Comerica Management Company Sr. Staff Engineer- Cybersecurity Risk in Auburn Hills, Michigan
Apply knowledge of security testing and security exception processes to conduct information security technology risk assurance and assessment services. Perform controls testing for technology risk, information security, information lifecycle management, technology lifecycle management, business continuity, and disaster recovery. Perform security risk exception oversight and management of security exceptions. Perform risk review of applications and system software and provide solutions to manage risk and identify security exposures. Support Federal Regulatory Exams and reviews conducted by Audit office. Serve as Comerica expert in key information security technology risk initiatives. Assist in third party risk reviews. Approve all technical documents. Serve as primary resource for project-based risk acceptance security exception processing. Define and validate that security requirements are met and identify applications which require higher-level testing. Provide input for Production Certification approval. Liaise with technology and business teams to develop Comerica-specific specialized risk mitigation action plans, and document risk mitigation action plans. Manage relationships in all areas of IT business lines to ensure those responsible for supporting host assets, as well as the application owners, are aware of current threats and risks associated with those assets.