Third-Party Risk Analyst Senior The Third-Party Risk (TPR) Analyst Senior, reporting to the TPR Manager, will support the program by working with assigned business units to ensure third-parties are managed in accordance with program design. The position will also be responsible for understanding the external industry and regulatory changes and trends affecting TPR management and the changes in Comerica's process that need to take place in order to respond to those external factors. Postion Responsibilities: TPR Division Advisor * Work with divisonal management and their organizations on Third-Party risks, remediation, and strategies to ensure robust operational capability and effective implementation of outsourcing arrangements. * Assess new or changing industry conditions, technology, and laws/regulations to advise leaders on adjustments required as well as how TPR program is evolving to assist. * Discuss complex issues, such as supplier concentration risk, and advise remediation strategies. * Report on third-party supplier risk across various dimensions (information security, financial, geographic, etc.). * Provide guidance and recommendations for remediation of TPR issues. * Participate in TPR, and relevant (divisional) industry forums to share, design and implement solutions. Program Oversight * Ensure proper and timely execution of the TPR program, i.e., ensuring that risk assessments (i.e., Inherent and Residual Risk), are completed on new and existing third-party suppliers and all other program activities/tasks, in accordance with the policy, framework and related program documents, including challenge/due diligence tasks, and guidance to business unit and other corporate stakeholders. * Coordinate risk assessments, working with supplier, subject matter experts, and division supplier managers. * Explain assessment results in plain language, identify implications, and explain options. * Prepare and present training materials to internal CMA stakeholders (i.e., SIMs/SRMs LOBs, and other corporate business partners) on the TPRM program (i.e., required tasks, timeframes, evidence required, reporting, etc.), and on the eGRC Archer tool that supports the TPRM program. Prepare and/or periodically provide training to external sources/events, as assigned on Third-Party Risk Management. * Review Inherent Risk Questionnaires and due diligence results with supplier managers and advise supplier managers on remediation plans of any identified issues. Continuous Improvement * Identify process and technology improvements (new tools, improved reporting, etc.). * Serve as occasional project manager for improvements. * Mentor TPR analysts and share knowledge developed from working with complex and high-risk functions to develop continuous improvement opportunities. Audit and Regulatory Exams * Support internal audit and regulatory exams regarding the Comerica TPRM program/activities by gathering documents, identifying resources to participate, and conducting analysis. * Identify and manage the design, implementation, and testing of remediation plans for identified program gaps/deficiencies. Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled