Information Technology & Operations Director

About The Position

Requirements

• Bachelor’s degree and proven experience in IT – preferably a master’s degree from a recognized university or college.
• Suggested Minimum Experience: Extensive background (10–15+ years in IT, 7–10 years in financial services, and 5+ years leading cloud operations and cybersecurity).
• Proficiency in major cloud service providers like AWS, Azure, and Oracle Cloud Infrastructure
• Project management skills
• Effective oral and written communication skills
• Interpersonal skills
• Work under pressure
• Problems solving
• Performance appraisal
• Decision making
• Negotiation skills
• Organization
• Delegate
• Ethics
• Strong leadership
• Strategic planning and problem-solving skills
• Proficiency in cybersecurity, data management, and financial technologies.

Nice To Haves

• Relevant certifications such as ITIL, CompTIA+, CISSP, CISM, or PMP can be advantageous.

Responsibilities

• Develop and implement IT and Operations strategies that align with the institution's goals.
• Identify technology needs and make recommendations to business decision-makers
• Act as the liaison with leaders and users from other business divisions to guarantee the efficiency of technology, project management, and customer services.
• Provide leadership, vision, and direction to their team, including performance execution.
• Develop, implement, and maintain the policies and standards of information.
• Enforce the compliance of policies, procedures, and participate in internal/external audits.
• Ensure the efficient operation of all IT systems, including hardware, software, networks, and cloud infrastructure.
• Oversee the IT/Customer Services budget, ensuring cost-effective solutions.
• Revise and approve department invoices.
• Evaluate the purchases of new equipment or solutions for the organization.
• Manage relationships with external vendors and negotiate contracts.
• Maintain contact and closely monitor technology suppliers.
• Ensure that all IT practices, including contract development, renewal, and execution, comply with relevant regulations and standards.
• Follow up projects and personnel meetings.
• Maintain robust cybersecurity measures to protect sensitive financial data.
• IT Strategy and Leadership: Portfolio management and digital transformation, IT governance, OKRs (Objectives and Key Results) and KPIs (Key Performance Indicators), executive communication with the Board and regulators.
• Cloud Architecture (100% cloud): Design and operation of multi-region/multi-cloud IaaS (Infrastructure as a Service), PaaS (Platform as a Service), and SaaS (Software as a Service); resilience RTO (Recovery Time Objective), RPO (Recovery Point Objective), FinOps (Cloud Financial Operations), automation, observability through APM (Application Performance Monitoring), logging, and tracing.
• Continuous Development and Delivery: Modern SDLC (Software Development Life Cycle), Agile/SAFe (Scaled Agile Framework), CI/CD (Continuous Integration / Continuous Delivery), SRE (Site Reliability Engineering), automated QA (Quality Assurance), DevSecOps (Development, Security and Operations) practices, and integration through APIs (Application Programming Interfaces)/microservices.
• Cybersecurity and Continuity: Frameworks such as NIST CSF (National Institute of Standards and Technology Cybersecurity Framework), ISO 27001 (Information Security Management Standard), Zero Trust, IAM (Identity and Access Management)/PAM (Privileged Access Management), EDR (Endpoint Detection and Response)/XDR (Extended Detection and Response), SIEM (Security Information and Event Management)/SOAR (Security Orchestration, Automation and Response), DLP (Data Loss Prevention), vulnerability management, incident response, and tested DR (Disaster Recovery) / BCP (Business Continuity Plan).
• Financial and Regulatory Compliance: Practical understanding of GLBA (Gramm–Leach–Bliley Act), FFIEC (Federal Financial Institutions Examination Council), OCIF (Office of the Commissioner of Financial Institutions — PR)/FDIC (Federal Deposit Insurance Corporation), PCI DSS (Payment Card Industry Data Security Standard), SOX-ITGC (Sarbanes–Oxley — IT General Controls), BSA (Bank Secrecy Act)/AML (Anti-Money Laundering)/KYC (Know Your Customer).
• Financial Business Expertise: Consumer credit products, origination and underwriting, servicing and collections, fraud, pricing, CECL (Current Expected Losses), and regulatory reporting.
• Customer Experience (CX) / Contact Center: Omnichannel operations (voice/chat/app/web), IVR (Interactive Voice Response), QA (Quality Assurance), CRM (Customer Relationship Management), automation (bots), metrics, and journey design.
• Data and Analytics: Data governance and quality, data warehouse, BI (Business Intelligence)/Analytics, risk modeling, and protection of sensitive data.
• Third-Party and Contract Management: RFI (Request for Information)/RFP (Request for Proposal), due diligence and TPRM (Third-Party Risk Management), negotiation of MSAs (Master Service Agreements), SLAs (Service Level Agreements)/SOWs (Statements of Work), and licensing; performance and vendor risk management.