Not Authorized
You are currently not authorized to access this section.
Please contact your Administrator to change your authorization settings.
Please contact your Administrator to change your authorization settings.
Manager of Tech Delivery Risk
Dallas, TX
Job Description
Manager Technology Delivery Risk
The Technology Delivery Risk Manager role is responsible for the development and maintenance of second line of defense technology risk management, including oversight of cloud technology, application security, software development lifecycle, technology change management, technology asset management, resilience and recovery risks, technology incident management, IT problem management, technology project management risk, and /or IT audit. The candidate must have an understanding of risk assessment methodologies for Comerica's IT applications and supporting IT infrastructure, oversight of IT policy/standards development, and evaluation of the suitability of IT risk acceptances in context of risk appetite. Maintenance of the technology and information-related risk management and risk reporting framework, including identification and reporting of key IT risks and Key Risk Indicators (KRIs), risk control self-assessments (RCSAs) for risks related to the achievement of Comerica's IT objectives, and participation in and management of IT governance committees.
Position Responsibilities:
- Execute Second Line of Defense (SLOD) risk management functions relative to Technology Risk by working with Technology, the LOBs and other bank stakeholders/divisions to risk review areas, related processes, etc., providing credible challenge regarding risk assessments, controls, strategic direction and other activities pertaining to the LOBs and Comerica. Ensure awareness of technology delivery risks and provide consulting support and direction to drive proactive risk identification, mitigation/remediation, and accurate, complete monitoring and reporting. Ensure awareness of current technology risks management top line and emerging risks, industry best practices, controls and solutions.
- Monitor First-Line-of-Defense (FLOD) in applying technology risk management tools in identifying, assessing, monitoring and controlling technology risk and provide guidance on necessary mitigation measures.
- Participates in independent review of ---root cause analyses, business-originated incidents, and lessons learned -- including identification of the technology control that failed or were absent based on our control framework; maintain methodology and facilitate execution of inherent and residual IT application risk assessments and other technology risk assessments
- Creates and delivers reporting (e.g. credible challenges of CC Memos) for SLOD perspective on technology risks to the Lines of Business, IT & IRM Leads, and Senior Executives.
- Implement various processes including risk reviews, program and project governance, application risk profiling, business risk profiling; monitor, oversee, and track technology/IT policy-related risk acceptances. Participate in and/or manage IT risk oversight committees; represent IRM during the root cause analyses process for significant technology incidents. Design and maintain processes to assess third party IT-related risk.
Position Qualifications:
- Bachelor's Degree in Technology, Computer Science or Business from an accredited university
- 10 years of experience required in technology, cyber security, information risk mgmt or related field
Licenses/Certificates:
- Preferred, (but not required) CISSP
- Preferred, CISM
- Preferred, CRISC
Comerica is proud to be an Equal Opportunity Employer - veterans/individuals with disabilities, committed to workplace diversity.
Job Summary
Start Date
As soon as possible
Employment Term and Type
Regular, Full Time
Required Education
Bachelor's Degree
Required Experience
10+ years
Email this Job to Yourself or a Friend