The Role
Lead regulatory resilience for AI and operational resilience by implementing EU AI Act and DORA controls. Manage AI model classification, conformity assessments, third-party ICT risk, TLPT and BCP exercises, algorithmic audits, and act as primary regulator liaison to ensure compliance and operational anti-fragility.
Summary Generated by Built In
Since we are in 2026, the EU AI Act is now fully enforceable and DORA (Digital Operational Resilience Act) has become the gold standard for financial and tech startups in Berlin.
This role is more of a "Strategic GRC" position, focusing on systemic resilience and algorithmic accountability.
Job Title
Regulatory Resilience Lead (AI & DORA)
Intro
With the EU AI Act and DORA now in full effect, \[Company Name\] is looking for a Regulatory Resilience Lead to navigate the complex intersection of high-risk AI systems and financial-grade operational resilience. This isn't a "legal-only" role; you will be the architect of our compliance strategy, ensuring our AI products are ethically sound and our infrastructure is "battle-hardened" against systemic failures. You will work directly with our Engineering and Product leads to turn regulatory hurdles into a competitive trust advantage.
* Location: Berlin (Hybrid / Flex)
* Language: English (Fluent), German (Professional working proficiency preferred for regulator liaison).
Tasks
* AI Governance Framework: Lead the classification of our AI models under the EU AI Act, managing the lifecycle of "High-Risk" systems, technical documentation, and bias-monitoring protocols.
* DORA Implementation: Oversee the five pillars of DORA, specifically focusing on ICT Risk Management and Third-Party Risk, ensuring our critical providers meet European resilience standards.
* Resilience Testing: Coordinate TLPT (Threat-Led Penetration Testing) and business continuity exercises to ensure we meet DORA’s operational "anti-fragility" requirements.
* Algorithmic Auditing: Partner with Data Science teams to perform "Conformity Assessments" and human-oversight audits for our customer-facing AI features.
* Regulator Liaison: Serve as the primary point of contact for the EU AI Office and BaFin, handling mandatory incident reporting and compliance filings.
Requirements
Requirements
Expertise: 4+ years in GRC, Legal Tech, or Operational Risk, with a deep specialization in DORA and the EU AI Act.
Analytical Mindset: Ability to translate abstract legal articles into concrete Jira tickets for developers.
Industry Experience: Previous experience in Fintech, Insurtech, or Healthtech is highly preferred, as these sectors face the highest scrutiny under 2026 mandates.
Education/Certs: Background in Law or Tech-Policy. Certifications like CIPP/E or specialized AI Ethics credentials are a major plus.
Communication: Exceptional ability to manage stakeholders—you can explain "Model Transparency" to a developer and "ICT Concentration Risk" to a Founder.
Benefits
Equity: Significant VSOP package; as a Lead role, you are a key stakeholder in our long-term stability.
Professional Development: Unlimited access to European regulatory summits and advanced AI governance certifications.
Berlin Culture: Monthly team "Stammtisch," a generous wellness stipend, and a bright, modern office in Neukölln or Mitte.
This role is more of a "Strategic GRC" position, focusing on systemic resilience and algorithmic accountability.
Job Title
Regulatory Resilience Lead (AI & DORA)
Intro
With the EU AI Act and DORA now in full effect, \[Company Name\] is looking for a Regulatory Resilience Lead to navigate the complex intersection of high-risk AI systems and financial-grade operational resilience. This isn't a "legal-only" role; you will be the architect of our compliance strategy, ensuring our AI products are ethically sound and our infrastructure is "battle-hardened" against systemic failures. You will work directly with our Engineering and Product leads to turn regulatory hurdles into a competitive trust advantage.
* Location: Berlin (Hybrid / Flex)
* Language: English (Fluent), German (Professional working proficiency preferred for regulator liaison).
Tasks
* AI Governance Framework: Lead the classification of our AI models under the EU AI Act, managing the lifecycle of "High-Risk" systems, technical documentation, and bias-monitoring protocols.
* DORA Implementation: Oversee the five pillars of DORA, specifically focusing on ICT Risk Management and Third-Party Risk, ensuring our critical providers meet European resilience standards.
* Resilience Testing: Coordinate TLPT (Threat-Led Penetration Testing) and business continuity exercises to ensure we meet DORA’s operational "anti-fragility" requirements.
* Algorithmic Auditing: Partner with Data Science teams to perform "Conformity Assessments" and human-oversight audits for our customer-facing AI features.
* Regulator Liaison: Serve as the primary point of contact for the EU AI Office and BaFin, handling mandatory incident reporting and compliance filings.
Requirements
Requirements
Expertise: 4+ years in GRC, Legal Tech, or Operational Risk, with a deep specialization in DORA and the EU AI Act.
Analytical Mindset: Ability to translate abstract legal articles into concrete Jira tickets for developers.
Industry Experience: Previous experience in Fintech, Insurtech, or Healthtech is highly preferred, as these sectors face the highest scrutiny under 2026 mandates.
Education/Certs: Background in Law or Tech-Policy. Certifications like CIPP/E or specialized AI Ethics credentials are a major plus.
Communication: Exceptional ability to manage stakeholders—you can explain "Model Transparency" to a developer and "ICT Concentration Risk" to a Founder.
Benefits
Equity: Significant VSOP package; as a Lead role, you are a key stakeholder in our long-term stability.
Professional Development: Unlimited access to European regulatory summits and advanced AI governance certifications.
Berlin Culture: Monthly team "Stammtisch," a generous wellness stipend, and a bright, modern office in Neukölln or Mitte.
Skills Required
- 4+ years in GRC, Legal Tech, or Operational Risk with deep specialization in DORA and the EU AI Act
- Fluent English
- Professional working proficiency in German for regulator liaison
- Background in Law or Tech-Policy
- Certifications such as CIPP/E or specialized AI Ethics credentials
- Ability to translate regulatory/legal requirements into concrete Jira tickets for developers
- Previous experience in Fintech, Insurtech, or Healthtech
- Exceptional stakeholder communication across engineering, product, founders, and regulators
- Experience coordinating Threat-Led Penetration Testing (TLPT) and resilience/business continuity exercises
- Experience overseeing ICT Risk Management and Third-Party Risk under DORA
- Experience performing algorithmic audits, conformity assessments, and bias-monitoring protocols
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
Matproof is a compliance management platform for companies navigating EU regulation. We turn complex frameworks like NIS2, DORA, GDPR, and the EU AI Act into structured workflows - requirements mapped, controls linked, tasks assigned, audit-ready. Instead of spreadsheets and consultants, teams use Matproof to centrally manage compliance across multiple frameworks at once. Every requirement is traceable, every control is documented, every audit has a clear trail. Built in the EU. Hosted in the EU. For companies that take compliance seriously. Start free at matproof.com
