AVP, Director of IT Operations

Position Summary

The AVP, Director of IT Operations is responsible for the reliability, security, and scalability of all Credit Union technology operations. This role provides leadership across infrastructure, networking, cybersecurity operations, end-user support, and vendor-managed services, while also serving as the interim Information Security Officer and a key leader in disaster recovery and business continuity management.

The position ensures alignment with NCUA Part 748, GLBA, FFIEC guidance, and industry frameworks (e.g., NIST, CIS), while enabling a secure and resilient technology environment that supports member growth and operational efficiency.

Key Responsibilities

1. IT Operations and Infrastructure Leadership

Responsible for:

• Network infrastructure (LAN/WAN, SD-WAN, firewalls, VPN)
• Servers, cloud environments, and storage systems
• Endpoint management and device lifecycle
• Ensure high availability, performance, and capacity planning of all systems
• Establish and monitor SLAs, uptime metrics, and operational KPIs
• Lead escalation and resolution of major system outages or incidents

2. Cybersecurity and Information Security

• Serve as the interim Information Security Officer, responsible for governance of the information security program
• Develop, maintain, and enforce:
  • Information security policies, standards, and procedures
  • Risk assessments and control frameworks
  • Vulnerability management and patching programs
  • Endpoint detection/response, SIEM/SOC, and threat monitoring
  • Identity and access management (IAM) controls
• Lead incident response activities including detection, containment, and recovery
• Report cybersecurity risks, metrics, and incidents to executive leadership and the Board
• Ensure third-party security oversight aligns with regulatory expectations

3. Patch and Vulnerability Management

• Establish and enforce enterprise patch management standards
• Ensure timely remediation of vulnerabilities based on risk severity
• Maintain secure system baselines (CIS/NIST aligned)
• Report patch compliance and vulnerability posture to leadership
• Align with regulatory expectations for proactive vulnerability management

4. Disaster Recovery and Business Continuity

• Lead development, testing, and execution of Disaster Recovery plans
• Ensure alignment with Business Continuity Planning requirements
• Coordinate DR exercises and tabletop testing
• Ensure critical system resiliency

5. Managed Service Provider Oversight

• Oversee co-managed IT/MSP relationships
• Define expectations, SLAs, and performance metrics
• Conduct ongoing due diligence and security reviews of MSP and vendors
• Ensure clear delineation of responsibilities

6. End-User Support and Service Delivery

• Oversee help desk and end-user support functions
• Ensure high-quality, timely resolution of user issues
• Implement service management best practices (ticketing, knowledge base, escalation paths)
• Drive user experience improvements and operational efficiency-

7. Leadership and Strategy

• Lead, mentor, and develop IT operations staff
• Collaborate with executive leadership on technology strategy and risk posture
• Develop and manage IT operations budget
• Provide board-level reporting on IT performance, cybersecurity risk, and operational resilience

Required Qualifications

Education and Experience

• Bachelor's degree in Information Technology, Cybersecurity, or related field (Master's preferred)
• 5+ years of progressive IT experience, including:
  • Infrastructure and network operations
  • Cybersecurity leadership
  • 3+ years in a leadership or management role
  • Experience in financial services (credit union or banking strongly preferred)

Technical and Operational Expertise

Strong knowledge of:

• Network architecture, firewalls, VPNs, and cloud environments
• Microsoft 365 / Azure / EntraID
• Endpoint security, SIEM, EDR/MDR solutions
• Patch management and vulnerability remediation
• Identity and access management
• Backup and disaster recovery systems

Regulatory and Risk Knowledge

Working knowledge of:

• NCUA regulations (Part 748)
• GLBA Safeguards Rule
• FFIEC IT Examination Handbook
• Experience conducting risk assessments and supporting audits
• NIST CSF 2.0 / 800-53
• CIS Critical Security Controls

Certifications (Preferred)

• CISSP, CISM, or CISA
• ITIL
• Microsoft, cybersecurity, or cloud certifications

Leadership and Soft Skills

• Strong executive communication and Board presentation capability
• Ability to balance operational execution with strategic oversight
• Incident and operational leadership under pressure

Physical Demands

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to sit. The employee frequently is required to use hands to finger, handle, or feel objects, tools, or controls. The employee is occasionally required to stand, walk, and talk

or hear. The employee must occasionally lift and/or move up to 50lbs. Specific vision abilities required by this job include close vision and the ability to adjust focus.

Work Environment:

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. The noise level in the work environment is usually moderate.

Thank you for your interest in joining UT Federal Credit Union. As part of our commitment to ensuring a safe and secure work environment, all offers of employment at UT Federal Credit Union are contingent upon the successful completion of a comprehensive background check.

The background check may include, but is not limited to, checks of your criminal record, employment history, educational credentials, credit history, motor vehicle record, and references. You may be required to provide additional information and complete further documentation to facilitate these checks.

By proceeding with this application, you hereby authorize UT Federal Credit Union and its designated agents and representatives to conduct such investigations and request such information as is necessary to evaluate your suitability for employment.

In the event that information from a consumer report obtained about you from a consumer reporting agency is used in whole or in part in making an adverse decision with regard to employment, you will be provided with a copy of the consumer report and a description in writing of your rights under the law.

Should there be any discrepancies or disputes regarding the information obtained during the background check, or should you otherwise wish to discuss the report's contents with us, you will have an opportunity to discuss and/or dispute the content with us before a final employment decision is made.

All information received during the background check process will be treated with the utmost confidentiality and sensitivity, in accordance with the law. It will be used solely for the purpose of evaluating your potential employment at UT Federal Credit Union.

Please complete the application if you understand and agree to the above-mentioned conditions. In doing so, you acknowledge that you have carefully read and understand this Disclosure and Authorization and authorize UT Federal Credit Union to obtain and/or its agent to obtain and furnish to the Credit Union information related to your background to be used for employment purposes.