Job Description

Rakuten Viber is one of the most popular and downloaded apps in the world. Working with us provides a unique opportunity to influence hundreds of millions of our users and to be part of the journey that makes us a super-app. Our mission is to make people's lives easier by enabling meaningful connections- from precious moments with family and friends, through managing business relationships, to pursuing their passions.

We are a global team dedicated to creating safe, reliable, and compliant digital experiences for millions of users worldwide. Our culture is built on innovation, accountability, and a commitment to excellence.

We're looking for an experienced and highly organised DORA Program Manager to join our team and serve as the operational engine behind Viber's DORA compliance program. This is the most critical governance role in the organisation- the person who makes resilience real, day to day.

Responsibilities

• Own and maintain the DORA governance framework, policies, and ICT inventories- including the TPSP register, dependency mapping, and BCM documentation
• Maintain the DORA evidence repository and ensure audit trails are complete, current, and inspection-ready at all times
• Lead coordination of internal and external audits and regulatory inspections, from preparation through to close
• Coordinate regulator notifications and manage all regulatory evidence requests end-to-end
• Coordinate the end-to-end incident reporting process, post-incident reviews, and follow-through on findings
• Coordinate annual BIA reviews, BCP testing, operational resilience testing, recovery testing, and tabletop exercises
• Coordinate quarterly TPSP oversight reviews and manage ongoing third-party risk governance
• Track KRIs/KPIs monthly and maintain the DORA action tracker, driving timely closure of remediation items
• Follow up with owners across the Group on a weekly basis to keep actions on schedule
• Coordinate annual policy reviews and ensure all scheduled annual reviews happen on time across the Group
• Chair monthly operational resilience meetings and coordinate cross-functional resilience governance
• Prepare and deliver quarterly Board reporting packs on operational resilience and ICT risk

Requirements

• At least 5 years of experience in operational resilience, ICT risk management, business continuity, or a closely related governance function
• Demonstrated experience managing or coordinating a DORA, ISO 22301, or equivalent regulatory compliance program
• Hands-on experience maintaining governance frameworks, risk registers, and ICT inventories in a regulated environment
• Experience coordinating audits, regulatory inspections, and evidence requests
• Solid understanding of third-party/TPSP oversight processes and contract risk management
• Experience producing Board-level reporting packs and executive risk communications
• Strong organisational skills and a proven ability to manage multiple ongoing workstreams simultaneously
• Ability to follow up with stakeholders across functions and geographies with clarity and consistency
• Fluent in written and spoken English

Advantages

• Experience working within the EU financial services or fintech regulatory environment, particularly under DORA
• Familiarity with the Maltese regulatory landscape (MFSA) and EU-level regulatory reporting requirements
• Experience coordinating BCP or resilience testing exercises as a process owner or coordinator
• Project management certification (PMP, PRINCE2, or equivalent)
• Experience working in or with payment institutions, e-money issuers, or regulated messaging/communications platforms

Skills

None