CTO/CISO (Burkina Faso)
Ouagadougou, Burkina Faso
Full Time
Senior Executive
Job Title: Chief Technology Officer (CTO)
Report to:CEO / Board Location:Ouagadougou, Burkina Faso
Industry:Consumer Finance / Mobile Device Installment
Regulatory Compliance:ARCEP、CIL、WAEMU/BCEAO、SDF license requirements
Job Summary
As CTO, you will be responsible for end-to-end technology governance, regulatory compliance, and deployment coordination for our mobile installment business in Burkina Faso. R&D work will be undertaken by the headquarters R&D team; your core role is to master local regulatory requirements and laws, assist the headquarters R&D team in deployment, and ensure that system architecture, data security, network security and other aspects fully meet SDF licensing and local strict regulatory requirements. You will lead the local tech team to focus on operation, compliance and coordination, supporting the stable and compliant operation of the business.
Key Responsibilities
1. 2. Regulatory Compliance & Local Law Mastery
○ Proficient in Burkina Faso’s financial and telecom regulations related to SDF license, including CIL (data protection law), ARCEP, WAEMU/BCEAO, and other relevant norms, and keep abreast of regulatory updates.
○ Interpret local regulatory requirements for the headquarters R&D team, provide clear compliance guidance, and ensure that all technology-related work (architecture, deployment, operation) meets regulatory standards.
○ Coordinate with local regulators (ARCEP, CIL, etc.), respond to regulatory inquiries, submit technology-related compliance materials, and ensure the smooth progress of SDF license application and subsequent compliance supervision. Coordination with Headquarters R&D Team
○ Serve as the key link between the local team and the headquarters R&D team, communicate local regulatory requirements, business scenarios and technical needs accurately and efficiently.
○ Assist the headquarters R&D team in system deployment, testing and launch in Burkina Faso, put forward localized optimization suggestions based on local network environment, telecom resources and regulatory requirements.
○ Review the system architecture, deployment plan and technical solutions proposed by the headquarters R&D team, confirm that they meet local regulatory requirements and security standards, and put forward modification opinions if necessary.
3. 4. 5. Architecture & Infrastructure Governance
○ Oversee the overall system architecture of the local business, ensure that the architecture design is compliant, stable and scalable, and meets the regulatory requirements for financial services.
○ Manage local infrastructure, hosting, disaster recovery (DR) and business continuity plan (BCP), coordinate with the headquarters R&D team to ensure 99.9% uptime of critical financial systems.
○ Control local tech OPEX/CAPEX budget, manage local tech vendors (telecom, hosting, etc.), and ensure compliance and cost-effectiveness. Security & Risk Oversight
○ Work closely with CISO to align technology and security work, ensure that system deployment, data management and network operation meet security compliance requirements.
○ Oversee the implementation of audit trails, data retention, access control and other regulatory mandatory requirements, and coordinate with the headquarters R&D team to rectify potential risks. Local Tech Team Leadership & Coordination
○ Build and lead the local tech team (focus on operation, compliance, support), set team goals, and organize training on local regulations and system operation.
○ Establish local tech governance and change control processes, coordinate with the headquarters R&D team to implement system updates and optimizations, and ensure compliance of all changes.
Required Qualifications
• Bachelor’s in Computer Science, IT, Engineering; Master’s preferred.
• 7+ years fintech/consumer finance tech management experience, experience in Francophone West Africa is a strong plus.
• Proficient in Burkina Faso’s regulatory environment, including CIL data protection law, ARCEP, WAEMU/BCEAO guidelines, and experience in SDF license application or compliance management is preferred. • Familiar with system architecture, cloud/on-prem infrastructure, mobile app (Android), USSD, REST APIs, and experience in coordinating with remote R&D teams for deployment.
• Experience in integrating local telecoms (Orange, Moov), mobile money (M-Pesa, Orange Money) and KYC/ID verification providers in Burkina Faso/West Africa.
• Fluent inEnglish & French (mandatory for communication with regulators and headquarters). • Resident in Burkina Faso or willing to relocate (SDF license requirement). Preferred • Prior experience in assisting with SDF license application in Burkina Faso.
• Experience with ISO 27001, PCI-DSS or similar financial security standards.
• Existing network with local regulators (ARCEP, CIL), telecoms and mobile money providers.
