Senior GRC Advisor - Data & AI Governance

This role directly reports to and supports the Associate Director of T&O Risk (1B) - Business Risk Advisory and Controls - Testing & Advisory. The candidate will provide independent advisory, oversight, and validation of governance, risk, and control activities that support Enterprise Data Governance and AI Governance. The candidate will also support Product/Service/Process Risk Assessments (PSPRA) and Regulatory Compliance Risk Assessment (RCRA), maintain Process Risk and Control (PRC) libraries and advise on Key Risk Indicators (KRIs), etc. The role works in close collaboration with First Line of Defense (1LOD) and Regulatory Compliance and Risk related Second Line of Defense (2LOD) partners to support and strengthen governance and risk management across the enterprise., Governance, Risk & Compliance (Advisory)

• Maintains a strong understanding of applicable regulatory requirements, industry standards, and internal policy frameworks; monitors changes and provides timely governance, risk, and control insights.
• Supports PSPRA, RCRA and other risk assessment activities across Data Governance and AI-related processes from an advisory and challenge perspective.
• Provides governance and control advisory support to business partners, clarifying expectations and risk considerations without directing operational decision-making.
• Applies governance frameworks and control principles to assess alignment of business practices with enterprise standards and risk appetite.
• Communicates governance, risk, and control considerations clearly to stakeholders, supporting informed decision-making and consistent application of expectations.

Governance Advisory & Enablement

• Serves as a governance advisor to business and technology stakeholders, providing guidance on risk management practices, control design considerations, and policy interpretation.
• Supports the development, refinement, and socialization of governance standards, procedures, and guidance related to Data and AI risk management.
• Facilitates governance forums, working sessions, and stakeholder discussions to promote shared understanding of governance expectations and emerging risks.
• Reviews governance artifacts, assessments, and documentation prepared by others to provide advisory feedback on completeness, clarity, and alignment with governance and risk standards.
• Identifies governance gaps, emerging risks, or areas of inconsistency and escalates observations with clear articulation of risk and impact.
• Prepares governance summaries, advisory materials, and reporting to support leadership oversight and informed risk discussions.

Relationship Management & Collaboration

• Builds and maintains strong working relationships with internal and external partners, particularly across first- and second-line functions.
• Acts as a trusted governance, risk, and control advisor to stakeholders, balancing effective challenge with collaboration.
• Develops a deep understanding of end-to-end business processes related to data and AI model risk management and lifecycle management to provide relevant and practical guidance.
• Partners with stakeholders to support governance alignment while respecting ownership and accountability within the first line of defense.

General Responsibilities

• Continuously enhances knowledge and skills in Data and AI governance, compliance, and risk management.
• Works independently, exercising sound judgment to identify, assess, and escalate governance or control concerns within defined guidelines.
• May assume additional responsibilities aligned with governance, risk, and control advisory needs.
• Coaches and mentors junior staff to strengthen governance understanding, consistency, and advisory effectiveness across the team.

• Typically, 5 - 7 years of relevant experience in governance, risk, compliance, data governance, AI governance, risk management, audit, or related disciplines, with a strong focus on advisory and oversight activities.
• Strong knowledge of Data and AI governance risk and regulatory requirements, including data privacy, data quality, model risk, and emerging AI governance considerations.
• Solid understanding of applicable regulations, industry standards, and control frameworks relevant to enterprise risk management and the data and AI lifecycle.
• Experience supporting risk assessments (e.g., PSPRA, RCRA, process risk and control assessments), including advising on risk identification, control considerations, and Key Risk Indicators (KRIs).
• Strong analytical and critical-thinking skills, with the ability to assess governance and control alignment, identify gaps, and articulate risk implications.
• Effective communication, collaboration, and stakeholder management skills, with the ability to influence across first- and second-line functions.
• Ability to work independently, exercise sound judgment, and appropriately escalate governance or risk concerns.
• Required professional certifications:
• CDMP - Certified Data Management Professional (by DAMA)
• CRISC - Certified in Risk and Information Systems Control (by ISACA) OR CGRC - Certified in Governance, Risk and Compliance (by ISC2)
• Preferred certifications:
• AIGP - Artificial Intelligence Governance Professional (by IAPP)
• ISO/IEC 42001 - AI Lead Auditor/Implementer (by ISO)

$66,600.00 - $124,200.00

Pay Type:

Salaried

The above represents BMO Financial Group's pay range and type.

Salaries will vary based on factors such as location, skills, experience, education, and qualifications for the role, and may include a commission structure. Salaries for part-time roles will be pro-rated based on number of hours regularly worked. For commission roles, the salary listed above represents BMO Financial Group's expected target for the first year in this position.

BMO Financial Group's total compensation package will vary based on the pay type of the position and may include performance-based incentives, discretionary bonuses, as well as other perks and rewards. BMO also offers health insurance, tuition reimbursement, accident and life insurance, and retirement savings plans. To view more details of our benefits, please visit: https://jobs.bmo.com/global/en/Total-Rewards

At BMO we are driven by a shared Purpose: Boldly Grow the Good in business and life. It calls on us to create lasting, positive change for our customers, our communities and our people. By working together, innovating and pushing boundaries, we transform lives and businesses, and power economic growth around the world. As a member of the BMO team you are valued, respected and heard, and you have more ways to grow and make an impact. We strive to help you make an impact from day one - for yourself and our customers. We'll support you with the tools and resources you need to reach new milestones, as you help our customers reach theirs. From in-depth training and coaching, to manager support and network-building opportunities, we'll help you gain valuable experience, and broaden your skillset., Note to Recruiters: BMO does not accept unsolicited resumes from any source other than directly from a candidate. Any unsolicited resumes sent to BMO, directly or indirectly, will be considered BMO property. BMO will not pay a fee for any placement resulting from the receipt of an unsolicited resume. A recruiting agency must first have a valid, written and fully executed agency agreement contract for service to submit resumes.