If I accept a certificate in order to use my company’s Wi-Fi, am I vulnerable to MITM attacks?

In this case, no, your device will not be subject to MITM of https traffic.

It is possible for employers to deploy a root certificate to machines in order to install a MITM proxy. (BlueCoat is a company that offers such a device commercially.) However, that requires a "trusted root" certificate to be installed in the client computers.

In your case, the certificate pictured in your screen shot says it will be used for "server authentication." This is not a trusted root certificate, and cannot be used to verify other certificates. This means a MITM proxy won't be able to use it to give you a substitute signed certificate.

Of course, your unencrypted traffic is still subject to inspection.

What is this certificate being used for?

A standard implementation of WPA or WPA2 in enterprise environments is to use certificate-based authentication for wireless network access. For company-owned devices, it makes connecting to a company wireless network seamless - the required certificates are automatically installed at some point (during imaging/provisioning, via Group Policy, etc.), completely transparently to the end user. When a user goes to connect to a wireless network with their company-owned device, it already has the required certificate installed and trusted. (Depending on the configuration, the certificate alone may be enough, or it may require additional authentication in the way of domain credentials, or be based on the device itself, etc.)

If I accept this certificate, will I be vulnerable to man-in-the-middle attacks?

Probably not.

The certificates in question for WPA-enterprise are usually generated by an internal certificate authority, rather than a public certificate authority, which means that personal devices don't trust the CA, because they don't know about it. The OEM of your device (Apple) preloads it with a list of trusted public CAs which provide certificates for public-facing services (https websites being the most ubiquitous example), but as your employer's wireless network is not public-facing, there's no reason for them to use such a certificate (and arguably, a few reasons for them not to).

For this reason, your device is prompting you with a warning that you're being offered a certificate from an untrusted/unverified source.

If you look at the certificate, it says the purpose is "Server Authentication." This indicates that the certificate is being used to authenticate a particular server on your company's network (either the WAP you're connecting to, or the RADIUS server that's doing Authentication, Authorization and Accounting (AAA) for wireless connections). Accepting this certificate will only make your device trust the server that the certificate is for. If your IT department decided to issue a cert for Google or whomever to intercept SSL traffic, your device would not automatically trust that certificate based on accepting this one, because this certificate is only used to authenticate a specific host. In order to do that, you would have to accept a certificate from the internal certificate authority.

That being said, there is a very remote possibility that you're actually connecting to a rogue WAP that's only claiming to be one of your employer's. To determine whether the AP you're connecting to is legitimate or not, you'd probably want to ask your IT department. You could compare the certificate with one you know is valid (such as one that's installed on your company-owned device), or import the public certificate from your company's internal CA onto your personal device, but it's generally easier to just ask. (And if you're worried about your employer intercepting SSL traffic, you wouldn't want to import any internal CA certificates onto your device, of course.)