AVP, Information Security

Overview

We are seeking an experienced Assistant Vice President (AVP) of Security Operations to lead and mature the cybersecurity operations function for a regulated financial services / credit union environment. This role is responsible for overseeing day-to-day security operations, incident response, threat detection, and regulatory compliance while partnering closely with IT, Risk, Compliance, and executive leadership.

The ideal candidate brings a strong blend of hands-on security operations expertise, leadership experience, and deep knowledge of financial services regulatory requirements.

Security Operations Leadership

• Lead and manage the Security Operations Center (SOC), including internal staff and third-party MSSPs.
• Oversee threat detection, monitoring, alert triage, and incident response activities.
• Establish and mature security operations processes, playbooks, and escalation procedures.
• Drive continuous improvement of security tooling, controls, and operational maturity.

Incident Response & Threat Management

• Serve as the primary escalation point for security incidents, including cyber threats, fraud-related events, and data breaches.
• Lead incident response investigations, root cause analysis, and remediation efforts.
• Coordinate tabletop exercises, penetration testing follow-ups, and post-incident reviews.
• Stay current on emerging threats impacting financial institutions and credit unions.

Technology & Tooling

• Oversee security platforms such as SIEM, SOAR, EDR/XDR, IAM, DLP, and vulnerability management tools.
• Leverage automation and orchestration to improve response times and reduce operational risk.
• Partner with infrastructure, cloud, and application teams to embed security into operations.

Risk, Compliance & Governance

• Ensure alignment with regulatory and compliance requirements (e.g., FFIEC, NCUA, GLBA, PCI-DSS, SOX as applicable).
• Support internal and external audits, exams, and regulatory inquiries.
• Develop metrics, dashboards, and reporting for executive leadership and the Board.
• Contribute to enterprise risk management and cybersecurity governance initiatives.

People & Stakeholder Management

• Lead, mentor, and develop security operations personnel.
• Partner with IT, Legal, Compliance, Fraud, and Business teams to align security priorities.
• Communicate security risks and incidents clearly to both technical and non-technical stakeholders.

Required Qualifications

• 8+ years of experience in cybersecurity, with significant experience in security operations or incident response.
• Prior leadership or management experience within a SOC or security operations team.
• Strong knowledge of financial services or credit union regulatory environments.
• Hands-on experience with SIEM platforms (e.g., Splunk, Sentinel, QRadar) and endpoint security tools.
• Proven ability to lead incident response efforts in high-pressure environments.

Preferred Qualifications

• Experience working in a bank, credit union, or regulated financial institution.
• Familiarity with cloud security (Azure, AWS, or GCP) in a regulated environment.
• Experience implementing SOAR or security automation.
• Professional certifications such as CISSP, CISM, CRISC, GCIA, or GCIH.
• Experience presenting security posture and incidents to executive leadership or Boards.

At Top Prospect Group, we believe in building lasting relationships with candidates. We support your job search journey, from resume building to interview preparation. Our goal is to help you meet your professional goals and maximize your growth. Our team of experienced recruiters takes a personalized approach to help you identify opportunities that align with your skills, interests, and career aspirations. We work closely with you to understand your unique needs and preferences, whether you're looking for a temporary contract or a permanent placement.