Senior Officer, Operational Risk

Organizational Context

The International Federation of Red Cross and Red Crescent Societies (IFRC) is the world’s largest humanitarian network, with 191 - member National Red Cross and Red Crescent Societies. IFRC uses the Triple R – response, resilience and respect – to deliver on Strategy 2030. IFRC responds to disasters and crises, ensuring timely, coordinated and locally led humanitarian action. IFRC supports its members in building community resilience in the areas of climate and environment, health and wellbeing, and migration and displacement. IFRC promotes respect for our fundamental principles of humanity, impartiality, neutrality, independence, voluntary service, unity, and universality, including in our work on values, power and inclusion. The IFRC focuses throughout on our core mandate – our raison d’être – of strategic and operational coordination, humanitarian diplomacy, National Society development, and accountability.
IFRC is led by its Secretary General and has its Headquarters in Geneva and five regional offices in Africa (Nairobi); the Americas (Panama); Asia Pacific (Kuala Lumpur); Europe (Budapest); and MENA (Beirut) as well as representation offices, service centres and delegations across the globe.
The IFRC has a zero-tolerance policy on conduct that is incompatible with the aims and objectives of the Red Cross and Red Crescent Movement, including sexual exploitation and abuse, sexual harassment and other forms of harassment, abuse of authority, discrimination, and lack of integrity (including but not limited to financial misconduct). IFRC also adheres to strict child safeguarding principles.

The Ethical Practices Department (EPD) acts as a strong, cohesive, effective and visible second-line vector for IFRC at global, regional and national levels. It provides oversight and expertise to IFRC first-line activities and operations and ensures that the organization operates in accordance with highest standards across the five following pillars:
• Ethics and Integrity to promote a culture of transparency, integrity and accountability in line with industry standards and IFRC policies.
• Risk Management to create a culture of positive risk taking within IFRC operations and activities, supported by appropriate tools and capacity.
• Social Safeguards including Prevention against sexual exploitation, abuse and harassment (PSEAH) and Protection, Gender and Inclusion (PGI) to ensure safety, dignity, access and inclusion are part of humanitarian programs and operations and that the principle of ‘do not harm’ is mainstreamed in all IFRC activities.
• Environmental Safeguards to ensure that all IFRC operations and activities are environmentally sustainable and accountable.
• Compliance to implement systemic, harmonized and coordinated internal control mechanisms across the organization and align with internal policies and international standards.

The Risk Function provides services that strengthen a Federation‑wide risk management culture by developing policies, standardized procedures, training, and guidance that help IFRC staff and National Societies identify, assess, mitigate, monitor and report on strategic and operational risks. It also delivers technical support, peer‑to‑peer collaboration, unified risk systems, and structured oversight to ensure risks are integrated into decision‑making, Emergency Appeals, management processes and organizational planning across the IFRC Secretariat and National Societies.

Job Purpose

The purpose of this position is to provide strategic and operational leadership for the implementation of IFRC’s operational risk management framework at regional level. The role is responsible for coordinating, facilitating, and embedding risk management processes across regional programmes, operations, and functions, ensuring that risks are systematically identified, assessed, mitigated, and monitored in line with IFRC policies, risk appetite, and decision‑making structures. The position supports regional leadership and country teams to proactively manage risks, strengthen internal controls, and integrate risk considerations into planning, delivery, and oversight, thereby contributing to the effective achievement of IFRC’s humanitarian objectives.

Job Duties and Responsibilities

Operational Risk Management Leadership

• Lead the implementation and coordination of operational risk management processes at regional level in line with IFRC’s Risk Management Policy, operational risk management standard operating procedures, and recognized international standards (ISO 31000 / COSO ERM).
• Ensure that operational risks related to Secretariat operations, programmes, projects, and emergency operations are systematically identified, assessed, prioritized, and documented in relevant risk registers.
• Promote a proactive and anticipatory approach to operational risk management, including the identification of emerging and cross‑cutting risks across the region.

Risk Assessment, Treatment, and Monitoring

• Facilitate regular risk assessments with regional teams, delegations, and programme leads, ensuring consistency in risk analysis, assessment, and prioritization.
• Support risk owners in the design, implementation, and monitoring of risk treatment and mitigation measures, ensuring alignment with IFRC’s approved risk appetite.
• Monitor changes in operational risk exposure and the effectiveness of mitigation actions, recommending adjustments where necessary.

