Legal Manager- Privacy, Security & AI

The Company

Tiko inspires futures where girls and young women take charge of their sexual and reproductive choices, with the freedom to shape their lives. Founded in 2014, Tiko is an African nonprofit organisation that enhances the potential and fosters the resilience of adolescent girls and young women (AGYW) in Sub-Saharan Africa by addressing the critical “Triple Threat”: early pregnancy, HIV, and sexual and gender-based violence (SGBV). Tiko has developed its own unique girl-centric technology platform to unite an ecosystem of existing, established partners to provide an environment enabling girls to choose when, where and how they meet their health and wellbeing needs. Leveraging this technology-enabled, community-driven approach, Tiko collaborates with local and national health systems to drive sustainable, transformative change. Tiko operates in seven countries including Kenya, Ethiopia, Uganda, Burkina Faso, South Africa, Zambia and Nigeria.

Tiko has offices in South Africa, Kenya, Ethiopia, the Netherlands and Portugal. Globally, our team consists of +230 enthusiastic, international colleagues. Whether you are working from our biggest office in Nairobi, the fast-growing office in South Africa, or from home, our people are young, and our culture is global and dynamic. Our work environment is fast-paced, informal, and friendly. You can learn more about what being part of Tiko is like here.

We are happy to accept applicants from Portugal for this role.

The Job

The Legal Manager – Privacy, Security, and AI oversees legal and regulatory developments related to data protection, cybersecurity, and artificial intelligence across all countries where Tiko operates or plans to operate. This role ensures compliance with global and local laws, proactively embeds privacy, security, and responsible AI principles into the organization, and manages the DPO and ISO.

Responsibility areas:

1. Legal and Regulatory Compliance Oversight

• Monitor, interpret, and advise on global and local legal and regulatory developments in data protection, cybersecurity, and AI.
• Ensure Tiko’s policies, practices, and products comply with all relevant laws and regulations (e.g., GDPR, NIS2, AI Act, CCPA, etc.).
• Lead the organization’s response to new and evolving legal requirements, including the development and implementation of compliance programs.

2. Cross-Functional Collaboration & Governance

• Collaborate with business, product, technology, HR, and operations teams to embed privacy, security, and responsible AI principles into all processes, contracts, and offerings.
• Participate in relevant governance committees and working groups.
• Provide legal guidance and risk assessments for new projects, partnerships, markets, and contractual arrangements, ensuring all agreements reflect necessary data protection, AI, and cybersecurity requirements.

3. Leadership & Oversight of ISO and DPO

• Directly manage the Information Security Officer (ISO) and Data Protection Officer (DPO), ensuring alignment and coordination across privacy, security, and AI compliance activities.
• Set priorities and provide guidance on complex legal and regulatory issues.
• Review and approve key policies, risk assessments, and incident response actions.

4. Policy Development & Implementation

• Lead the development, review, and implementation of internal policies and procedures relating to privacy, cybersecurity, and AI ethics.
• Ensure policies are up-to-date, effective, and communicated across the organization.
• Oversee training and awareness programs on legal and regulatory requirements.

5. Incident & Breach Management

• Advise on and oversee the management of data breaches, security incidents, and AI-related ethical issues.
• Ensure timely notification and reporting to authorities and affected stakeholders as required by law.

6. External Relations & Advocacy

• Represent Tiko in discussions with regulators, industry groups, and external stakeholders on privacy, security, and AI matters.
• Build and maintain relationships with key regulatory bodies and industry peers.

7. Risk Management & Reporting

• Oversee risk management processes for privacy, security, and AI compliance.
• Provide regular reports and briefings to executive management and the board on legal risks, compliance status, and emerging issues.

Requirements:

• Qualified lawyer with expertise in data protection, cybersecurity, and AI regulations.
• 5–8 years’ experience in relevant legal roles.
• Strong understanding of global regulatory frameworks.
• Experience managing cross-functional teams.

The rewards

At Tiko we believe in being open, also when it comes to salaries. The gross monthly salary bracket for this position is €3,419 - €5,128 in Portugal, plus benefits. We will offer you a salary in this bracket depending on your level of experience and how it relates to your future colleagues.

In addition to your monthly salary, we offer you:

• Good secondary benefits 
• A personal development budget
• Unlimited holidays, if you can make it work with your team you’re good to go
• Growth opportunities
• A product to help shape as we grow, to leave your mark on how we do things
• A vision that we trust that you will do your job without us having to invent unnecessary rules and regulations

The details

Interested? Click apply now below! Want more information? Check out our website or contact our Global Recruiter. We only accept applications through the apply links, not by email. 

—
Tiko prioritizes integrity in our workplace and respects your privacy.

Tiko is committed to preventing any type of unwanted behaviour by its employees at work, including sexual harassment, exploitation and abuse, lack of integrity and financial misconduct. This is why we will do reference and background screening checks on successful candidates before hiring. Tiko also participates in the Inter Agency Misconduct Disclosure Scheme. As part of this scheme, we will request information from your previous employers about any findings of sexual exploitation, sexual abuse and/or sexual harassment during your employment, or incidents under investigation when you left employment. By applying for this position, you confirm you have read and understood these recruitment procedures.

We value your privacy and understand the importance of safeguarding your personal data. We invite you to review our privacy notice for the recruitment process to understand how we collect, use, and protect your personal data during the recruitment process. Click here to view the document. By applying for this position, you acknowledge that you have read and understood our privacy notice.