Jobs at World Vision International

Incumbents working in an IT Security Advisor role are responsible for developing and managing security across multiple IT functional areas (e.g., data, systems, network and/or Web) across the enterprise, develop and manage enterprise security services, and develop security solutions for complex assignments to ensure the company’s infrastructure and information assets are protected. They work on multiple projects as a team lead.

Individuals within the IT Security job family plan, execute, and manage multi-faceted projects related to compliance management, risk assessment and mitigation, control assurance, business continuity and disaster recovery, and user awareness. They are focused on developing and driving security strategies, policies/standards, ensuring the effectiveness of solutions, and providing security-focused consultative services to the organization.

Individuals develop, execute and manage data, system, network and internet security strategies and solutions within a business area and across the enterprise. They develop security policies and procedures such as user log-on and authentication rules, security breach escalation procedures, security auditing procedures and use of firewalls and encryption routines. To guide enforcement of security policies and procedures, they administer and monitor data security profiles on all platforms by reviewing security violation reports and investigating security exceptions. They update, maintain and document security controls and provide direct support to the business and internal IT groups. IT Security

professionals evaluate and recommend security products, services and/or procedures. They also communicate and educate IT and the business about security policies and industry standards, and provide solutions for enterprise/business security issues.

IT Security professionals require strong technical, analytical, communication and consulting skills with knowledge of IT Security and related technologies. Security certifications (i.e., Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), Certified Information Security Manage (CISM), Global Information Assurance Certification (GIAC) and/or other certifications) may be required.

KEY RESPONSIBILITIES:

Strategy:

• Provides strategic and tactical direction and consultation on security and IT compliance.

Policies, Procedures & Standards:

• Maintains an up-to-date understanding of industry best practices.
• Develops, enhances and implements of enterprise-wide security policies, procedures and standards.
• Monitors the legal and regulatory environment for developments.
• Recommends required changes to IT policies and procedures.
• Supports service-level agreements (SLAs) to ensure that security controls are managed and maintained.
• Monitors compliance with security policies, standards, guidelines and procedures.
• Ensures security compliance with legal and regulatory standards.

Business Requirements:

• Engages directly with the business to gather a full understanding of project scope and business requirements.
• Works with customers to identify security requirements using methods that may include risk and business impact assessments.
• Consults with other business and technical staff on potential business impacts of proposed changes to the security environment.
• Provides security-related guidance on business processes.

Security Solutions:

• Works closely with IT and development teams to design secure infrastructure solutions and applications, facilitating the implementation of protective and mitigating controls.

Operations Solutions:

• Defines security configuration and operations standards for security systems and applications, including policy assessment and compliance tools, network security appliances, and host-based security systems.
• Defines and validates baseline security configurations for operating systems, applications, networking and telecommunications equipment.

Risk Assessments:

• Works directly with the customers and other internal departments and organizations to facilitate IT risk analysis and risk management processes and to identify acceptable levels of residual risk.
• Conducts business impact analysis to ensure resources are adequately protected with proper security measures.
• Assesses potential items of risk and opportunities of vulnerability in the network and on information technology infrastructure and applications.
• Reviews risk assessments, analyzes the effectiveness of IT control activities, and reports on them with actionable recommendations.
• Monitors risk mitigation and coordinates policy and controls to ensure that other managers are taking effective remediation steps.
• Manages the oversight of technical risks assessments, such as vulnerability scanning and penetration testing.

Information/Data Security:

• Defines, identifies and classifies information assets.
• Assesses threats and vulnerabilities regarding information assets and recommends the appropriate information security controls and measures.
• Develops and manages security measures for information systems to prevent security breaches.
• Manages project documentation (compliance documentation, security plans, risk assessment, corrective action plans, etc.).
• Consults with clients on the data classification of their resources.

Security Audits:

• Performs security audits.
• Participates in security investigations and compliance reviews as requested by external auditors.
• Conducts and reports on internal investigations of possible security violations.
• Consults with clients on security violations.

Security Support:

• Provides security support to ensure that security issues are addressed throughout the project life cycle.
• Provides responsive support for problems found during normal working hours as well as outside normal working hours.
• Leads and responds to security incidents and investigations and targets reviews of suspect areas.
• Consults on teams to resolve issues that are uncovered by various internal and 3rd party monitoring tools.