二、Chief Information Security Officer (CISO) ——
Report to:CEO / Board(dotted line to CTO)
Location:Ouagadougou, Burkina Faso
Industry:Consumer Finance / Mobile Device Installment
Regulatory Compliance:CIL, ARCEP, WAEMU/BCEAO, SDF license, data protection & financial crime prevention
Job Summary
As CISO, you are the owner of information security, data protection, cyber risk and regulatory compliance for the company’s mobile installment business in Burkina Faso. R&D work will be undertaken by the headquarters R&D team; your core role is to master local security and data protection regulations, assist the headquarters R&D team in security deployment, and ensure that data security, network security, system security and other aspects fully meet SDF licensing and local strict regulatory requirements. You will be responsible for building and implementing the local security compliance system to protect customer data and business operations.
Key Responsibilities
1. Regulatory Compliance & Security Policy
○ Proficient in Burkina Faso’s information security and data protection regulations, including CIL, ARCEP, WAEMU/BCEAO, and other relevant financial security norms, and interpret these requirements for the headquarters R&D team.
○ Develop and enforce local information security policies, standards and procedures aligned with SDF license requirements, CIL and international standards (ISO 27001), covering data protection, network security, access control, etc.
○ Prepare and submit security compliance materials required by regulators, respond to security audits, and ensure that the company’s security work meets regulatory requirements. Coordination with Headquarters R&D Team on Security Deployment
2. ○ Communicate local security and regulatory requirements to the headquarters R&D team, provide security guidance for system R&D and deployment, and ensure that security controls are embedded in the system design and deployment process.
○ Review the security solutions, data encryption schemes, network security architectures proposed by the headquarters R&D team, confirm that they meet local regulatory requirements, and put forward modification suggestions if necessary.
○ Assist the headquarters R&D team in security testing, vulnerability rectification and security deployment in Burkina Faso, and ensure that the deployed system meets local security standards.
3. 4. 5. 6. Data Protection & Privacy ○ Oversee the protection of customer PII and financial data, coordinate with the headquarters R&D team to implement encryption (data at rest/in transit), tokenization, data retention and secure disposal measures in line with CIL requirements.
○ Manage user consent, data access rights and cross-border data transfer controls, ensure that all data processing activities are compliant with local laws. Cyber Risk Management & Assessment
○ Conduct regular cyber risk assessments, vulnerability scans and penetration tests on the deployed systems, mobile app, APIs and internal networks, and coordinate with the headquarters R&D team to rectify potential vulnerabilities.
○ Identify and manage security risks such as fraud (application/identity), account takeover, data leakage and ransomware, and work with the headquarters R&D team to implement prevention and control measures. Incident Response & Security Awareness
○ Develop and test incident response playbooks (data breach, ransomware, fraud), lead the local team to respond to security incidents, and coordinate with the headquarters R&D team for disposal and reporting. ○ Deliver regular security training to local staff, agents and partners, and build a security culture aligned with regulatory requirements and financial services best practices. Regulatory Reporting & Stakeholder Communication
○ Serve as the primary security contact for local regulators (ARCEP, CIL, WAEMU/BCEAO) and SDF auditors, and submit required security reports and compliance evidence.
○ Report security risks, compliance status and incident handling results to the CEO/Board and headquarters team regularly.
Required Qualifications
• Bachelor’s in Cybersecurity, IT, Computer Science; CISSP/CISM/CISCA or equivalent certification is mandatory.
• 6+ years information security leadership experience in fintech/financial services, with in-depth understanding of mobile lending/installment business security risks; experience in Francophone West Africa is a strong plus.
• Proficient in Burkina Faso’s CIL data protection law, ARCEP, WAEMU/BCEAO financial security regulations, and experience in security compliance for licensed financial institutions or SDF-level entities is preferred.
• Familiar with security technologies such as SIEM, IAM, encryption, DLP, vulnerability management and incident response, and experience in coordinating with remote R&D teams for security deployment.
• Experience in anti-fraud, AML and customer data protection for mobile financial services.
• Fluent in English & French (mandatory for communication with regulators and headquarters).
• Resident in Burkina Faso or willing to relocate (SDF license requirement). Preferred
• Prior experience as CISO/security lead for an SDF or licensed consumer finance institution in Burkina Faso.
• ISO 27001 lead auditor, PCI-DSS or AML certification.