Risk Reporting and Escalation

• Coordinate the timely reporting and escalation of operational risks that exceed approved risk appetite, in accordance with IFRC’s reporting arrangements.
• Contribute to regional and organizational risk reporting, providing clear, evidence‑based inputs to the Ethical Practices Department, Global Management Team, and Global Leadership Team as required.
• Ensure that operational risk information meaningfully informs decision‑making, planning cycles, and management oversight forums at regional level.
• Convene and facilitate quarterly meetings with designated risk owners to review risk exposure, mitigation progress, and emerging issues.
• Provide timely and accurate risk information to the Strategic Risk Coordinator to support effective oversight, escalation, and integration of strategic risks.
• Prepare and submit a quarterly report on the evolution of regional operational risks, highlighting trends, material changes, and mitigation status.

Advisory Support and Capacity Building

• Act as a trusted advisor to Regional Leadership, Heads of Delegation, and operational managers on risk matters, risk trade‑offs, and mitigation strategies.
• Build risk management capacity across the region by delivering training, guidance, and on‑the‑job support to staff and managers, fostering a strong risk‑aware culture.
• Promote shared understanding and consistent application of risk concepts, terminology, and tools across regional and country contexts.

Job Duties and Responsibilities (continued)

Integration with Planning, Programmes, and Emergency Operations

• Ensure that operational risk management is embedded into regional planning, programme design, project management, and emergency response processes, including DREF operations and Emergency Appeals.
• Support the alignment between operational risk management and strategic risk insights, contributing to an integrated enterprise risk management approach.

Collaboration and Coordination

• Work in close coordination with the Ethics, Risk and Compliance Department to ensure consistency, quality, and coherence of operational risk management practices across IFRC.
• Collaborate with functional leads (finance, programmes, HR, logistics, security, PSEAH, compliance) to ensure holistic management of operational risks.

Support, upon request, National Societies in strengthening operational risk management capacities in the context of shared programmes and emergency operations.

Education

Required:

• Advanced university degree (master's level or equivalent) in risk management, business administration, international development, humanitarian affairs, or a related field.; or a first-level university degree combined with extensive relevant experience.

Preferred:

• Formal training or certification in risk management, internal controls, assurance, or enterprise risk management (e.g. ISO 31000, COSO ERM, PRINCE2 Risk, PMI‑RMP

Experience

Required:

• At least 7 to 10 years of progressively responsible experience in operational risk management, internal controls, or assurance functions within complex, decentralised or humanitarian organisations.
• Demonstrated experience in building and applying structured risk management frameworks across programmes, projects, emergency operations, and/or organisational functions.
• Practical experience supporting senior management and leadership teams with risk‑informed decision‑making, risk escalation, and mitigation planning.
• Demonstrated experience in managing complex multi-stakeholder processes, ideally in a Movement context.
• Proven experience in delivering risk management trainings.
• Experience working at regional or multi‑country level, with the ability to balance global frameworks with local operational realities.

Preferred:

• Proven experience working in humanitarian, development, or mission‑driven organisations, including exposure to fragile, high‑risk, or rapidly changing operating environments.
• Experience working in a RC/RC National Society and/or Federation/ICRC

Knowledge, Skills and Languages

Required:

• In-depth and up-to-date knowledge of enterprise risk management requirements and best practices
• Strong understanding of operational risk concepts, including inherent and residual risk, risk appetite, risk treatment, monitoring, and escalation.
• High-level of proficiency in carrying-out risks assessments and developing corrective action plans.
• Demonstrated ability to facilitate risk assessments, maintain risk registers, and assess the effectiveness of mitigation measures.
• Ability to analyse complex information, identify emerging and cross‑cutting risks, and translate analysis into clear, actionable advice.
• High level of proficiency in risk reporting, including synthesising risk information for management and oversight bodies.
• Solid knowledge of accountability and internal control systems, and how these interact with operational delivery.
• Strong facilitation and influencing skills, with the ability to engage constructively with senior leaders, managers, and technical staff across diverse functions.
• Demonstrated capacity to build risk awareness and ownership among non‑specialists, fostering a practical and proportionate risk culture.
• Excellent communication skills, with the ability to explain complex risk concepts clearly, concisely, and diplomatically.
• High degree of discretion, tact and sensitivity in dealing with internal and external clients and stakeholders at all levels.
• Fluent spoken and written English

Preferred:

• Solid understanding and knowledge of IFRC and Movement processes, systems, values and culture
• Demonstrated core proficiency in (a) digital communication & collaboration, (b) basic digital content creation, (c) digital safety & security, (d) data literacy, and (e) problem solving with technology (including responsible use of AI assistants.
• Good command of another IFRC official language (French, Spanish or Arabic)

Competencies, Values and Comments

Values: Respect for diversity; Integrity; Professionalism; Accountability
Core competencies: Communication; Collaboration and teamwork; Judgement and decision making; National society and customer relations; Creativity and innovation; Building trust
Functional competencies: Strategic orientation; Building alliances; Leadership; Empowering others

Comments: This is a national staff position open to nationals of Hungary and who are legally eligible to work in Hungary.