CA

DORA Governance & TPRM Specialist

Capco
Italy - Milan, Italyfull_timePosted 5 Jun 2026

About the role

<p><em>Joining Capco means joining an organization that is committed to an inclusive working environment where you’re encouraged to #BeYourselfAtWork. We celebrate individuality and recognize that diversity and inclusion, in all forms, is critical to success. It’s important to us that we recruit and develop as diverse a range of talent as we can, and we believe that everyone brings something different to the table – so we’d love to know what makes you different. Such differences may mean we need to make changes to our process to allow you the best possible platform to succeed, and we are happy to cater to any reasonable adjustments you may require. You will find the section to let us know of these at the bottom of your application form or you can mention it directly to your recruiter at any stage and they will be happy to help.</em></p> <p><strong><u>About Capco</u></strong></p> <p>Capco is a global technology and business consultancy, focused on the financial services sector. We are growing at fast pace in our Italian office, the opportunity for growth is large, accessible, and immediate. We are passionate about helping our clients succeed in an ever-changing industry. Capco is going through a significant growth journey, now is a very good time to join us as we expand our consulting team in Italy.</p> <p><strong><u>Role Description</u></strong></p> <p>As part of the consulting team, the DORA Governance & TPRM Specialist will:</p> <ul> <li>Support the definition, implementation, and evolution of the Digital Operational Resilience framework in line with DORA, including governance, roles, responsibilities, and reporting</li> <li>Monitor and manage ICT and third-party risks, with a focus on service providers and outsourcing arrangements</li> <li>Contribute to the ICT Third-Party Risk Management (TPRM) framework, including risk assessment, due diligence, and ongoing supplier monitoring</li> <li>Support second line of defense activities within the ERM framework (e.g., KRI, RAF, controls), focusing on ICT and security risks</li> <li>Maintain and update the Register of Information (RoI), ensuring data quality and completeness of ICT services and providers</li> <li>Support the definition and maintenance of policies and procedures related to ICT risk, digital resilience, and third-party management</li> <li>Contribute to the ICT Risk Appetite Framework, including indicators, thresholds, and escalation mechanisms</li> <li>Support ICT incident management oversight and remediation processes</li> <li>Prepare reporting and dashboards to communicate ICT and third-party risk exposure to senior stakeholders</li> <li>Collaborate with cross-functional teams to ensure alignment on digital resilience initiatives</li> &

Apply for this role

Generate a tailored application kit with a matched cover letter, interview prep, and CV highlights — in under 60 seconds.

Generate Application Kit

Free account required — sign up in 30s

Company

Capco

View all open roles →