Risk and Information Security Officer

BOF, Inc. is looking for a highly analytical and detail-oriented Risk and Information Security Officer (RISO) to support the Bank’s risk management and information security initiatives. This role is ideal for a banking professional with strong knowledge of risk governance, compliance, operational controls, and information security practices.

You will play a critical role in supporting the Chief Compliance Officer in overseeing the Bank’s risk-taking activities, ensuring alignment with the Bank’s strategic direction, risk appetite, and regulatory requirements while strengthening the organization’s information security framework.

• Supporting the Board of Directors in developing and implementing the Bank’s risk appetite and risk limits structure
• Recommending enhancements to risk management policies, guidelines, and procedures (PGPs) to strengthen the Bank’s risk management capabilities
• Documenting, updating, and disseminating risk management and information security-related PGPs in compliance with regulatory and industry standards
• Monitoring developments, trends, and best practices in risk management and information security to recommend timely policy improvements
• Conducting risk assessments for new products, services, systems, and operational initiatives
• Participating in the review of IT outsourcing contracts and system development projects to ensure adequate security controls and compliance requirements
• Coordinating company-wide information security awareness and training programs
• Monitoring and updating the Bank’s information security program to address changes in operations, systems, and emerging threats
• Handling information security incidents and suspected breaches, including coordinating response activities with concerned groups
• Conducting periodic reviews of user access rights to applications and network resources
• Attending ITSC meetings to report information security incidents, concerns, and recommended actions
• Performing other duties related to risk management and information security as assigned

• A banking professional with strong knowledge of risk management, compliance, and operational controls
• Knowledgeable in IT risk management and information security principles and practices
• Analytical, detail-oriented, and capable of identifying operational and security risks
• Able to draft, review, and improve policies, procedures, and governance frameworks
• Effective in coordinating with different departments and handling confidential information with professionalism and integrity
• Preferably a graduate of any Business-related course
• Preferably with IT and Information Security knowledge
• Preferably with at least ten (10) years of relevant banking experience

• Play a vital role in strengthening the Bank’s risk governance and information security framework
• Gain exposure to enterprise risk management, compliance, IT security, and operational governance
• Contribute directly to the Bank’s operational resilience and regulatory compliance initiatives
• Be part of a mission-driven rural bank serving and supporting MSMEs since 1964
• Work with a team guided by BOF’s C.A.R.I.N.G. values and commitment to long-term partnerships

Ready to Strengthen Risk and Information Security?

If you’re passionate about risk management, information security, and building a more secure banking environment—we’d love to hear from you. Apply now.