• Established relationships with local regulators (ARCEP, CIL) and cybersecurity authorities.
Report to:CEO / Board Location:Ouagadougou, Burkina Faso
Industry:Consumer Finance / Mobile Device Installment
Regulatory Compliance:ARCEP、CIL、WAEMU/BCEAO、SDF license requirements
Job Summary
As CTO, you will be responsible for end-to-end technology governance, regulatory compliance, and deployment coordination for our mobile installment business in Burkina Faso. R&D work will be undertaken by the headquarters R&D team; your core role is to master local regulatory requirements and laws, assist the headquarters R&D team in deployment, and ensure that system architecture, data security, network security and other aspects fully meet SDF licensing and local strict regulatory requirements. You will lead the local tech team to focus on operation, compliance and coordination, supporting the stable and compliant operation of the business.
Key Responsibilities
1. 2. Regulatory Compliance & Local Law Mastery
○ Proficient in Burkina Faso’s financial and telecom regulations related to SDF license, including CIL (data protection law), ARCEP, WAEMU/BCEAO, and other relevant norms, and keep abreast of regulatory updates.
○ Interpret local regulatory requirements for the headquarters R&D team, provide clear compliance guidance, and ensure that all technology-related work (architecture, deployment, operation) meets regulatory standards.
○ Coordinate with local regulators (ARCEP, CIL, etc.), respond to regulatory inquiries, submit technology-related compliance materials, and ensure the smooth progress of SDF license application and subsequent compliance supervision. Coordination with Headquarters R&D Team
○ Serve as the key link between the local team and the headquarters R&D team, communicate local regulatory requirements, business scenarios and technical needs accurately and efficiently.
○ Assist the headquarters R&D team in system deployment, testing and launch in Burkina Faso, put forward localized optimization suggestions based on local network environment, telecom resources and regulatory requirements.
○ Review the system architecture, deployment plan and technical solutions proposed by the headquarters R&D team, confirm that they meet local regulatory requirements and security standards, and put forward modification opinions if necessary.
3. 4. 5. Architecture & Infrastructure Governance
○ Oversee the overall system architecture of the local business, ensure that the architecture design is compliant, stable and scalable, and meets the regulatory requirements for financial services.
○ Manage local infrastructure, hosting, disaster recovery (DR) and business continuity plan (BCP), coordinate with the headquarters R&D team to ensure 99.9% uptime of critical financial systems.
○ Control local tech OPEX/CAPEX budget, manage local tech vendors (telecom, hosting, etc.), and ensure compliance and cost-effectiveness. Security & Risk Oversight
○ Work closely with CISO to align technology and security work, ensure that system deployment, data management and network operation meet security compliance requirements.
○ Oversee the implementation of audit trails, data retention, access control and other regulatory mandatory requirements, and coordinate with the headquarters R&D team to rectify potential risks. Local Tech Team Leadership & Coordination
○ Build and lead the local tech team (focus on operation, compliance, support), set team goals, and organize training on local regulations and system operation.
○ Establish local tech governance and change control processes, coordinate with the headquarters R&D team to implement system updates and optimizations, and ensure compliance of all changes.
Required Qualifications
• Bachelor’s in Computer Science, IT, Engineering; Master’s preferred.
• 7+ years fintech/consumer finance tech management experience, experience in Francophone West Africa is a strong plus.
• Proficient in Burkina Faso’s regulatory environment, including CIL data protection law, ARCEP, WAEMU/BCEAO guidelines, and experience in SDF license application or compliance management is preferred. • Familiar with system architecture, cloud/on-prem infrastructure, mobile app (Android), USSD, REST APIs, and experience in coordinating with remote R&D teams for deployment.
• Experience in integrating local telecoms (Orange, Moov), mobile money (M-Pesa, Orange Money) and KYC/ID verification providers in Burkina Faso/West Africa.
• Fluent inEnglish & French (mandatory for communication with regulators and headquarters). • Resident in Burkina Faso or willing to relocate (SDF license requirement). Preferred • Prior experience in assisting with SDF license application in Burkina Faso.
• Experience with ISO 27001, PCI-DSS or similar financial security standards.
• Existing network with local regulators (ARCEP, CIL), telecoms and mobile money providers.
