AVP, Director of IT Operations

AVP, Director of IT Operations UT Federal Credit Union - 2.9 Knoxville, TN Job Details Full-time 1 day ago Qualifications Endpoint Security Cloud identity and access management (IAM) Data storage IT service management Regulatory compliance Information security compliance Patch management Bachelor's degree Cloud-based systems System risk assessment (security system operation) NIST standards Industry knowledge of financial regulations Network architecture Vulnerability management IT Network infrastructure management VPN Full Job Description Position Summary The AVP, Director of IT Operations is responsible for the reliability, security, and scalability of all Credit Union technology operations. This role provides leadership across infrastructure, networking, cybersecurity operations, end-user support, and vendor-managed services, while also serving as the interim Information Security Officer and a key leader in disaster recovery and business continuity management. The position ensures alignment with NCUA Part 748, GLBA, FFIEC guidance, and industry frameworks (e.g., NIST, CIS), while enabling a secure and resilient technology environment that supports member growth and operational efficiency. Key Responsibilities IT Operations and Infrastructure Leadership Responsible for: Network infrastructure (LAN/WAN, SD-WAN, firewalls, VPN) Servers, cloud environments, and storage systems Endpoint management and device lifecycle Ensure high availability, performance, and capacity planning of all systems Establish and monitor SLAs, uptime metrics, and operational KPIs Lead escalation and resolution of major system outages or incidents Cybersecurity and Information Security Serve as the interim Information Security Officer, responsible for governance of the information security program Develop, maintain, and enforce: Information security policies, standards, and procedures Risk assessments and control frameworks Vulnerability management and patching programs Endpoint detection/response, SIEM/SOC, and threat monitoring Identity and access management (IAM) controls Lead incident response activities including detection, containment, and recovery Report cybersecurity risks, metrics, and incidents to executive leadership and the Board Ensure third-party security oversight aligns with regulatory expectations Patch and Vulnerability Management Establish and enforce enterprise patch management standards Ensure timely remediation of vulnerabilities based on risk severity Maintain secure system baselines (CIS/NIST aligned) Report patch compliance and vulnerability posture to leadership Align with regulatory expectations for proactive vulnerability management Disaster Recovery and Business Continuity Lead development, testing, and execution of Disaster Recovery plans Ensure alignment with Business Continuity Planning requirements Coordinate DR exercises and tabletop testing Ensure critical system resiliency Managed Service Provider Oversight Oversee co-managed IT/MSP relationships Define expectations, SLAs, and performance metrics Conduct ongoing due diligence and security reviews of MSP and vendors Ensure clear delineation of responsibilities End-User Support and Service Delivery Oversee help desk and end-user support functions Ensure high-quality, timely resolution of user issues Implement service management best practices (ticketing, knowledge base, escalation paths) Drive user experience improvements and operational efficiency- Leadership and Strategy Lead, mentor, and develop IT operations staff Collaborate with executive leadership on technology strategy and risk posture Develop and manage IT operations budget Provide board-level reporting on IT performance, cybersecurity risk, and operational resilience Required Qualifications Education and Experience Bachelor's degree in Information Technology, Cybersecurity, or related field (Master's preferred) 5+ years of progressive IT experience, including: Infrastructure and network operations Cybersecurity leadership 3+ years in a leadership or management role Experience in financial services (credit union or banking strongly preferred) Technical and Operational Expertise Strong knowledge of: Network architecture, firewalls, VPNs, and cloud environments Microsoft 365 / Azure / EntraID Endpoint security, SIEM, EDR/MDR solutions Patch management and vulnerability remediation Identity and access management Backup and disaster recovery systems Regulatory and Risk Knowledge Working knowledge of: NCUA regulations (Part 748) GLBA Safeguards Rule

FFIEC IT

Examination Handbook Experience conducting risk assessments and supporting audits

NIST CSF 2.0 / 800-53 CIS

Critical Security Controls Certifications (Preferred) CISSP, CISM, or

CISA ITIL

Microsoft, cybersecurity, or cloud certifications Leadership and Soft Skills Strong executive communication and Board presentation capability Ability to balance operational execution with strategic oversight Incident and operational leadership under pressure Physical Demands The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to sit. The employee frequently is required to use hands to finger, handle, or feel objects, tools, or controls. The employee is occasionally required to stand, walk, and talk or hear. The employee must occasionally lift and/or move up to 50lbs. Specific vision abilities required by this job include close vision and the ability to adjust focus.

Work Environment:

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. The noise level in the work environment is usually moderate.