Specific tools/skillset:

• Expert knowledge of data management, data governance, data breaches, and data & AI risk principles
• SME and point of contact for all data risk management and related work efforts
• Expert in creating a data risk methodology and apply a data risk program to the company
• Experience in compliance, risk and audit program and practice including regulatory audits
• Ability to create any of the following: framework, policies, standards, procedures, templates, etc.
• Expertise and knowledge in creating risk appetite statements, risk limits and thresholds, impact assessments, or risk tolerance
• Expertise in risk monitoring and reporting, including escalations to senior management when needed
• Conduct audits or independent challenge review of internal and external (business units) compliance with data governance standards, procedures, including if necessary, liaise with internal and external auditors, or regulators
• Self-starter, creative, and willingness to adjust and pivot depending on the priorities
• Must be familiar with regulatory requirements coming from OSFI, Privacy, Canadian Federal regulations, Health Dental and Investment regulations, etc.
• Experience in Cyber Security, Privacy, NIST Compliance, PCI DSS, SOX Compliance, ISO 27001/2