The Cyber Operations Supervisor reports to the CISO and oversees a team of Information Security Analysts and Information Security Engineers responsible for defending ICCU’s information systems and technology environments. This leader is accountable for the development, maturation, and delivery of world-class cyber defense capabilities that protect the Credit Union from evolving threats and enhance enterprise resilience. The role oversees and delivers an optimal mix of cyber defense technologies, platforms, and third parties to drive effective security monitoring, threat detection, investigation, incident response, and recovery capabilities. In partnership with the CISO and other leaders, the Cyber Operations Supervisor helps establish strategic priorities in support of the ICCU Information Security Program and strengthens ICCU’s ability to anticipate, withstand, respond to, and recover from cyber threats.
Duties and Responsibilities
- Manage, oversee, and prioritize ICCU’s cyber operations activities, including security monitoring, alert triage, investigation, escalation, incident response, and recovery coordination.
- Oversee the daily work and operational effectiveness of Information Security Analysts and Information Security Engineers, ensuring high quality execution, appropriate prioritization, and timely resolution of cyber threats, events, and operational issues.
- Lead the development, tuning, and continuous improvement of cyber detection, alerting, monitoring, and response capabilities across ICCU’s information systems and technology environments, including efforts to reduce false positives, minimize false negatives, and improve the accuracy and effectiveness of cyber defense operations.
- Oversee and deliver an optimal mix of cyber defense technologies, platforms, and third parties to support effective security operations, visibility, investigation, containment, and recovery.
- Oversee and optimally integrate SOCaaS and MDR services into ICCU’s cyber operations to enhance monitoring coverage, detection effectiveness, escalation workflows, investigation support, and incident response coordination.
- Coordinate and oversee the investigation of security events, incidents, suspicious activity, and potential intrusions, ensuring appropriate documentation, escalation, communication, and follow-through.
- Provide oversight of ICCU’s incident response program and related governance, ensuring the ongoing maturity, maintenance, testing, and continuous improvement of incident response policies, plans, procedures, escalation pathways, communication protocols, and coordination mechanisms.
- Direct cyber operations efforts related to threat detection, threat hunting, security systems tuning, and the identification of anomalous or malicious activity across endpoint, network, identity, cloud, and application environments.
- Oversee the administration, health, integration, and effectiveness of operational security technologies such as SIEM, EDR, IDS/IPS, email security, vulnerability management systems, security logging and monitoring platforms, SOAR capabilities, AI-enabled security capabilities, and other defensive technologies.
- Champion an industry-leading and risk-balanced approach to leveraging AI capabilities across cyber operations, advancing secure and effective use of AI to improve detection, investigation, response, automation, and operational scale while ensuring appropriate governance, transparency, human oversight, and alignment with ICCU policies and risk tolerance.
- Partner with infrastructure, network, systems, cloud, application, fraud, risk, and business teams to improve defensive controls, strengthen security operations processes, and support secure business growth.
- Provide technical and operational leadership in the evaluation, implementation, configuration, and improvement of cyber defense tools, integrations, workflows, and supporting processes.
- Oversee the creation, maintenance, and continual improvement of operational procedures, technical documentation, response workflows, playbooks, and reporting related to cyber operations.
- Lead and develop operational metrics, dashboards, and reporting that measure cyber defense effectiveness, identify trends, support leadership visibility, and drive continual improvement.
- Coordinate response activities with internal teams and external partners, including vendors, service providers, and other third parties involved in security operations or incident support.
- Support the broader ICCU Information Security Program by helping establish priorities, align operational capabilities to strategic objectives, and ensure cyber operations activities are integrated with enterprise security efforts.
- Supervise and oversee the development, training, coaching, and growth of cyber operations team members.
- Ensure budgets are properly managed and adhered to, and deadlines are met.
- Maintain strong familiarity with technical, threat, and industry developments.
- Other duties and projects as assigned.
Education and Experience
- A Bachelor’s Degree in Computer Science, Information Security, Information Assurance, Computer Information Systems, Cybersecurity, or a similar technical field is required.
- A Master’s Degree in Cybersecurity, Information Security, Computer Science, Information Assurance, Computer Engineering, Software Engineering, Data Science, or a similar technical field is preferred.
- A Certified Information Systems Security Professional (CISSP) or equivalent certification or training is required.
- One or more of the following certifications (or equivalent) are strongly preferred: Certified Information Security Manager (CISM), GIAC Security Operations Certified (GSOC), GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), CompTIA Cybersecurity Analyst (CySA+), CompTIA Security+ (Security+), GIAC Machine Learning Engineer (GMLE), Advanced in AI Security Management (AAISM).
- Candidates should have at least 6+ years of relevant experience combined with excellent leadership, communication, judgment, and organizational skills and a proven track record of both leading a team and building, maturing, or overseeing cyber operations capabilities. Prior experience managing Cyber / Information Security operations is preferred.
- Candidates should have substantial experience with cyber defense operations, including security monitoring, threat detection, investigation, incident response, security engineering collaboration, and the administration or oversight of operational security platforms.
- Candidates should have experience leading or overseeing cyber operations technologies and services such as SIEM, EDR, IDS/IPS, email security, vulnerability management systems, SOAR, AI-enabled security capabilities, logging and monitoring platforms, SOCaaS, MDR, or similar capabilities.
- Candidates should have experience improving cyber detection and response outcomes, including tuning detections, reducing false positives, minimizing false negatives, and improving operational effectiveness.
- Candidates should have experience evaluating, governing, or securely leveraging AI capabilities in cyber operations in a manner that is effective, risk-balanced, and aligned with enterprise governance and human oversight expectations.
- Candidates must be familiar with corporate IT infrastructure, systems, cloud and identity environments, and processes, and have a holistic understanding of an enterprise information security program.
- Candidates should have substantial experience in project management and project leadership.
- Excellent oral and written communication skills and an ability to work independently are required.
Certifications
Certified Information Systems Security Professional (CISSP); Certified Information Security Manager (CISM), GIAC Security Operations Certified (GSOC), GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), CompTIA Cybersecurity Analyst (CySA+), CompTIA Security+ (Security+), GIAC Machine Learning Engineer (GMLE), Advanced in AI Security Management (AAISM)
Physical Requirements
- Ability to perform tasks requiring manual dexterity, such as processing paperwork, typing, filing, and handling cash.
- Prolonged periods of sitting or standing, as required by job duties.
- Occasionally lift and move items weighing up to 20–40 pounds (e.g., copy paper, cash drawers, marketing materials).
- Frequent repetitive motions involving wrists, hands, and fingers (e.g., typing, data entry).
- Ability to reach and operate keyboards and other standard office equipment.
- Operate basic office machines and technology, including computers, calculators, telephones, and multifunction printers.
Note: Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of the position.
This role offers benefits, including:
- Medical, Dental, & Vision Insurance
- Matching 401K AND Pension
- Employee Assistance Program
- Employee Wellness Program
- Paid Group Life and Disability Insurance
The above statements reflect the general details considered necessary to describe the essential functions of the job and should not be construed as a detailed description of all the work requirements that may be inherent of the job.
Must be eligible for membership at ICCU to obtain employment.
ICCU is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, age, disability, protected veteran status or other characteristics protected by law.
Equal Opportunity Employer
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights (https://www.eeoc.gov/poster) notice from the Department of Labor.