Business Continuity/Disaster Recovery:

• Coordinates the administration and logistical procedures for disaster recovery testing, and integration of all enterprise “critical” systems.
• Identifies and coordinates resolution of recovery issues.
• Ensures recovery drills are performed and analyzes performance.

Security Performance Management:

• Analyzes reports and makes recommendations for improvements.

Communications/Consulting:

• Serves in an advisory role in application development projects to assess security requirements and controls and ensures that security controls are implemented as planned.
• Collaborates on critical IT projects to ensure that security issues are addressed throughout the project life cycle.
• Informs stakeholders about compliance and security-related issues and activities affecting the assigned area or project.
• Interfaces with business and IT leaders communicating security issues and responding to requests for assistance and information.
• Reports to management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance.

Vendor Management:

• Works with third party vendors during problem resolutions.
• Interfaces with third party vendors to evaluate new security products or as part of a security assessment process.

Research/Evaluation:

• Leads and reviews application security risk assessments for new or updated internal or third party applications.
• Maintains contact with vendors regarding security system updates and technical support of security products.

Training:

• Develops security awareness and compliance training programs.
• Provides communication and training as needed.
• Provides security briefings to advise on critical issues that may affect client.
• Conducts knowledge transfer training sessions to security operations team upon technology implementation.

Coaching/Mentoring:

• Provides ongoing knowledge transfer to team members and clients on security products and standards.
• Mentors less-experienced team members.

KNOWLEDGE, SKILLS AND ABILITIES:

• Bachelor’s Degree in Computer Science, Information Systems or other related field, or equivalent work experience.
• Requires in-depth knowledge of security issues, techniques and implications across all existing computer platforms.
• A high proficiency level in specific job related skills is required.
• Typically requires 5 – 7 years of combined IT and security work experience with a broad range of exposure to data protection and privacy, PCI-DSS compliance, risk management, incident management, and cybersecurity.
• Experience designing and implementing security solutions.
• Willingness and ability to travel domestically and internationally, as necessary.
• Requires Security Certification (i.e., Certified Information Systems Security Professional (CISSP).
• Effective in written and verbal communication in English (desired).
• Effective in writte and verbal communication in Spanish (preferred).

Preferred Skills, Knowledge and Experience:

• CISSP certification.
• PCI-ISA certification.
• IAPP-CIPT certification.
• (Other Information Security certifications will be considered).
• Vendor Management experience.
• Project Management experience.
• Risk Management experience.
• Incident Management experience.
• Cybersecurity experience.
• Privacy Program Management experience.
• PCI Compliance experience.

Work Environment/Travel:

• The position requires ability and willingness to travel domestically and internationally up to 20% of the time.

go to method of application »

The Core Banking Systems (CBS) manager is dedicated to planning, administering and supporting VisionFund’s Core Banking Systems across the VFI network. He/she ensures MFI adoption of and compliance with VFI standards in information technology, as well as be able to manage related IT Risks. He/she plays a role as a business and system analyst on core systems through gathering business requirements, change initiatives of systems, related business process improvements, and system release management. Lead and support system implementations and/or upgrades, and requisite customizations system and software related support request.

Major Responsibilities:

• Responsible for the ownership, accountability and delivery of key Core Banking Systems projects.
• Support MFIs with system upgrades and implementations, to ensure that the MFI has resourced the project correctly, that appropriate contracts are in place with vendors, and that the various phases of the project are designed correctly and executed to plan.
• TPM oversight can include software vendors certification to monitor project project progress, approve vendor resourcing and provide key decision-making.

Support MFIs in making decisions on the selection and deployment of Core banking Systems:

• VFI has identified global strategic platforms and standards, The MFI is responsible for local implementations and the CBS manager is responsible for overall strategic alignments with VFI standards and initiatives.
• Will work with MFIs in designing how their systems can help improve their business processes and controls.
• The CBS manager ensures the design is sound in functional verticals (credit, savings, insurance, mobile), addresses cross functional interdependencies and adhere to VFI strategic goals.

Oversee related projects at country level on the gathering of functional specification for the MFI, in line with VF standards:

• Evaluation, clarification and correction of standards to reflect VF global strategy and to ensure continued industry leading best practices.
• Finding a balance between enforcing current standards and developing those based on lessons learned.
• Propose, develop and implement plans for centralization and shared services in terms of connectivity, hardware and support, plus supporting other operational shared functions, for Core Banking Systems (VF strategic platforms).

