AVP, Director of IT Operations

About The Position

Requirements

• Bachelor's degree in Information Technology, Cybersecurity, or related field (Master's preferred)
• 5+ years of progressive IT experience, including: Infrastructure and network operations
• Cybersecurity leadership
• 3+ years in a leadership or management role
• Experience in financial services (credit union or banking strongly preferred)
• Strong knowledge of: Network architecture, firewalls, VPNs, and cloud environments
• Microsoft 365 / Azure / EntraID
• Endpoint security, SIEM, EDR/MDR solutions
• Patch management and vulnerability remediation
• Identity and access management
• Backup and disaster recovery systems
• Working knowledge of: NCUA regulations (Part 748)
• GLBA Safeguards Rule
• FFIEC IT Examination Handbook
• Experience conducting risk assessments and supporting audits
• NIST CSF 2.0 / 800-53
• CIS Critical Security Controls
• Strong executive communication and Board presentation capability
• Ability to balance operational execution with strategic oversight
• Incident and operational leadership under pressure

Nice To Haves

• Master's degree
• CISSP, CISM, or CISA
• ITIL
• Microsoft, cybersecurity, or cloud certifications

Responsibilities

• Network infrastructure (LAN/WAN, SD-WAN, firewalls, VPN)
• Servers, cloud environments, and storage systems
• Endpoint management and device lifecycle
• Ensure high availability, performance, and capacity planning of all systems
• Establish and monitor SLAs, uptime metrics, and operational KPIs
• Lead escalation and resolution of major system outages or incidents
• Serve as the interim Information Security Officer, responsible for governance of the information security program
• Develop, maintain, and enforce: Information security policies, standards, and procedures
• Risk assessments and control frameworks
• Vulnerability management and patching programs
• Endpoint detection/response, SIEM/SOC, and threat monitoring
• Identity and access management (IAM) controls
• Lead incident response activities including detection, containment, and recovery
• Report cybersecurity risks, metrics, and incidents to executive leadership and the Board
• Ensure third-party security oversight aligns with regulatory expectations
• Establish and enforce enterprise patch management standards
• Ensure timely remediation of vulnerabilities based on risk severity
• Maintain secure system baselines (CIS/NIST aligned)
• Report patch compliance and vulnerability posture to leadership
• Align with regulatory expectations for proactive vulnerability management
• Lead development, testing, and execution of Disaster Recovery plans
• Ensure alignment with Business Continuity Planning requirements
• Coordinate DR exercises and tabletop testing
• Ensure critical system resiliency
• Oversee co-managed IT/MSP relationships
• Define expectations, SLAs, and performance metrics
• Conduct ongoing due diligence and security reviews of MSP and vendors
• Ensure clear delineation of responsibilities
• Oversee help desk and end-user support functions
• Ensure high-quality, timely resolution of user issues
• Implement service management best practices (ticketing, knowledge base, escalation paths)
• Drive user experience improvements and operational efficiency
• Lead, mentor, and develop IT operations staff
• Collaborate with executive leadership on technology strategy and risk posture
• Develop and manage IT operations budget
• Provide board-level reporting on IT performance, cybersecurity risk, and operational resilience

Benefits

• Background check may include, but is not limited to, checks of your criminal record, employment history, educational credentials, credit history, motor vehicle record, and references.