Browse
···
Log in / Register
Job Summary: We are seeking a TPRM and Third-Party Risk Specialist to lead the end-to-end implementation of DORA within financial institutions, adapting risk frameworks and ensuring operational resilience. Key Highlights: 1. Leadership in implementing the DORA framework for third-party risk. 2. Design and implementation of TPRM models aligned with DORA and EBA. 3. Permanent employment with an international company delivering strategic projects. TPRM and Third-Party Risk Specialist \| DORA Implementation Excelia is a leading multinational firm in Consulting, Technology, and Professional Services, with over 25 years of excellence-driven history! We operate across more than 50 countries in Europe, Latin America, and the United States, from our 9 strategically located offices. We are currently seeking a professional specialized in Third-Party Risk Management (TPRM) with direct experience in the end-to-end implementation of the Digital Operational Resilience Act (DORA) within financial sector entities. Proven experience leading the adaptation of third-party risk frameworks, outsourcing processes, and ICT controls to European regulatory requirements, ensuring regulatory compliance and operational resilience. Responsibilities Leadership in implementing the DORA framework within the third-party risk domain, including regulatory gap analysis, roadmap definition, and execution of the adaptation plan. Design and implementation of a TPRM model aligned with DORA, Regulatory Technical Standards (RTS), and EBA outsourcing guidelines. Adaptation and updating of policies, procedures, and controls for critical suppliers in accordance with DORA requirements. Identification and classification of Critical or Important Functions (CIF) and critical ICT third-party providers. Design and maintenance of the third-party information register mandated by DORA. Execution of enhanced due diligence on critical ICT third-party providers and assessment of concentration risk. Definition of mandatory DORA contractual clauses in coordination with Legal and Procurement teams. Implementation of continuous monitoring processes, periodic re-evaluations, and regulatory reporting. Participation in operational resilience testing and coordination during incident scenarios involving third parties. Preparation of documentation and evidence for supervisors and regulatory audits. Requirements Experience and Key Skills Proven hands-on experience implementing DORA, especially within the third-party ICT risk pillar. Experience conducting DORA gap assessments, defining action plans, and tracking them to closure. In-depth knowledge of DORA RTS, EBA Guidelines on Outsourcing, NIS2, and ISO 27001\. Experience managing ICT suppliers in regulated environments (financial, fintech, insurance). Ability to translate complex regulatory requirements into operational processes and measurable controls. Executive communication skills for reporting to senior management and governance bodies. Structured, analytical profile oriented toward compliance and resilience. Location Madrid, with a hybrid work model (1 day onsite). What We Offer? Permanent employment with an international company delivering strategic projects in the financial sector. Competitive salary band aligned with your experience and professional trajectory. Flexible compensation. Ongoing training in operational resilience, financial regulation, and ICT risk management. ⏰ Flexible working hours and a hybrid work model.
