AI Risk Officer Manager

05/10/2026

Address:

320 S Canal Street

Job Family Group:

Audit, Risk & Compliance

Oversees, monitors, and reports on information and technology risks for a designated portfolio. Develops and monitors the risk management and governance framework and practices leveraged across BMO to manage information and technology risks. Develops and monitors adherence to policies, standards, methodologies, and controls that increase transparency, accuracy, and consistency across groups. Works with stakeholders to implement the methodology, metrics, and program standards for the assigned portfolio to ensure compliance, effective monitoring, timely reporting, and identify action plans.

• Acts as a trusted advisor to assigned business/group.
• Guides/assists in the identification and classification of issues; recommends action plans.
• Influences and negotiates to achieve business objectives.
• Recommends and implements solutions based on analysis of issues and implications for the business.
• Assists in the development of strategic plans.
• Identifies emerging issues and trends to inform decision-making.
• Researches existing or emerging requirements and related best practices to develop recommendations for changes/enhancements.
• Independently assesses the information and technology risk profile (e.g. exposures, material initiatives, systems issues or weaknesses in the control structure) for the assigned portfolio.
• Assists with the interpretation of new or changing regulations and assesses impacts to governance frameworks.
• Helps determine business priorities and best sequence for execution of business/group strategy.
• Conducts independent analysis and assessment to resolve strategic issues.
• Leads the development and maintenance of the governance system and framework.
• Ensures alignment between stakeholders.
• Represents the risk program / governance structure during internal/external regulatory audits and/or examinations.
• Breaks down strategic problems, and analyses data and information to provide insights and recommendations.
• Coordinates the management of databases; ensures alignment and integration of data in adherence with data governance standards.
• Builds change management plans of varying scope and type; leads or participates in a variety of change management activities including readiness assessments, planning, stakeholder management, execution, evaluation and sustainment of initiatives.
• Leads or participates in defining the communication plan designed to positively influence or change behaviour; develops tailored messaging; and identifies appropriate distribution channels.
• Assesses education and training needs to develop and deliver training.
• Leads and integrates the monitoring, measurement, and reporting on the status of the information and technology risk governance program to internal and external stakeholders.
• Leads the management of governance meetings and maintenance of governing body mandates, oversight, and approval guidelines.
• May provide specialized support for other internal and external regulatory requirements.
• Provides input into the planning and implementation of ongoing operational programs in support of the information and technology risk framework.
• Leads/participates in the design, implementation and management of core business/group processes.
• Administers and maintains technology and information security and management risk program activities adhering to applicable policies, procedures, and established processes.
• Reviews new business initiatives and monitors existing initiatives to identify potential risk situations/ impacts; makes recommendations or escalates as per guidelines.
• Identifies potential risk situations / impacts and makes recommendations or escalates.
• Provides advice and guidance to assigned business/group on implementation of the risk framework, including effective challenge.
• Coordinates and participates in the execution of oversight/governance activities including reporting; assessment of education & training needs, development/delivery of training; development and execution of regulatory administration processes & procedures.
• Consults with stakeholders to improve consistency and transparency of risk measurement, metrics and reporting.
• Supports the development and maintenance of the governance system and framework including supporting policy/standard/operating procedures lifecycle management, education and training assessments.
• Builds effective relationships with internal/external stakeholders e.g. business stakeholders and corporate support areas to provide second line of defense information and technology risk management support.
• Manages databases and provides support for analysis, forecasting and/or data visualization, ensuring adherence with data governance standards.
• Analyzes data and information to provide insights and recommendations; includes identification of risk impacts for new processes and workflows related to initiatives.
• Maintains tools and templates for information and technology risk programs and standards e.g. Risk Control Self Assessment (RCSA), Sarbanes-Oxley (SOX), business continuity planning standards and policies for internal and third-party solution development.
• Develops and maintains in-depth knowledge of business and related risk management requirements and legislative/ regulatory directives and guidance.
• Builds effective relationships with internal/external stakeholders.
• Analyzes data and information to provide insights and recommendations.
• Focus is primarily on business/group within BMO; may have broader, enterprise-wide focus.
• Provides specialized consulting, analytical and technical support.
• Exercises judgment to identify, diagnose, and solve problems within given rules.
• Works independently and regularly handles non-routine situations.
• Broader work or accountabilities may be assigned as needed.

  Qualifications:

• Typically between 5 - 7 years of relevant experience and post-secondary degree in related field of study or an equivalent combination of education and experience.
• Degree in Information Technology, Computer Science, Business Administration, or related field of study preferred.
• Completion of a Security related certification preferred (e.g. CISSP, CISA, CISM, GIAC).
• In-depth knowledge of information and technology risk management practices.
• In-depth knowledge of the designated business / product portfolio.
• In-depth knowledge of regulatory requirements.
• In-depth knowledge of quantitative techniques and economic capital methodologies.
• In-depth knowledge and experience with risk policy frameworks; quality control / testing frameworks.
• Deep knowledge and technical proficiency gained through extensive education and business experience.
• Verbal & written communication skills - In-depth.
• Collaboration & team skills - In-depth.
• Analytical and problem solving skills - In-depth.
• Influence skills - In-depth.
• Data driven decision making - In-depth.

Salary:

$74,000.00 - $138,000.00

Pay Type:

Salaried

The above represents BMO Financial Group’s pay range and type.

Salaries will vary based on factors such as location, skills, experience, education, and qualifications for the role, and may include a commission structure. Salaries for part-time roles will be pro-rated based on number of hours regularly worked. For commission roles, the salary listed above represents BMO Financial Group’s expected target for the first year in this position.

BMO Financial Group’s total compensation package will vary based on the pay type of the position and may include performance-based incentives, discretionary bonuses, as well as other perks and rewards. BMO also offers health insurance, tuition reimbursement, accident and life insurance, and retirement savings plans. To view more details of our benefits, please visit: https://jobs.bmo.com/global/en/Total-Rewards

About Us

At BMO we are driven by a shared Purpose: Boldly Grow the Good in business and life. It calls on us to create lasting, positive change for our customers, our communities and our people. By working together, innovating and pushing boundaries, we transform lives and businesses, and power economic growth around the world.

As a member of the BMO team you are valued, respected and heard, and you have more ways to grow and make an impact.  We strive to help you make an impact from day one – for yourself and our customers.  We’ll support you with the tools and resources you need to reach new milestones, as you help our customers reach theirs. From in-depth training and coaching, to manager support and network-building opportunities, we’ll help you gain valuable experience, and broaden your skillset.

To find out more visit us at http://jobs.bmo.com/us/en

BMO is proud to be an equal employment opportunity employer. We evaluate applicants without regard to race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or any other legally protected characteristics. We also consider applicants with criminal histories, consistent with applicable federal, state and local law.

BMO is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please send an e-mail to BMOCareers.Support@bmo.com and let us know the nature of your request and your contact information.

Note to Recruiters: BMO does not accept unsolicited resumes from any source other than directly from a candidate. Any unsolicited resumes sent to BMO, directly or indirectly, will be considered BMO property. BMO will not pay a fee for any placement resulting from the receipt of an unsolicited resume. A recruiting agency must first have a valid, written and fully executed agency agreement contract for service to submit resumes.