DFCU Bank
Reporting to the Head of Internal Controls, the role provides independent assurance on the adequacy and effectiveness of controls across the Technology, Digital Transformation, and Operations domain.
The role supports to proactively identify and assess operational and emerging risks, evaluate the adequacy of internal controls, and ensure they are maintained at acceptable levels across the domain.
The role also carries responsibility for driving compliance with internal policies and regulatory standards, mitigating emerging risks, and contributing to operational efficiency improvements.
DUTY STATION: Head Office
KEY ACCOUNTABILITIES:
- Plan, prioritize, and coordinate the execution of scheduled and ad hoc control assurance reviews across the domain in liaison with key stakeholders, ensuring full compliance with the approved assurance methodology and annual monitoring plan.
- Ensure timely, high-quality delivery of all assurance reviews in accordance with agreed timelines, scope, and reporting standards.
- Supervise and review the work of Internal Control Officers to ensure conformance with the assurance methodology, including adherence to minimum testing procedures, documentation standards, and quality of outputs.
- Develop, maintain, and continuously improve risk-based monitoring checklists used to assess and report on the adequacy and effectiveness of controls across the Technology, Digital Transformation & Operations Domain.
- Facilitate the periodic validation of control self-assessment tools including Risk and Control Self-Assessments (RCSAs) and Key Risk Indicators (KRIs), ensuring accuracy, completeness, and alignment with the current risk and control environment.
- Proactively assess controls related to new product launches, business initiatives, technology deployments, and process changes to confirm that appropriate controls are designed, tested, and operational both pre- and post-implementation.
- Monitor and validate the remediation of issues arising from internal audits, regulatory reviews, investigations, and control assessments — including independent verification of implemented interventions prior to formal closure.
- Monitor the implementation of risk and compliance management processes, ensuring ongoing adherence to applicable standards, policies, and procedures.
- Oversee effective implementation of the Operational Risk Management Framework across the domain, including loss event management, incident reporting, Business Continuity Management (BCM), and Integrated Risk Management (IRM), in line with the approved framework.
- Lead root cause analysis exercises for control failures and significant risk events, ensuring that systemic issues are identified, appropriate remedial actions are agreed upon, and implementation is tracked to completion.
- Serve as a trusted risk advisor to business and functional teams within the domain, providing timely, practical guidance on control design, risk appetite, and the management of emerging operational risks.
- Provide first line assurance input into risk assessments for proposed process changes, new initiatives, and strategic projects, helping business owners understand and address control gaps before they materialise.
- Proactively identify thematic risk trends and control weaknesses emerging across the domain and escalate these with supporting analysis and recommended management actions.
- Maintain awareness of the regulatory landscape, industry developments, and internal policy changes relevant to the domain, advising stakeholders on implications for their control environments.
- Provide structured assurance oversight on projects and change initiatives within the domain, ensuring that risk and control considerations are embedded throughout the project lifecycle — from initiation through to post-implementation review.
- Engage with project teams and sponsors at key milestones to assess whether project governance, risk management, and control frameworks are adequate and operating effectively.
- Escalate unresolved control gaps or unacceptable residual risks on projects to senior management with clear, evidence-based recommendations for remediation.
- Maintain a register of active projects and change programmes within the domain, tracking the status of control-related commitments and assurance findings through to closure.
- Lead, coach, and develop the team of Internal Control Officers, setting clear performance objectives, providing ongoing feedback, and supporting professional growth and technical capability development.
- Allocate work across the team in a manner that reflects individual strengths, development needs, and operational priorities, ensuring consistent quality and delivery across all assurance activities.
- Foster a collaborative, high-performance team culture grounded in integrity, attention to detail, and continuous improvement.
- Champion a strong risk and control culture across the domain through structured training, stakeholder engagement, and visible leadership — positioning Internal Controls as a value-adding partner rather than a compliance exercise.
- Prepare and present clear, concise assurance reports and management information to senior stakeholders, including trend analysis, key risk themes, and the overall health of the control environment.
