Dmitrii Shatov - IT Regulatory Compliance & GRC (BCM, IT Risk, DORA, ISO 22301, Outsourcing)

Q: Where is Dmitrii based?

Dmitrii is based in Frankfurt, Germany and can operate in on-site , hybrid , and remote work models.

Q: What languages does Dmitrii speak?

Dmitrii speaks the following languages: Russian (Native), German (Advanced), English (Advanced) .

Q: How many years of experience does Dmitrii have?

Dmitrii has at least 11 years of experience. During this time, Dmitrii has worked in at least 5 different roles and for 6 different companies . The average length of individual experience is 1 year and 11 months . Note that Dmitrii may not have shared all experience and actually has more experience.

Q: What is Dmitrii's latest experience?

Dmitrii's most recent position is IT Risk & Compliance | DORA | IT Regulatory & Operational Resilience Senior Consultant at Jefferies GmbH .

Q: What companies has Dmitrii worked for in recent years?

In recent years, Dmitrii has worked for Jefferies GmbH , Blink Operations Limited , Oman Investment Bank , Noqoody Payment Services Co. , and OWH SE I.L (Form. VTB Bank Europe SE) .

Q: Which industries is Dmitrii most experienced in?

Dmitrii is most experienced in industries like Banking and Finance and Information Technology (IT) .

Q: Which business areas is Dmitrii most experienced in?

Dmitrii is most experienced in business areas like Information Technology (IT) , Operations , and Procurement and Purchasing . Dmitrii also has some experience in Project Management , Audit , and Quality Assurance (QA) .

Q: Which industries has Dmitrii worked in recently?

Dmitrii has recently worked in industries like Banking and Finance and Information Technology (IT) .

Q: Which business areas has Dmitrii worked in recently?

Dmitrii has recently worked in business areas like Information Technology (IT) , Procurement and Purchasing , and Project Management .

Recommended expert

Frankfurt, Germany

Experience

Mar 2025 - Present

1 year

Frankfurt, Germany

On-site

IT Risk & Compliance | DORA | IT Regulatory & Operational Resilience Senior Consultant

Jefferies GmbH

Leading Jefferies’ DORA-driven operational resilience programme by strengthening ICT risk governance, control design, and regulatory readiness across key technology and outsourcing domains. Partnering with senior stakeholders to translate regulatory requirements into pragmatic governance, reporting, and assurance processes suitable for a global investment banking environment.

Developed the Enterprise Register of Information (DORA Art. 28.3) to align with regulatory requirements.
Defined and embedded ICT Risk Appetite and tolerance levels aligned to the Global Operational Risk Framework, strengthening decision-making and risk acceptance governance.
Drove audit readiness by reviewing and re-drafting 50+ IT & Information Security policies, improving clarity, ownership, and control alignment.
Oversaw the Operational Resilience Testing Programme (including penetration testing) and tracked remediation to closure, strengthening control assurance and reducing open findings.
Aligned 10+ intra-group agreements with DORA regulatory standards.
Enhanced executive-level decision-making with an enterprise ICT Risk Dashboard featuring KPIs/KRIs.

Jun 2024 - Mar 2025

10 months

Israel

Remote

External Consultant (remote)

Blink Operations Limited

Engaged by a cybersecurity SaaS startup to stand up compliance across ISO 27001, HIPAA, GDPR and NIST CSF. Built an Information Security Management System (ISMS) with policy suite, risk assessment and treatment plan; implemented HIPAA administrative/technical safeguards; mapped personal-data flows with RoPA and DPIAs; defined IR/BC/DR playbooks; rolled out vendor risk and secure-SDLC controls; prepared auditor-ready evidence and customer security responses. Outcome: passed client security due diligence, closed audit gaps, and achieved certification readiness.

Feb 2024 - Sep 2024

8 months

Oman

Hybrid

Business Continuity Consultant

Oman Investment Bank

Implemented a Business Continuity framework aligned with the Central Bank of Oman and ISO 22301.

Nov 2022 - Mar 2023

5 months

Qatar

Remote

Business Continuity Consultant

Noqoody Payment Services Co.

Resolved Qatar Central Bank Business Continuity findings, enabling successful banking license acquisition.

Oct 2019 - Jun 2024

4 years 9 months

Frankfurt am Main, Germany

On-site

Head of Global Project Office and Central Outsourcing Management

OWH SE I.L (Form. VTB Bank Europe SE)

Reported to the COO as budget holder, leading a global team of three across Frankfurt and Moscow, and running the Global Project Office to deliver consistent governance across the project portfolio. Managed incidents and vendor exits to minimise disruption and maintain operational continuity, and led organisation-wide DORA implementation across regulatory, outsourcing, and technology governance.

Led global GPO operations to ensure delivery governance across the project portfolio, improving transparency of milestones, risks, and executive reporting (€30M total portfolio budget).
Directed procurement and outsourcing activities in line with MaRisk AT 9, EBA, and IDW 951 standards.
Strengthened protection of sensitive data and ICT services by embedding ISO 27001, ITIL, and BSI-aligned security practices into operational delivery and governance.
Maintained operational continuity and crisis responsiveness in line with MaRisk AT 7.3 / ISO 22301 / BCI, reducing disruption risk during incidents.
Enhanced corporate governance and compliance across GDPR and BDSG, clarifying accountabilities and evidence trails for audits and supervisory requests.

