Senior IT Risk Management Officer

About the Organization:

VisionFund Micro Finance Institution (S.C) is an Institution established according to proclamation No. 40/96 to provide financial services to the productive poor in the rural and urban areas of Ethiopia. VisionFund MFI is currently operating in five of the Regional States of the country. VisionFund MFI is looking for competent candidates for the position of Senior IT Risk Management Officer. The successful candidates will have skills and experience that meet the following requirements:

Purpose of Job

To perform comprehensive Information Technology risk assessments, including emerging threats, vulnerabilities, and potential impacts on the VFMFI’s operations regarding the identification and treatment of IT, information security, third-party, and data-related risks.

This role supports the Risk Management Division Manager in information technology risk management processes, ensuring oversight; establishing and managing the security policy framework and relevant standards; and overseeing security, privacy, contractual, and compliance requirements through strategy development and implementation.

Specific Duties and Responsibilities

• Oversee the IT risk management framework and processes to mitigate any loopholes that may exist in the day-to-day business while using the core banking solution, digital banking, and any ICT-related risk exposures.
• Support and monitor the change management process to ensure compliance and effectiveness in mitigating IT risk
• Implement plans for information Technology risk management and oversee them through to completion, protecting the VFMFI from any misconduct and handling of information technology.
• Proactively identify IT-related potential threats, vulnerabilities and associated risks for the MFI and submit recommendations for improvement.
• Ensure compliance with IT policy, all laws and regulations relating to information risk and information security within the MFI.
• Oversee risk and governance, policies and tools related to information security and risk control in the MFI.
• Design a risk management program that focuses on the reduction of information security risk to the MFI.
• Develop and monitor enterprise frameworks and methodologies for information security risk management processes to extend coverage and give a better definition of information security assurance for the MFI.
• Lead cyber incident response and collaborate with the business lines to improve information risk processes.
• Maintain compliance with all laws and regulations relating to information risk and information security within the bank.
• Escalate identified issues on the IT systems and Business Continuity and Disaster Recovery processes and initiate updates for major changes in hardware, applications, documentations, and business processes accordingly.
• Collaborate on change initiatives to advise and challenge on the implementation of information security and general IT controls requirements.
• Prepare the IT risk register, ensure risk appetite within predefined thresholds, and analyse risk scenarios to determine their impact on the MFI’s business objectives.
• Engage with the IT team to enhance the MFI’s exposure toward cybersecurity and provide awareness and training on IT and cybersecurity risks to staff.
• Perform other related duties assigned by the supervisor

Minimum Qualifications

A) Education/Training

• Minimum BA Degree in Computer Science, Information Technology, or the relevant field. The availability of the IT risk management certification provides added value.

B) Experience

• A minimum of 5 years of relevant work experience, of which at least two years in a senior IT risk management officer position in Banks or MFIs or any other financial service providing companies.

C) Required Skills

• Knowledge of risk management methodologies
• Knowledge of research methodology
• Analytical and evaluation skills
• Proficient in Microsoft Office applications
• Excellent written and oral communication skills
• Technological & digital literacy

Terms of Employment: Permanent

Salary & benefits: as per the company scale

Closing Date: August 11, 2025