Critical Knowledge, Technical Skills and Experience:

• 10+ years of project management experience working to recognized PM methodologies.
• Experience of leading a number of successful microfinance/banking systems implementations, ideally in developing countries.
• Understanding of microfinance/retail banking operations, from a credit, financial, risk and systems perspective.
• Educated to degree level, in information technology or related discipline.
• Project Management Professional (PMP), PRINCE2 or related project management qualification/certification.
• Requirement for Spanish and/or French in addition to English.

Work Environment:

• The position requires ability and willingness to travel domestically and internationally up to 30% -40% of the time.

VisionFund International aims to be diverse and inclusive organisation and candidates of all backgrounds and cultures are welcomed.

We are dedicated to all our staff development and their success. We aspire for all employees to be fulfilled through their work and their contributions to an organisation working to provide long-term sustainable solutions to the world’s most vulnerable people.

go to method of application »

VisionFund commenced a strategic initiative to use insurance tools and techniques to help create financial safety nets for the poor. This then prevents them from falling back into poverty when shocks occur. This role is set to ensure the delivery of our insurance operations in our network.

The work will involve strong project management and co-ordination of many stakeholders as well as highly technical design of insurance solutions. The successful candidate will drive pragmatic implementation of insurance solutions into VisionFund’s operations to create affordable financial safety nets for the borrowers. This role is proactive, making sure results are achieved as per the defined plan in our MFIs and developing plans in the others.

Major Responsibilities:

Insurance Business Development:

• Put together measures that would coordinate the analysis of the insurance client needs in the branches in order to define products that will serve their needs.
• Enhance awareness of potential for all insurance products within the whole network through the development (with the MFI) of a clear insurance ambition for each country that combines impact potential and financial income.
• Drive business case analysis for different insurance product types within MFI.

Integration of Insurance within MFIs:

• Develop and then ensure a smooth implementation and integration of the insurance activities into VisionFund’s existing operations.
• Advise and specify teams’ skills for all kinds of insurance business management.
• Make the case for change to senior stakeholders and take staff and clients along the implementation journey to make the offering of insurance products cost effective and efficient, leveraging the existing administrative processes in the MFIs.

Insurance Product Development:

• Ensure insurance product design activities within VFI bring to a practical and cost effective conclusion by gathering qualitative and quantitative data.
• Ensure inputs from other specialists is driven towards practical solutions that will work for VisionFund and for the poor.
• Interact effectively with a very diverse range of stakeholders serving to deliver insurance products.

Training and writing of SOP:

• To conduct and deliver trainings for MFIs staff who deal with Insurance.
• To identify talent and potential successors for this role, among MFI staff.
• Coach them and identify right trainings and stretch assignments for their development.
• To contribute and provide inputs for training curriculum for MFI staff for them to raise awareness of insurance among clients and be able to sell insurance products.

Reporting:

• Reports for VisionFund global, regional.
• Assist local management to report to their boards on key insurance projects.
• Be responsible for quality reports for Insurance program implementation within MFI and VFI.

Critical Knowledge, Technical Skills and Experience:

• Minimum of 10 years of work experience: at least 5 years of experience in business development in SME/ micro-banking, insurance or microfinance.
• Some experience in partnership distribution is required. And minimum of 5 years experience in developing countries of managing insurance projects (client engagement, implementing insurance operations in partnership (bancassurance), designing clear plans for countries, and getting results in different contexts).
• Strong analytical and organizational skills.
• Hands-on, “can do” approach. Someone who gets things done and has a track record of achieving results through others via remote calls.
• Excellent interpersonal and influencing skills including cross-culturally.
• A clear communicator with excellent presentation and negotiation skills.
• Proven ability to work in cross-functional teams of experts and influence and collaborate with multiple stakeholders at all levels in an organization.
• Must be client-centric and business minded, and committed to creating sustainable microinsurance products to serve uninsured, low-income people.
• Bachelors degree in business administration, economics, international relations, accounting or other relevant subject.
• Technical insurance qualifications are a significant added plus.
• Experience in health insurance company would be a clear asset.
• Masters or MBA preferred.
• Ability and willingness to work with the remote team members working in multiple different time zones
• Travel to the field may include remote rural locations.
• Requirement for Spanish and/or French, in addition to excellent verbal, written and presentation skills in English.

Work Environment:

• The position requires ability and willingness to travel domestically and internationally up to 20% of the time.