Senior GRC Advisor - Data & AI Governance

About The Position

Requirements

• Typically, 5 - 7 years of relevant experience in governance, risk, compliance, data governance, AI governance, risk management, audit, or related disciplines, with a strong focus on advisory and oversight activities.
• Strong knowledge of Data and AI governance risk and regulatory requirements, including data privacy, data quality, model risk, and emerging AI governance considerations.
• Solid understanding of applicable regulations, industry standards, and control frameworks relevant to enterprise risk management and the data and AI lifecycle.
• Experience supporting risk assessments (e.g., PSPRA, RCRA, process risk and control assessments), including advising on risk identification, control considerations, and Key Risk Indicators (KRIs).
• Strong analytical and critical‑thinking skills, with the ability to assess governance and control alignment, identify gaps, and articulate risk implications.
• Effective communication, collaboration, and stakeholder management skills, with the ability to influence across first‑ and second‑line functions.
• Ability to work independently, exercise sound judgment, and appropriately escalate governance or risk concerns.
• Required professional certifications: CDMP - Certified Data Management Professional (by DAMA) CRISC - Certified in Risk and Information Systems Control (by ISACA) OR CGRC - Certified in Governance, Risk and Compliance (by ISC2)

Nice To Haves

• AIGP – Artificial Intelligence Governance Professional (by IAPP)
• ISO/IEC 42001 – AI Lead Auditor/Implementer (by ISO)

Responsibilities

• Maintains a strong understanding of applicable regulatory requirements, industry standards, and internal policy frameworks; monitors changes and provides timely governance, risk, and control insights.
• Supports PSPRA, RCRA and other risk assessment activities across Data Governance and AI‑related processes from an advisory and challenge perspective.
• Provides governance and control advisory support to business partners, clarifying expectations and risk considerations without directing operational decision‑making.
• Applies governance frameworks and control principles to assess alignment of business practices with enterprise standards and risk appetite.
• Communicates governance, risk, and control considerations clearly to stakeholders, supporting informed decision‑making and consistent application of expectations.
• Serves as a governance advisor to business and technology stakeholders, providing guidance on risk management practices, control design considerations, and policy interpretation.
• Supports the development, refinement, and socialization of governance standards, procedures, and guidance related to Data and AI risk management.
• Facilitates governance forums, working sessions, and stakeholder discussions to promote shared understanding of governance expectations and emerging risks.
• Reviews governance artifacts, assessments, and documentation prepared by others to provide advisory feedback on completeness, clarity, and alignment with governance and risk standards.
• Identifies governance gaps, emerging risks, or areas of inconsistency and escalates observations with clear articulation of risk and impact.
• Prepares governance summaries, advisory materials, and reporting to support leadership oversight and informed risk discussions.
• Builds and maintains strong working relationships with internal and external partners, particularly across first‑ and second‑line functions.
• Acts as a trusted governance, risk, and control advisor to stakeholders, balancing effective challenge with collaboration.
• Develops a deep understanding of end‑to‑end business processes related to data and AI model risk management and lifecycle management to provide relevant and practical guidance.
• Partners with stakeholders to support governance alignment while respecting ownership and accountability within the first line of defense.
• Continuously enhances knowledge and skills in Data and AI governance, compliance, and risk management.
• Works independently, exercising sound judgment to identify, assess, and escalate governance or control concerns within defined guidelines.
• May assume additional responsibilities aligned with governance, risk, and control advisory needs.
• Coaches and mentors junior staff to strengthen governance understanding, consistency, and advisory effectiveness across the team.

Benefits

• BMO also offers health insurance, tuition reimbursement, accident and life insurance, and retirement savings plans.