Booking NL

DMLP Risk Partner (For independent contractors)

Posted Feb 13, 2026
Project ID: 11382-1
Location
Amsterdam, NH
Hours/week
40 hrs/week
Timeline
6 months
Starts: Feb 18, 2026
Ends: Aug 17, 2026
Payrate range
55 - 110 €/hr

1. Risk and Compliance Partnership


  • Act as a Risk Partner to platform owners and development teams within the Machine Learning Platform department, providing expertise in NIST, SOX, PCI-DSS, NIS2 and security best practices and tailoring compliance requirements internal environments


  • Provide Right-Sized Advisory on control design. You will champion agile and scalable solutions that solve problems without overengineering, ensuring controls are effective but not obstructive.


  • Bridge the Gap between technical teams and audit functions, translating complex tech stacks into risk-based language for Internal/External Audit.



2. Risk Assessments


  • Execute Technical Risk Assessments for new platforms and major architectural changes. You will identify risks in modern tech stacks and support teams in implementing appropriate safeguards.


  • Maintain the Risk Inventory. Systematically track and monitor identified issues originating from audits, penetration tests, and risk assessments to ensure Booking.com maintains a robust and resilient risk posture against current and emerging attack vectors.


  • Perform Root Cause Analysis on issues to identify systemic risks and propose structural improvements to the control framework.



3. Automation & Continuous Improvement


  • Drive/support Automation Initiatives by identifying manual compliance bottlenecks and designing efficient workflows leveraging automation and AI.


  • Unify Control Frameworks across various platforms to simplify compliance and reduce "compliance fatigue" for engineering teams.


  • Enhance Methodology: Contribute to refinement of risk assessment procedures to keep pace with the dynamic nature of a high-growth tech environment.



4. Risk Reporting & Compliance Execution


  • Deliver Data-Driven Risk Insights by reporting on risk coverage and issues using tools like Jira and ServiceNow.


  • Support Audit Readiness by ensuring that platform owners are prepared for regulatory cycles (e.g. SOx, DMA, DSA, EU AI Act), walkthrough preparation and facilitation, coordinating evidence requests and drafting remediation & mitigation memos as needed and aligning with engineering teams