Head of IT Risk Management Unit

Lapo MFB

Apply for this job   

Share this job:

LAPO Microfinance Bank Limited, a premium microfinance bank and the largest with 386 branches across Nigeria, and a reputation for providing responsive financial products and services to its growing clientele.


Job Description

Key Responsibilities:  

  • Articulate IT Risk Governance Framework i.e. IT Risk Philosophy, Risk Appetite thresholds, Risk Appetite limits and align IT risk strategy with dynamic corporate strategy objectives.
  • Provide support to the Executive Risk Management Committee in the design and implementation of a Bank-wide Information Security Management System (ISMS) that conforms with the enterprise Information Security Policy.
  • Promote a culture of IT Risk Management in all staff strata, across every unit and arm of LAPO Mfb and design policy framework of incentives and sanctions to always keep tenets of IT Risk culture alive. 
  • Promote, monitor and continuously enhance operational measures that compel IT infrastructure and staff to deliver optimum Confidentiality, Data Integrity and System Access always to stakeholders of LAPO Mfb. 
  • Initiate business process design to optimize business productivity and assist the management and individual business units to meeting their Management Information System needs, leveraging existing IT Infrastructure. 
  • Create a framework that proactively compels IT & Operations Group of LAPO Mfb to dynamically identify, assess/measure, monitor, control, report & evaluate IT risk bank-wide.
  • Design a framework and Coordinate periodic business continuity and disaster recovery testing, monitoring and reporting to the CRO and relevant Management Risk Committee. 
  • Evaluate Management Information Systems Bank-wide and continuously Challenge heads of Operating and staff units to create and/or upgrade their Mgt. Information Systems, to provide high quality information that would aid LAPO management in effective decision making.
  • Institute management information systems controls and monitoring. 
  • Establish and monitor key risk indicators, as well as implement corrective action plans to mitigate IT risks. 
  • Test information systems controls to verify effectiveness and efficiency prior to implementation. 
  • Facilitate the identification and setting of metrics and key performance indicators (KPIs) for the measurement of information systems control performance in meeting business objectives. 


Working Relationships

Effective working relationships are an essential part of daily life.  The focus of this role is both:-  

Internal: Colleagues within Risk Management Department, Head of departments/groups/units; and  

External:  Other Departments


Education qualification

First degree in Computer Science or equivalent qualification in relevant field; with more than 4 years of experience in Information Security Management plus at least 2 years’ experience in core IT Risk Management Experience in banking industry would be preferred 



Holder of additional qualification such as Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM)


Language: Fluency in English

Age limit: Between 30 and 40 years of age



Competitive and based on qualification and experience



Lapo MFB

Job Level

Manager (Staff Supervisor/Head of Department)




Information Technology

Job Type


Minimum Qualification


Preferred Years of Experience

3 - 5 years

Application Deadline

2 months from now