M-Pesa Africa: Technology Governance Manager

M-Pesa is a pioneering fintech business and global market leader in mobile money. Starting from 2007 as a convenient means by which the unbanked and underbanked could make digital payments, M-Pesa has now grown to offer over 60 million active customers Financial Services, Enterprise, Merchant and Retail solutions. We are proud of our work in enabling the digital economy in our markets, and in driving financial inclusion.

M-Pesa Africa is the largest FinTech providing services to more than 60 million customers and 5 million businesses solutions across Financial Services, Enterprise, Merchant and Retail. We are now well on our way to becoming the preferred digital payment method across the markets that we serve, for both in-store, remote and online payments. With headquarters in both Nairobi and Johannesburg, we serve markets that include Kenya, Tanzania, DRC, Lesotho, Ghana, Egypt, Ethiopia, and Mozambique.

We are a united, energetic and passionate team. A place where leaders coach, teams connect, and everyone is empowered to go further, faster. A place where heroes become superheroes; through growth, opportunity, and the chance to work with the best minds in FinTech.

The Technology Governance Manager lead the strategic design, implementation, and oversight of MPESA Group’s integrated Governance and Assurance (GRA) framework, ensuring operational integrity, regulatory compliance, and technology resilience across all markets.

This role spans MPESA’s on-premise, hybrid-cloud, and AWS, HCS, GCP and Azure environments, driving standardisation across Service Management, Security, Data, and Infrastructure Governance. The incumbent will serve as the single point of accountability for governance strategy, internal control effectiveness, and assurance alignment across MPESA’s technology ecosystem.

• Lead the end-to-end assurance lifecycle, including internal audits, control testing, remediation tracking, and management reporting.
• Ensure alignment of MPESA’s governance activities with Vodacom, Safaricom, and regulatory oversight structures.
• Oversee the Technology Control Environment (TCE) — monitoring compliance, control effectiveness, and continuous improvement.
• Drive implementation of automated control monitoring and AI-assisted assurance to enhance risk visibility and decision‑making.

• Lead the end-to-end assurance lifecycle, including internal audits, control testing, remediation tracking, and management reporting.
• Ensure alignment of MPESA’s governance activities with Vodacom, Safaricom, and regulatory oversight structures.
• Oversee the Technology Control Environment (TCE) — monitoring compliance, control effectiveness, and continuous improvement.
• Drive implementation of automated control monitoring and AI-assisted assurance to enhance risk visibility and decision‑making.

• Ensure full compliance with all applicable regulatory, privacy, and cybersecurity frameworks, including ISO/IEC 27001, PCI DSS, GDPR, and POPIA.
• Develop and maintain a Compliance Map linking regulatory obligations to control implementations across all environments.
• Coordinate with Legal, Internal Audit, and Risk functions to ensure alignment of assurance efforts and reporting structures.
• Lead periodic compliance audits and self‑assessments, ensuring audit readiness and timely remediation of findings.

• Oversee Service Assurance, ensuring availability, continuity, capacity, and incident management controls are in place and measurable.
• Define assurance metrics and dashboards to track performance, compliance, and maturity across service and infrastructure layers.
• Collaborate with Platform Engineering and Operations to ensure control enforcement in CI/CD, MLOps, and cloud deployment processes.
• Champion the adoption of Zero‑Trust frameworks, ensuring governance extends from network to data and identity layers.

• Partner with CMDB & Asset Management, Data Governance, Cyber Security, and Service Management teams to ensure integrated governance coverage.
• Engage with market CIOs, Risk Officers, and Regulatory Liaisons to harmonize local governance models with the MPESA Group blueprint.
• Provide strategic guidance to the Governance and Assurance Council, aligning initiatives across markets, functions, and domains.

• Produce executive dashboards and board reports highlighting governance posture, audit results, and risk trends.
• Embed a continuous improvement cycle, using audit outcomes and incident learnings to strengthen future control design.
• Drive maturity assessments against industry benchmarks (e.g., CMMI, COBIT Maturity Model) to guide roadmap evolution.

• Bachelor’s Degree in Computer Science, Information Systems, or Business Administration.
• Minimum 12–15 years’ experience in Governance, Risk, Compliance, or IT Assurance leadership roles.
• Certified in COBIT, ITIL v4, ISO 27001 Lead Implementer/Auditor, or CISA/CISM.
• Deep understanding of regulatory environments across African markets and cloud‑based compliance frameworks.
• Proven experience in managing multi‑country technology governance, ideally within telco, fintech, or regulated financial services.
• Excellent analytical, communication, and stakeholder management skills, with board‑level presentation experience.

• Strategic Leadership & Influence: Ability to define governance vision and embed it across executive, operational, and regional levels.
• Holistic Governance Mindset: Expertise spanning IT, Data, and Security Governance, with the ability to integrate them into one unified control framework.
• Risk & Assurance Expertise: Strong command over risk management, internal controls, audit readiness, and assurance automation.
• Change Leadership: Proven ability to lead transformation across diverse markets, embedding compliance culture and operational discipline.
• Stakeholder Alignment: Exceptional communication and negotiation skills to drive collaboration across business, audit, and technology domains.

Closing date for Applications: 03 December 2025.

The base location for this role is, Vodacom Cape Town Campus.

The Company's approved Employment Equity Plan and Targets will be considered as part of the recruitment process. As an Equal Opportunities employer, we actively encourage and welcome people with various disabilities to apply. Vodacom is committed to an organisational culture that recognises, appreciates and values diversity & inclusion.