Director, Tech Risk & Compliance
Contract | Hybrid (Europe, with travel as required) | 6 months with possible extension
Our client is a major European FMCG group who are modernizing their technology organization, they are scaling AI-native capabilities and converging IT capabilities across European markets. As the transformation accelerates, compliance demands on the central technology function are multiplying across security, data protection, operational resilience, AI regulation, and audit readiness.
You will step in as the accountable senior leader who filters these demands and builds a coherent, prioritised agenda. Reporting directly to the European CTO, you will set the future-state vision for Tech risk and compliance, drive the transformation roadmap, and hand over a functioning Risk and Compliance operating model to a permanent successor.
Key Responsibilities
Act as the single point of coherence for all compliance demands on the technology function - translating fragmented asks into a prioritised agenda
Design and run non-cyber risk and compliance governance: risk appetite, control frameworks, reporting cadence, and escalation
Define the future-state vision and lead business planning for IT risk and compliance: multi-year roadmap, investment cases, and measurable outcomes
Partner with convergence leadership to design risk and compliance into the target operating model
Own the non-cyber technology risk portfolio at scale: infrastructure, platform, application, and data risk
Drive operational resilience in line with DORA-equivalent expectations - critical service identification, impact tolerances, scenario testing, and incident readiness
Stand up the third-party risk framework covering critical vendors, cloud providers, and AI suppliers
Own the Tech organization’s posture on GDPR, the EU AI Act, and adjacent regulatory frameworks
Act as the primary interface for internal audit and cyber security teams
Who You Are
Director-level leader with deep experience in technology risk, compliance, operational resilience, or audit within a regulated industry, large multinational, or top-tier consulting firm
Proven track record turning fragmented compliance demands into a single coherent agenda
Experience setting strategy and shaping vision for a risk and compliance function - not only running day-to-day
Strong working knowledge of DORA-equivalent resilience expectations, GDPR, and the EU AI Act
Credible at C-suite level; comfortable operating alongside a strong cybersecurity function with clear boundaries
Pragmatic, decisive, and able to move at pace in a transforming environment
Available immediately or at short notice
The following are a plus:
Background combining consulting and industry-side experience
Track record in convergence or harmonization programmes across markets
Experience with modern cloud and hybrid estate risk in a large-scale environment
A Little Bit About Riverflex
Riverflex was founded in Amsterdam and London in 2018 and has grown into a global team of consultants united by one mission: help courageous leaders drive intelligent transformation. We integrate three service pillars - strategy & transformation consulting that Creates Change, talent services that Build Teams, and business-accelerating AI products that Augment Intelligence.
We are not a traditional consultancy. We work at C-level with blue-chip companies on the programmes that actually matter, and we are building our Technology Risk practice at exactly the moment the market needs it most.
Apply Now
Interested in this role? Submit your CV and a brief note on your relevant experience through the Riverflex website or reach out to our talent team directly.
We are an Equal Opportunity Employer and take pride in a diverse environment. We do not discriminate in recruitment, hiring, training, promotion, or other employment practices for reasons of race, color, religion, gender, sexual orientation, national origin, age, marital status, medical condition, or disability. Even if you believe you do not tick all the aforementioned requirements for the role, we still encourage you to take the time to apply.
Skills Required
- Deep experience in technology risk, compliance, operational resilience, or audit in regulated industries
- Proven track record in compliance management
- Experience with DORA, GDPR, and EU AI regulations
- Credible at C-suite level
- Available immediately or at short notice
What We Do
Traditional consulting wasn't built for the speed of AI. We Are. Riverflex is an intelligent transformation accelerator, partnering with courageous leaders at the world's leading companies to drive profound change in the age of AI. We believe real transformation is not just implementing tools, it’s a re-foundership of finding the right blend of human and machine to move faster, decide smarter, and build lasting capability. How we work: CREATE CHANGE: We co-develop bold visions and strategies that give your organization the clarity and confidence to make difficult decisions, fast. BUILD TEAMS: We strengthen your people through targeted training and augment your ranks with elite interim and permanent talent from our global PRO network. AUGMENT INTELLIGENCE: We design and implement AI-augmented workflows and custom tools that sharpen decision-making and streamline how work gets done. Underpinning all of it: our global open-talent ecosystem, a curated network of Riverflex PROs who are genuine experts in technology, data, and change. For courageous leaders: Ready for a next gen consulting partner that builds your capability, not just your slide decks? Let's talk. 📧 [email protected] For independent experts: Want to work on challenges that actually matter? Join our network of Pros. 🔗 platform.riverflex.com

.png)