Jun 2014 - Oct 2019

5 years 5 months

Moscow, Russian Federation

On-site

Business Continuity Manager

VTB Capital

Raised BC maturity across multiple international locations (Russia, Hong Kong, Singapore, Bulgaria, UK, USA) by standardising requirements, testing routines, and recovery governance.
Resolved tactical issues for 60 coordinators via compliance measures.
Recognised with BCI Global and European Awards (2016) for highly effective recovery outcomes.

Summary

Seasoned IT and ICT Risk Executive with 15+ years of global experience leading IT risk, operational resilience, and regulatory compliance across financial institutions, multinational organisations, and technology environments. Proven expertise in designing and implementing ICT Risk Frameworks, DORA and MaRisk compliance strategies, Business Continuity programmes, and enterprise-level risk dashboards. Skilled at safeguarding critical IT infrastructure, driving risk-aware decision-making, and strengthening governance across complex, cross-cultural teams. Recognised for aligning technology risk strategies with business objectives, delivering audit-ready policies, and ensuring operational continuity in high-stakes environments. Adept at mentoring teams, engaging C-suite leadership, and translating regulatory requirements into actionable, enterprise-wide solutions.

Skills

Project Lifecycle Management
Crisis Management & Response
Stakeholder Engagement
Operational Resilience (Dora)
Risk Management
It Infrastructure & Process Optimization
Business Continuity Planning
Information & Cybersecurity
Financial Analysis & Cost Reduction
Operational Risk Assessment
New Product Development
Cloud Services
Outsourcing Management
Business Intelligence
Eu Banking Regulatory Compliance

Languages

Russian

Native

German

Advanced

English

Advanced

Education

Sep 2015 - Jun 2017

New Economic School

Master's Degree in Finance · Finance · Moscow, Russian Federation

Sep 2011 - Jun 2013

Bauman Moscow State Technical University

Master's Degree in Engineering · Engineering · Moscow, Russian Federation

Certifications & licenses

AI Ethics and Governance

365 Careers

AWS Certified Cloud Practitioner

Amazon Web Services

Certificate Of The BCI Examination (CBCI)

Business Continuity Institute

Data Protection In Financial Institutions

Bank-Verlag GmbH

ISO 22301 Business Continuity Systems Implementation

British Standards Institution

Member Of BCI (MBCI)

Business Continuity Institute

Outsourcing Management In Financial Institutions

Bank-Verlag GmbH

Project Management Professional (PMP)

Project Management Institute

Profile

Created

February 2024

Last Update

January 2026

Need a freelancer? Find your match in seconds.

Try FRATCH GPT

Frequently asked questions

Do you have questions? Here you can find further information.

Where is Dmitrii based?

Dmitrii is based in Frankfurt, Germany and can operate in on-site, hybrid, and remote work models.

What languages does Dmitrii speak?

Dmitrii speaks the following languages: Russian (Native), German (Advanced), English (Advanced).

How many years of experience does Dmitrii have?

Dmitrii has at least 11 years of experience. During this time, Dmitrii has worked in at least 5 different roles and for 6 different companies. The average length of individual experience is 1 year and 11 months. Note that Dmitrii may not have shared all experience and actually has more experience.

What roles would Dmitrii be best suited for?

Based on recent experience, Dmitrii would be well-suited for roles such as: IT Risk & Compliance | DORA | IT Regulatory & Operational Resilience Senior Consultant, External Consultant (remote), Business Continuity Consultant.

What is Dmitrii's latest experience?

Dmitrii's most recent position is IT Risk & Compliance | DORA | IT Regulatory & Operational Resilience Senior Consultant at Jefferies GmbH.

What companies has Dmitrii worked for in recent years?

In recent years, Dmitrii has worked for Jefferies GmbH, Blink Operations Limited, Oman Investment Bank, Noqoody Payment Services Co., and OWH SE I.L (Form. VTB Bank Europe SE).

Which industries is Dmitrii most experienced in?

Dmitrii is most experienced in industries like Banking and Finance and Information Technology (IT).

Which business areas is Dmitrii most experienced in?

Dmitrii is most experienced in business areas like Information Technology (IT), Operations, and Procurement and Purchasing. Dmitrii also has some experience in Project Management, Audit, and Quality Assurance (QA).

Which industries has Dmitrii worked in recently?

Dmitrii has recently worked in industries like Banking and Finance and Information Technology (IT).

Which business areas has Dmitrii worked in recently?

Dmitrii has recently worked in business areas like Information Technology (IT), Procurement and Purchasing, and Project Management.

What is Dmitrii's education?

Dmitrii holds a Master in Finance from New Economic School and a Master in Engineering from Bauman Moscow State Technical University.

Does Dmitrii have any certificates?

Dmitrii has 8 certificates. Among them, these include: AI Ethics and Governance, AWS Certified Cloud Practitioner, and Certificate Of The BCI Examination (CBCI).

What is the availability of Dmitrii?

Dmitrii will be available full-time from March 2026.

What is the rate of Dmitrii?

Dmitrii's rate depends on the specific project requirements. Please use the Meet button on the profile to schedule a meeting and discuss the details.

How to hire Dmitrii?

To hire Dmitrii, click the Meet button on the profile to request a meeting and discuss your project needs.

Average rates for similar positions

Rates are based on recent contracts and do not include FRATCH margin.

1000

750

500

250

Market avg: 700-860 €

The rates shown represent the typical market range for freelancers in this position based on recent contracts on our platform.

Actual rates may vary depending on seniority level, experience, skill specialization, project complexity, and engagement length.

Similar Freelancers

Discover other experts with similar qualifications and experience

Experts recently working on similar projects

Freelancers with hands-on experience in comparable project as a IT Risk & Compliance | DORA | IT Regulatory & Operational Resilience Senior Consultant