Skip to content
MVPeople Group Logo
MVPeopleGroup
GRC & Compliance

DORA Compliance & GRC Specialist

Arnhem, GEConsultancyHybridSeniorbankwezen
Apply nowAsk a question

About the assignment

The Digital Operational Resilience Act (DORA) is reshaping how financial institutions manage ICT risk and operational resilience. You take ownership of DORA implementation, ensuring your organisation meets stringent EU requirements for ICT risk management, incident reporting, and third-party dependencies.

You'll translate complex regulatory demands into actionable governance frameworks. This role bridges compliance, security, and operations—requiring both regulatory depth and practical implementation skills.

Your impact: reduce regulatory risk, strengthen operational resilience, and position the organisation as compliant with evolving digital operational standards.

Your responsibilities

  • Design and implement DORA compliance frameworks aligned with ICT risk management requirements
  • Map ICT systems, dependencies, and third-party risks using DORA's criticality assessment methodology
  • Develop incident reporting procedures and escalation protocols for major ICT incidents
  • Coordinate with security, operations, and legal teams to embed resilience controls across the organisation
  • Conduct DORA compliance audits and manage remediation roadmaps
  • Monitor regulatory updates and adapt policies to evolving DORA guidance
  • Document and maintain evidence of compliance for supervisory reporting

Tech Stack & Tools

Platforms & Tooling

ServiceNow GRCArcherOneTrustJiraConfluence

Frameworks & Standards

DORA (EU Regulation 2023/2795)NIST Cybersecurity FrameworkISO 27001ISO 27035 (incident management)COBIT 2019

Methodologies

Risk-based compliance mappingThird-party risk assessmentICT incident classification and reportingGovernance documentation frameworks

Certifications (preferred)

CISM (Certified Information Security Manager)CRISC (Certified in Risk and Information Systems Control)CISA (Certified Information Systems Auditor)CISSP

Must-haves

  • 5+ years in GRC, compliance, or regulatory risk roles (financial services preferred)
  • Deep knowledge of DORA requirements and implementation
  • Experience mapping ICT systems and managing third-party risk assessments
  • Strong documentation and process design skills
  • Fluent in English; Dutch is a strong advantage

Nice-to-haves

  • Experience with other EU financial regulations (MiFID II, PSD2, NIS2)
  • Background in operational resilience or business continuity frameworks
  • Hands-on experience with GRC platforms (ServiceNow, Archer, OneTrust)

What we offer

  • Shape DORA strategy at a critical regulatory moment
  • Work with board-level visibility and strategic influence
  • Competitive salary and performance incentives
  • Professional development budget for compliance certifications
  • Flexible working and career progression in a growing compliance function
  • Personal guidance from a dedicated MVPeople consultant who knows your niche

The process

1

Introduction

Phone call with your MVPeople consultant (within 24 hours)

2

Match & Brief

We discuss the assignment in detail and prepare you

3

Client meeting

Introduction to the client

4

Start

Contracting and onboarding

Details

Type

Consultancy

Location

Arnhem, GE

Work model

Hybrid

Level

Senior

Industry

bankwezen

Posted

12 May 2026

Contact

MVPeople Group

jobs@mvpeoplegroup.com
Apply nowMore information

Related vacancies

GRC & CompliancePermanent

Senior Consultant Information Security

RandstadHybrid
View vacancy
GRC & ComplianceConsultancy

Compliance Officer

heerlenHybrid
View vacancy
Vulnerability ManagementConsultancy

Vulnerability Management Roadmap Manager

Utrecht, UTHybrid
View vacancy
Apply now