VisionFund Micro Finance Institution (S.C) is an Institution established according to proclamation No. 40/96 to provide financial services to the productive poor in the rural and urban areas of Ethiopia. VisionFund MFI is currently operating in five of the Regional States of the country. VisionFund MFI is looking for competent candidates for the position of Senior IT Risk Management Officer. The successful candidates will have skills and experience that meet the following requirements:
To perform comprehensive Information Technology risk assessments, including emerging threats, vulnerabilities, and potential impacts on the VFMFI's operations regarding the identification and treatment of IT, information security, third-party, and data-related risks.
This role supports the Risk Management Division Manager in information technology risk management processes, ensuring oversight; establishing and managing the security policy framework and relevant standards; and overseeing security, privacy, contractual, and compliance requirements through strategy development and implementation.
Specific Duties and Responsibilities
Oversee the IT risk management framework and processes to mitigate any loopholes that may exist in the day-to-day business while using the core banking solution, digital banking, and any ICT-related risk exposures.
Support and monitor the change management process to ensure compliance and effectiveness in mitigating IT risk
Implement plans for information Technology risk management and oversee them through to completion, protecting the VFMFI from any misconduct and handling of information technology.
Proactively identify IT-related potential threats, vulnerabilities and associated risks for the MFI and submit recommendations for improvement.
Ensure compliance with IT policy, all laws and regulations relating to information risk and information security within the MFI.
Oversee risk and governance, policies and tools related to information security and risk control in the MFI.
Design a risk management program that focuses on the reduction of information security risk to the MFI.
Develop and monitor enterprise frameworks and methodologies for information security risk management processes to extend coverage and give a better definition of information security assurance for the MFI.
Lead cyber incident response and collaborate with the business lines to improve information risk processes.
Maintain compliance with all laws and regulations relating to information risk and information security within the bank.
Escalate identified issues on the IT systems and Business Continuity and Disaster Recovery processes and initiate updates for major changes in hardware, applications, documentations, and business processes accordingly.
Collaborate on change initiatives to advise and challenge on the implementation of information security and general IT controls requirements.
Prepare the IT risk register, ensure risk appetite within predefined thresholds, and analyse risk scenarios to determine their impact on the MFI’s business objectives.
Engage with the IT team to enhance the MFI’s exposure toward cybersecurity and provide awareness and training on IT and cybersecurity risks to staff.
Perform other related duties assigned by the supervisor
Job Requirements
Minimum Qualifications
A) Education/Training
B) Experience
C) Required Skills
Knowledge of risk management methodologies
Knowledge of research methodology
Analytical and evaluation skills
Proficient in Microsoft Office applications
Excellent written and oral communication skills
Technological & digital literacy
Terms of Employment: Permanent
Salary & benefits: as per the company scale
Closing Date: August 11, 2025
How to Apply:
Candidates who fulfill the above requirements can send the application letter, updated curriculum vitae with names and addresses of up to 3 references and non-returnable copies of credentials to VFE_Vacancy@wvi.org.
