Risk Analyst

Risk Analyst
Will be responsible for managing, executing, and improving governance and infrastructure elements of Comerica's Operational Risk program. Assist in governance committee reporting and communication of initiatives. Monitor regulatory developments and emerging risks that impact program including identification and remediation of program gaps/issues. Serve as project manager for maintaining program documentation (policy, procedure, training materials, website, etc.) and continuous improvement initiatives.

Position Responsibilities:
Daily roles/responsibilities, as reflected in the Operational Risk program
Program: Ensure proper execution of the program, i.e., ensuring that risk assessments, are completed on new and existing third-party suppliers and all other program activities/tasks, in accordance with policy, framework and related program documents, including challenge/due diligence tasks, and guidance to corporate stakeholders.
Key Existing, Emerging/Disruptive Risks: External research, updates, monitoring and tracking of key existing, emerging/disruptive risks that could potentially impact CMA.
Mailbox: Monitoring and related support to business partners and corporate stakeholders relative to the g group mailbox.
Training: Conduct, prepare training materials, and provide other support training, as assigned, regarding internal CMA stakeholders on the program (i.e., required tasks, timeframes, evidence required, reporting, etc.), and on the eGRC Archer tool that supports the program. Prepare and/or periodically provide training to external sources/events, as assigned.
Risk Governance Reporting: Provide risk analysis, risk data aggregation by LOB, Corporate Stakeholder, and enterprise for tracking, monitoring and reporting to management andrisk governance committees.
External Data: Provide support to Risk and other CMA teams/stakeholders to ensure that data is accurately captured in the eGRC system.
Audit and Regulatory Exams: Complete all requested actions (i.e. data/gathering and submission; responses, reports, etc. to support internal audit and regulatory exams; Prepare remediation plans and complete required actions in a comprehensive and timely manner to mitigate identified risks.
Actively participate in external conferences, webinars, and other events/activities to ensure demonstrated currency and awareness relative to industry best-practices, Key Risks, potential and actual incidents that could impact CMA.
KRIs/KPIs: Provide support and/or development of KRIs/KPIs, including tracking and reporting activities.
Active, respectful, timely, and collaborative interaction with business partners, Risk SMEs, CMA team members, management, and other corporate stakeholders.

Position Qualifications:
Bachelor's Degree in Business Administration, Risk Management or related disciplines pertaining to data management and transmission i.e. information risk management, information technology, cybersecurity, data governance, etc.)
5 years of Finance, Risk Management (i.e., operational risk mgmt., enterprise risk, technology/cybersecurity, Third-Party Risk, Compliance, or other related risk disciplines)
Licenses/Certifications
Preferred, Certifications in Risk Management, i.e., Certified Enterprise Risk Professional (CERP) and relevant disciplines, CISA, CRISC, CGEIT and CISM
Comerica Great Lakes Campus
8:00am - 5:00pm Monday - Friday