二、Chief Information Security Officer (CISO) ——
Report to:CEO / Board(dotted line to CTO)
Location:Ouagadougou, Burkina Faso
Industry:Consumer Finance / Mobile Device Installment
Regulatory Compliance:CIL, ARCEP, WAEMU/BCEAO, SDF license, data protection & financial crime prevention
Job Summary
As CISO, you are the owner of information security, data protection, cyber risk and regulatory compliance for the company’s mobile installment business in Burkina Faso. R&D work will be undertaken by the headquarters R&D team; your core role is to master local security and data protection regulations, assist the headquarters R&D team in security deployment, and ensure that data security, network security, system security and other aspects fully meet SDF licensing and local strict regulatory requirements. You will be responsible for building and implementing the local security compliance system to protect customer data and business operations.
Key Responsibilities
1. Regulatory Compliance & Security Policy
○ Proficient in Burkina Faso’s information security and data protection regulations, including CIL, ARCEP, WAEMU/BCEAO, and other relevant financial security norms, and interpret these requirements for the headquarters R&D team.
○ Develop and enforce local information security policies, standards and procedures aligned with SDF license requirements, CIL and international standards (ISO 27001), covering data protection, network security, access control, etc.
○ Prepare and submit security compliance materials required by regulators, respond to security audits, and ensure that the company’s security work meets regulatory requirements. Coordination with Headquarters R&D Team on Security Deployment
2. ○ Communicate local security and regulatory requirements to the headquarters R&D team, provide security guidance for system R&D and deployment, and ensure that security controls are embedded in the system design and deployment process.
○ Review the security solutions, data encryption schemes, network security architectures proposed by the headquarters R&D team, confirm that they meet local regulatory requirements, and put forward modification suggestions if necessary.
○ Assist the headquarters R&D team in security testing, vulnerability rectification and security deployment in Burkina Faso, and ensure that the deployed system meets local security standards.
3. 4. 5. 6. Data Protection & Privacy ○ Oversee the protection of customer PII and financial data, coordinate with the headquarters R&D team to implement encryption (data at rest/in transit), tokenization, data retention and secure disposal measures in line with CIL requirements.
○ Manage user consent, data access rights and cross-border data transfer controls, ensure that all data processing activities are compliant with local laws. Cyber Risk Management & Assessment
○ Conduct regular cyber risk assessments, vulnerability scans and penetration tests on the deployed systems, mobile app, APIs and internal networks, and coordinate with the headquarters R&D team to rectify potential vulnerabilities.
○ Identify and manage security risks such as fraud (application/identity), account takeover, data leakage and ransomware, and work with the headquarters R&D team to implement prevention and control measures. Incident Response & Security Awareness
○ Develop and test incident response playbooks (data breach, ransomware, fraud), lead the local team to respond to security incidents, and coordinate with the headquarters R&D team for disposal and reporting. ○ Deliver regular security training to local staff, agents and partners, and build a security culture aligned with regulatory requirements and financial services best practices. Regulatory Reporting & Stakeholder Communication
○ Serve as the primary security contact for local regulators (ARCEP, CIL, WAEMU/BCEAO) and SDF auditors, and submit required security reports and compliance evidence.
○ Report security risks, compliance status and incident handling results to the CEO/Board and headquarters team regularly.
Required Qualifications
• Bachelor’s in Cybersecurity, IT, Computer Science; CISSP/CISM/CISCA or equivalent certification is mandatory.
• 6+ years information security leadership experience in fintech/financial services, with in-depth understanding of mobile lending/installment business security risks; experience in Francophone West Africa is a strong plus.
• Proficient in Burkina Faso’s CIL data protection law, ARCEP, WAEMU/BCEAO financial security regulations, and experience in security compliance for licensed financial institutions or SDF-level entities is preferred.
• Familiar with security technologies such as SIEM, IAM, encryption, DLP, vulnerability management and incident response, and experience in coordinating with remote R&D teams for security deployment.
• Experience in anti-fraud, AML and customer data protection for mobile financial services.
• Fluent in English & French (mandatory for communication with regulators and headquarters).
• Resident in Burkina Faso or willing to relocate (SDF license requirement). Preferred
• Prior experience as CISO/security lead for an SDF or licensed consumer finance institution in Burkina Faso.
• ISO 27001 lead auditor, PCI-DSS or AML certification.
• Established relationships with local regulators (ARCEP, CIL) and cybersecurity authorities.
Apply for this position
Required*