Primary Location:
Comerica Great Lakes Campus
Locations:
Farmington Hills, MI US
Additional Locations:
Comerica Great Lakes Campus
Job Type:
Full-time
WorkBest Job Category:
Category C – Days in the office will either be designated days or will vary week to week from 2-5 days
Job Category:
Compliance/Security/Fraud/Risk
Required Experience:
3-7 years
Overtime Status:
Exempt
Job ID:
246346
Technology Risk Specialist
- Execute Second Line of Defense (SLOD) risk management functions relative to Technology Risk, Information Risk/Security risk management by working with the LOBs and other bank stakeholders/divisions to risk review areas, related processes, etc., providing credible challenge regarding risk assessments, controls, strategic direction and other activities pertaining to the LOBs and Comerica. Ensure awareness of technology and information risk/security risks in the LOBs/Comerica and provide consulting support and direction to drive proactive risk identification, mitigation/remediation, and accurate, complete monitoring and reporting. Ensure awareness of current technology, information risk/security risk management top line and emerging risks, industry best practices, controls and solutions.
- Support development/documentation of required SLOD risk management functions/routines and controls, including deriving accurate and complete technology risk and information risk/security profiles. Technology Risk, Information Risk/Security Risk Management reporting of noted risks, support mitigation/remediation plans/activities required to monitor risks, and support execution of SLOD functions w/business partners. Prepare related reporting to ensure enterprise / management / board level awareness of Technology Risk, Information Risk/Security Risk Management profiles at aggregate and dis-aggregate levels.
- Engage with Bank stakeholders/divisions to ensure awareness, documentation, and accurate reporting of identified and potential risks (i.e. top line and emerging risks) impacting Comerica LOBs/functions from a Technology Risk, Information Risk/Security Risk perspective. Execute SLOD review, credible challenge to complete regulatory risk assessments in compliance with guidelines/requirements and/or certifications (i.e. PCI DSS, FFIEC, State Certifications, etc.).
- Act as a Subject Matter Expert in technology and information risk topics to support all SLOD functions, assessments, reviews, audits and related responsibilities of the second line of defense.
- Bachelor’s Degree from an accredited university in Technology, Computer Science or Business
- 8 years of experience in Technology, Information Security/Risk Management, including execution of risk assessments, mitigation/remediation of technology, information security and other risks, and evaluation, recommendation and/or implementation of industry best practices, controls, and tools
- CRISC preferred
- CGEIT preferred
- CIA (Certified Internal Auditor) preferred
- CISA (Certified Information Security Advisor) preferred
- CISSP (Certified Information Systems Security Professional) preferred
Comerica Great Lakes Campus8:00am – 5:00pm Monday – Friday