Information Security Risk Analyst
The Information Security Risk Analyst will provide support for all areas within Information Technology Risk and Advisory Services. This position will be responsible for performing Security Exception reviews, working with the Senior Risk Analyst's in reviewing inherent and residual risk of exceptions.
Successful incumbents possess business acumen knowledge, creativity, have decision making skills, a drive for results, have the ability to negotiate and to develop peer relationships, and have a strong technical background.
1. Work with Client Application owners on the approval of Technology Risk exceptions.
2. Perform metric's reporting of the volume of security exceptions and other key Risk indicators from the Information Security Risk and Advisory Services team.
3. Support the team by participating in projects, creating spreadsheets and documentation, attending meetings, and writing routine security exceptions.
4. Help produce team metrics of volume of Security open exceptions, expired exceptions and volume of retired exceptions.
5. Assist in developing and maintaining process and procedures, of team functions that include Security exception process, application assessment process, and business application residual risk assessment process.
6. Perform basic security exceptions for non-complex applications, and small projects.
7. Manage the security exception renewal process by identifying exceptions before they expire and working through a process to either renew or resolve the exceptions.
8. Interact with Information Services, identifying security gaps, and or alignment issues to Information Security Policy.
9. Communicate to clients on timing of expired exceptions and explaining the deficiencies outline in the exceptions.
Relocation assistance is not provided for this position.
Travel is not required of this position.
* Bachelor's degree from an accredited university and 4 years' experience or 7 years of technical work experience.
* 3 years Information Technology Background
* 3 years' experience in supporting or designing technology infrastructure
* 1 year of experience working in the area of Information Security Risk or Third Party Risk
Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled
A little about us:
At Comerica Bank, we’re looking for leaders to help guide a higher level of banking.