Director, Tech Risk & Compliance
Contract | Hybrid (Europe, with travel as required) | 6 months with possible extension
Our client is a major European FMCG group who are modernizing their technology organization, they are scaling AI-native capabilities and converging IT capabilities across European markets. As the transformation accelerates, compliance demands on the central technology function are multiplying across security, data protection, operational resilience, AI regulation, and audit readiness.
You will step in as the accountable senior leader who filters these demands and builds a coherent, prioritised agenda. Reporting directly to the European CTO, you will set the future-state vision for Tech risk and compliance, drive the transformation roadmap, and hand over a functioning Risk and Compliance operating model to a permanent successor.
Key Responsibilities
Act as the single point of coherence for all compliance demands on the technology function - translating fragmented asks into a prioritised agenda
Design and run non-cyber risk and compliance governance: risk appetite, control frameworks, reporting cadence, and escalation
Define the future-state vision and lead business planning for IT risk and compliance: multi-year roadmap, investment cases, and measurable outcomes
Partner with convergence leadership to design risk and compliance into the target operating model
Own the non-cyber technology risk portfolio at scale: infrastructure, platform, application, and data risk
Drive operational resilience in line with DORA-equivalent expectations - critical service identification, impact tolerances, scenario testing, and incident readiness
Stand up the third-party risk framework covering critical vendors, cloud providers, and AI suppliers
Own the Tech organization’s posture on GDPR, the EU AI Act, and adjacent regulatory frameworks
Act as the primary interface for internal audit and cyber security teams
Who You Are
Director-level leader with deep experience in technology risk, compliance, operational resilience, or audit within a regulated industry, large multinational, or top-tier consulting firm
Proven track record turning fragmented compliance demands into a single coherent agenda
Experience setting strategy and shaping vision for a risk and compliance function - not only running day-to-day
Strong working knowledge of DORA-equivalent resilience expectations, GDPR, and the EU AI Act
Credible at C-suite level; comfortable operating alongside a strong cybersecurity function with clear boundaries
Pragmatic, decisive, and able to move at pace in a transforming environment
Available immediately or at short notice
The following are a plus:
Background combining consulting and industry-side experience
Track record in convergence or harmonization programmes across markets
Experience with modern cloud and hybrid estate risk in a large-scale environment
A Little Bit About Riverflex
Riverflex was founded in Amsterdam and London in 2018 and has grown into a global team of consultants united by one mission: help courageous leaders drive intelligent transformation. We integrate three service pillars - strategy & transformation consulting that Creates Change, talent services that Build Teams, and business-accelerating AI products that Augment Intelligence.
We are not a traditional consultancy. We work at C-level with blue-chip companies on the programmes that actually matter, and we are building our Technology Risk practice at exactly the moment the market needs it most.
Apply Now
Interested in this role? Submit your CV and a brief note on your relevant experience through the Riverflex website or reach out to our talent team directly.
We are an Equal Opportunity Employer and take pride in a diverse environment. We do not discriminate in recruitment, hiring, training, promotion, or other employment practices for reasons of race, color, religion, gender, sexual orientation, national origin, age, marital status, medical condition, or disability. Even if you believe you do not tick all the aforementioned requirements for the role, we still encourage you to take the time to apply.
Traditional consulting models weren't built for the speed of AI. We are.
Riverflex is your intelligent transformation accelerator. We help courageous leaders at the world's leading companies drive profound change in the age of AI.
Our approach is different by design, built on a unique, human-led framework that delivers real-world results.
We believe that successful transformation requires more than just a strategy; it requires a new composition of human and machine. We orchestrate this through our three core pillars:
1. CREATE CHANGE: We don't just write reports; we craft your vehicle of change. We co-develop the vision and strategies that motivate your organization to make difficult turns and go faster.
2. BUILD TEAMS: We don't create dependency; we develop your pit crew. We build the strength of your own team through targeted training and by augmenting your staff with elite interim and permanent hires from our network.
3. AUGMENT INTELLIGENCE: We don't just talk about AI; we deliver your intelligent cockpit. We implement cutting-edge, AI-augmented workflows and custom tools that enhance your organization's decision-making and streamline operations.
This is all powered by our global open-talent ecosystem, a curated network of "Riverflex Pros" who are true experts in technology, data, and change management.
For Leaders & Innovators:
Ready for a next gen consulting partner that builds your capability, not just your slide decks? Let's accelerate your transformation.
✉️ info@riverflex.com
For Independent Experts:
Are you an elite expert ready to work on challenges that matter? Join our curated network of Pros.
🔗 Apply to the Riverflex Collective: https://platform.riverflex.com