KNOWLEDGE, SKILLS, AND EXPERIENCE REQUIRED:
- A minimum qualification of a Bachelor’s Degree in a Business-related field or IT.
- A relevant post graduate qualification will be an added advantage.
- Relevant professional certifications IT risk and assurance and qualifications in risk management / audit will be an added advantage.
- At least 8 years’ experience in banking / financial services, 4 of which should have been in risk and control-related roles.
- Solid background in risk management, internal controls, IT, risk assurance and collaboration with multiple stakeholders to foster a culture of accountability and risk-awareness.
- Knowledge of risk management frameworks and processes.
- Knowledge of laws, regulations, policies, and ethics as they relate to banking.
- Knowledge of applicable business processes and operations of financial institutions.
- Knowledge of enterprise risk management and business continuity planning.
- Strong leadership skills.
- Excellent collaboration and communication skills.
- Analytical Thinking & Risk Judgement: Applies structured, evidence-based thinking to assess complex control environments, interpret data and exception reports, and draw well-reasoned conclusions about risk exposure. Able to distinguish between symptoms and root causes, and to form independent judgements even in ambiguous or information-limited situations.
- Planning, Organization & Delivery: Plans and prioritizes assurance activities effectively across competing demands, managing the team’s workload to deliver the annual monitoring plan on time and to the required quality standard. Anticipates resource constraints, adjusts plans proactively, and maintains a clear line of sight between day-to-day activities and broader assurance objectives.
- Problem Solving & Decision Making: Identifies the critical issues within a problem, evaluates available options with appropriate rigour, and commits to workable solutions without unnecessary escalation. Exercises sound judgement in determining when an issue requires immediate escalation versus when it can be resolved at team level and takes accountability for the decisions made.
- Strategic Perspective: Understands how Internal Controls contributes to the Bank’s broader risk management strategy and organizational objectives. Sets priorities and establishes challenging but realistic goals for the team that are aligned with the risk appetite, control framework, and the expectations of senior management.
- Communication & Reporting: Communicates findings, risks, and recommendations clearly and with appropriate impact, adapting style and depth depending on the audience, whether frontline staff, business management, or senior governance forums. Produce well-structured, concise written reports that convey the right level of detail without obscuring the key message.
- Stakeholder Engagement & Influence: Builds credible, trusted relationships with business partners, risk owners, and functional leads across the domain. Able to challenge control weaknesses and risk behaviors constructively and professionally, influencing positive change without relying on authority, positioning Internal Controls as a valued partner rather than a policing mechanism.
- Leadership & People Development: Creates a team environment built on accountability, continuous learning, and high standards of professional conduct. Actively develops the capability of Internal Controls Officers through coaching, feedback, and stretch assignments, and models the risk and control culture the team is tasked with embedding across the business.
- Technical Knowledge (Risk & Control Frameworks): Demonstrates sound working knowledge of operational risk frameworks, control assessment methodologies, and assurance tools including RCSAs, KRIs, and incident reporting. Stays current with developments in the regulatory environment, internal audit standards, and industry best practice relevant to the domains under coverage.
- Change & Project Assurance: Understands the risk implications of change, whether technology deployments, process redesigns, or new business initiatives, and proactively engages with project and change processes to ensure control considerations are embedded from initiation through to post-implementation review.
- Integrity & Professional Independence: Maintains objectivity and professional independence in all assurance activities, ensuring that findings and conclusions reflect the evidence rather than stakeholder preference. Demonstrates the courage to raise difficult issues and stand behind assessments when challenged, while remaining open to new information that legitimately changes the picture. Inspires commitment (actions and behaviors are consistent with words).
- Self-development: Pursues positive change in self and organization. Drives own personal development plan.
INVITATION
If you believe you meet the requirements as noted above, please use the link below to apply.
Once there, click on “Career Opportunities” to get started. (We recommend using Google Chrome for the best experience.)
Deadline: Friday 17th July 2026
Only short-listed candidates will be contacted.


