The Director, IT Infrastructure & Security is responsible for the strategy, performance, and security of the organization’s technology environment, including cloud infrastructure, networks, endpoints, and information security programs. This role leads a small internal team and manages an outsourced Managed Service Provider (MSP) to ensure reliable, secure, and scalable IT operations.    
 
This leader partners across the organization to align infrastructure and security capabilities with business needs, risk tolerance, and growth priorities.  
                                                     
What You’ll Do
Infrastructure Strategy & Operations  
  • Define and execute the organization’s infrastructure strategy across cloud (Azure), network, endpoints, and collaboration platforms, in coordination with partner non-profit organizations. Ensure long term roadmap is aligned to business growth   
  • Ensure high availability, performance, and cost optimization of all infrastructure systems   
  • Oversee endpoint management, device lifecycle, and identity systems (e.g., Azure AD / Entra ID, Intune, group policy)  
  • Establish and maintain standards for system configuration, patching, and lifecycle management  
  • Lead evaluation, selection, and implementation of infrastructure technologies  
  • Establish infrastructure monitoring strategy (uptime, performance, etc.)  
  • Act as escalation point for critical incidents  
  • Continuously improve IT service management processes and user experience  
Security   
  • Develop and maintain a comprehensive information security strategy aligned with organizational risk tolerance and growth ambitions  
  • Define and track security KPIs and maturity benchmarks  
  • Act as in-house security expert, coordinating with an in-house security team, partner non-profits and external vendors. Handle proactive and reactive issues related to technical, administrative, physical and virtual threats  
  • Establish and enforce security policies, standards, procedures, and trainings  
  • Lead risk management practices, including risk assessments, threat modeling, and remediation planning  
  • Oversee security architecture, including identity and access management, endpoint security, and cloud security posture  
  • Lead and evolve incident response processes, including detection, investigation, and recovery  
Business Continuity & Resilience  
  • Oversee disaster recovery and business continuity planning and testing  
  • Ensure integration of security incident response with broader IT and business processes  
  • Conduct tabletop exercises and simulations for incident response and disaster recovery  
Governance, Compliance & Audit  
  • Ensure compliance with applicable frameworks (e.g., SOC 2, client requirements, regulatory needs)  
  • Coordinate internal and external audits and remediation efforts  
  • Maintain policies and documentation supporting governance and compliance  
Leadership & Team Management  
  • Oversee day-to-day IT service delivery through internal staff and MSP, including establishment of clear operating model between internal teams and MSP  
  • Define and enforce SLAs, KPIs, and performance expectations for MSP and vendors  
  • Lead, mentor, and develop a small internal IT team  
  • Manage external partners including MSP, security vendors, and consultants  
  • Foster a culture of accountability, service excellence, and continuous improvement  
  • Partner with leadership within and across teams to align strategy with organizational priorities  
 
What You’ll Bring
  • Bachelor’s degree or equivalent experience  
  • 15+ years of progressive experience in IT infrastructure and/or information security 
  • 5+ years of strategic leadership of infrastructure and security systems  
  • Experience managing cloud environments (Microsoft Azure preferred)  
  • Strong knowledge of:  
    • Identity & access management (Azure AD / Entra ID)  
    • Endpoint management (e.g., Intune)  
    • Networking fundamentals and cloud architecture  
    • Security frameworks and best practices  
  • Experience managing vendors and/or MSPs  
  • Demonstrated experience leading incident response and risk management efforts  
  • Certifications in one or more relevant areas (e.g., CISSP, CISM, Azure certifications)  
  • Experience with SOC 2 or similar compliance frameworks  
  • Experience in professional services, consulting, or nonprofit environments  
  • Outstanding collaboration and communication skills with the ability to present ideas to non-IT stakeholders  
  • Highly detailed, organized, and influential with the ability to manage stakeholders 
  • Multi-tasking, problem-solving, and decision-making ability in a fast-paced environment   
  
Compensation and Benefits
The annual salary range for this position is $124,000 – 146,000. Our salary ranges are based on national compensation benchmarks of similar sized companies in professional services. This position is eligible for an annual bonus at 10% of the annual salary.
 
We offer a comprehensive benefits package that includes medical, dental, and vision insurance, plus a flexible spending account and health savings account, in addition to a 401k with a company match, and commuter benefits.
 
We give generous paid time off, with 16 days of vacation time, 10 days of personal time, 20 hours of volunteer time, 11 company holidays, and 4 optional holidays.
 
We support work-life balance with parental leave, UrbanSitter membership, Employee Resource Groups, and fitness and telecommunications reimbursements.
 
We value growth and development with options for education reimbursement and professional development.
 
We also offer disability, life insurance, additional voluntary insurances, and access to Teladoc and Health Advocate.
 
Work at Sunflower Services
Submit a resume and cover letter. The application deadline for this position is June 29th, 2026. The deadline to apply may be shortened or extended depending on business needs. 
 
Location Requirements
This is a full-time position. The position can operate on a hybrid schedule, based in our Washington, DC, or Durham, NC offices, or it can be fully remote from the following locations: Illinois, Maryland, New Jersey, New York, North Carolina, or Virginia.
 
If a new hire is within proximity of our Washington, DC or Durham, NC offices, the expectation during onboarding (~90 days) is that you come into the office a minimum of 3 days per week. After this onboarding period, employees can then come into the office on a more flexible schedule with the remaining days worked at home/remotely.
 
Physical Requirements
  • Prolonged periods of sitting at a desk and working on a computer 
  • Must be able to lift up to 10 pounds at a time 
We will make reasonable accommodations under the guidelines of the Americans With Disabilities Act. 
 
Sunflower Services is an Equal Opportunity Employer without regard to race, gender, disability status, veteran status, or any other category protected by federal, state, or local law.
 
Visit our web page to learn more about Sunflower Services and watch this video