Information Security Team Lead

Description: University of Virginia Community Credit Union
At UVA Community Credit Union, we are dedicated to making a meaningful difference in the lives of our members and the communities we serve. Our mission, working together to strengthen the financial wellness of our members and local communities, guides everything we do. We foster an environment where every team member plays a vital role in building the financial wellness of those we serve. Our core values are Integrity, Service Excellence, Collaboration, and Gratitude. These values shape how we support our members, interact with one another, and drive the success of our shared purpose. If you’re passionate about making a positive impact and want to be part of a purpose-driven organization, we invite you to explore a career with us.

SUMMARY:

Responsible for support, maintenance, and implementation of the credit union's IT security systems and infrastructure and provide support and feedback on the overall design. This includes security system hardware & software acquisition, installation, configuration, and ongoing network security maintenance and compliance. The incumbent will need to rely on prior experience and sound judgment to plan and accomplish corporate goals. Due to the critical nature of the work, the successful candidate will be called on after hours and on weekends when items of concern arise to ensure continuous system availability. This position will work with the VP Information Security, SVP Technology, and the security and technology teams to help develop and mature the cybersecurity program. This position will serve as a mentor and lead for the Security Analyst(s), leading day-to-day tasks and projects. This position will also serve as a Subject Matter Expert for other staff.

DUTIES AND RESPONSIBILITES:

Security Infrastructure

• Monitor and maintain security tools and infrastructure to proactively identify and address threats.
• Analyze logs, alerts, and network traffic using SIEM and other monitoring tools to detect internal and external risks.
• Ensure all systems are updated with the latest firmware and software patches in alignment with security policies.
• Provide expert guidance to ensure secure deployment of business applications.
• Must be available to respond to afterhours and on weekends and holidays for emergency or incident response.

Project Leadership

• Lead technical teams in implementing infrastructure security upgrades (e.g., firewalls, antivirus, DLP, IDS, web/email filters).
• Manage the full lifecycle of approved security projects, from evaluation to execution.
• Collaborate with technology teams to ensure solutions align with infrastructure standards.
• Lead Security Analysts and oversee daily tasks and project deliverables.

Security Strategy & Planning

• Partner with senior leadership to design and implement a multi-layered security strategy.
• Research and recommend short- and long-term infrastructure enhancements.
• Contribute to the annual IT strategic planning process and future infrastructure improvements.
• Engineer secure, scalable solutions to support business systems and network integrity.

Security Guidance & Documentation

• Recommend and implement network controls such as port security, VLAN restrictions, certificate management, and MAC filtering.
• Maintain accurate documentation of network security infrastructure and licensing.
• Follow established procedures for configuration changes and system turnover.

Audit & Compliance

• Conduct internal and external self-scan audits and address findings.
• Prepare for IT audits and manage resolution of identified issues.

Professional Development

• Stay current with trends in IT and information security to support evolving organizational needs.
• Engage in ongoing professional development through training, certifications, and industry networking.
• Maintain and pursue relevant certifications as required.

Requirements:

QUALIFICATIONS:

• 5 to 8 years of similar or related experience.
• A bachelor’s degree in cyber security or a related technical field.
• A cyber security related certification such as CISSP, CISM, CISA, MCITP, or CCNA.
• Experience with infrastructure consisting of firewalls, IPS/IDS and security tools and appliances.
• Experience with networking to include ports, protocols, services, routing, virtual private networks, and security protocols.
• Experience evaluating, implementing, and maintaining web and email filters, DLP solutions or similar tools.
• Experience with antivirus/antimalware and end point protection platforms
• Extensive experience with Microsoft Server domains, Active Directory, Group Policy, PowerShell, M365 environments
• Experience designing, implementing, and maintaining SIEM tools and platforms.
• Strong analytical skills, and ability to evaluate risks and identify mitigation strategies.
• Ability to troubleshoot and evaluate complex security issues and vulnerabilities.
• Strong collaboration, relationship-building, and communication skills

BENEFITS:

We offer an attractive suite of benefits to employees who work an average of 20 hours per week or more, including: Health, Dental, Vision, up to a 7% employer 401(k) contribution after the first year of employment. Employees are eligible for Life Insurance, Long-Term Disability, Health & Wellness Spending Account, Tuition Reimbursement, and Employee Loan Discounts. Employees accrue Paid Time Off starting with 18 days accrual at full time annually, and 13 company paid holidays. Employees are also eligible for Family Forming Leave, and Volunteer Time Off.

Equal Employment Opportunity has been, and will continue to be, a fundamental principle at the University of Virginia Community Credit Union, where employment is based upon personal capabilities and qualifications without regard to race, color, gender, gender identity, religion, sexual orientation, pregnancy, childbirth, or a medical condition related to pregnancy or childbirth, national origin, citizenship, disability, age, genetic information, marital status, amnesty or status as a covered veteran in accordance with applicable federal, state, and local laws.