Primary Location:
Comerica Bank Tower
Locations:
Dallas, TX US
Additional Locations:
Comerica Bank Tower
Job Type:
Full-time
WorkBest Job Category:
Category C – Days may vary based on workweek schedule (1-5 days in office)
Job Category:
Compliance/Security/Fraud/Risk
Required Experience:
7-12 years
Overtime Status:
Exempt
Job ID:
237206
Manager of Tech Delivery Risk
- Execute Second Line of Defense (SLOD) risk management functions relative to Technology Risk by working with Technology, the LOBs and other bank stakeholders/divisions to risk review areas, related processes, etc., providing credible challenge regarding risk assessments, controls, strategic direction and other activities pertaining to the LOBs and Comerica. Ensure awareness of technology delivery risks and provide consulting support and direction to drive proactive risk identification, mitigation/remediation, and accurate, complete monitoring and reporting. Ensure awareness of current technology risks management top line and emerging risks, industry best practices, controls and solutions.
- Monitor First-Line-of-Defense (FLOD) in applying technology risk management tools in identifying, assessing, monitoring and controlling technology risk and provide guidance on necessary mitigation measures.
- Participates in independent review of —root cause analyses, business-originated incidents, and lessons learned — including identification of the technology control that failed or were absent based on our control framework; maintain methodology and facilitate execution of inherent and residual IT application risk assessments and other technology risk assessments
- Creates and delivers reporting (e.g. credible challenges of CC Memos) for SLOD perspective on technology risks to the Lines of Business, IT & IRM Leads, and Senior Executives.
- Implement various processes including risk reviews, program and project governance, application risk profiling, business risk profiling; monitor, oversee, and track technology/IT policy-related risk acceptances. Participate in and/or manage IT risk oversight committees; represent IRM during the root cause analyses process for significant technology incidents. Design and maintain processes to assess third party IT-related risk.
- Bachelor’s Degree in Technology, Computer Science or Business from an accredited university
- 10 years of experience required in technology, cyber security, information risk mgmt or related field
- Preferred, (but not required) CISSP
- Preferred, CISM
- Preferred, CRISC
Comerica Bank Tower8:00am – 5:00pm Monday – Friday. This position offers a hybrid work model that includes onsite and remote days as determined by the manager.