Specific tools/skillset: Expert knowledge of data management, data governance, data breaches, and data \& AI risk principles SME and point of contact for all data risk management and related work efforts Expert in creating a data risk methodology and apply a data risk program to the company Experience in compliance, risk and audit program and practice including regulatory audits Ability to create any of the following: framework, policies, standards, procedures, templates, etc. Expertise and knowledge in creating risk appetite statements, risk limits and thresholds, impact assessments, or risk tolerance Expertise in risk monitoring and reporting, including escalations to senior management when needed Conduct audits or independent challenge review of internal and external (business units) compliance with data governance standards, procedures, including if necessary, liaise with internal and external auditors, or regulators Self-starter, creative, and willingness to adjust and pivot depending on the priorities Must be familiar with regulatory requirements coming from OSFI, Privacy, Canadian Federal regulations, Health Dental and Investment regulations, etc. Experience in Cyber Security, Privacy, NIST Compliance, PCI DSS, SOX Compliance, ISO 27001/2
