Enterprise Security Strategy Program Manager Dallas or Detroit metro

Enterprise Security Strategy Program Manager

The Enterprise Security Strategy Program Manager is responsible for assisting in the development, implementation, and monitoring of Enterprise Security's overall strategy and performance. Enterprise Security includes Cybersecurity, Physical Security & Resiliency; and is critical to protect, defend and enable the success of Comerica. This role will provide oversight of the program's people, process & technology strategy, planning and execution. Additionally, the Strategy Program Manager will be responsible for assisting the CISO and leadership team in the overall establishment and continuous improvement of our people management capabilities and partnering with involved parties. The incumbent will collaborate with cross-functional teams in developing and executing Enterprise Security's overall capacity and demand management strategy. This role will also assist with monitoring our performance and driving insight through the development of KPIs and Operational Metrics. Finally, the incumbent will assist leadership in clearly defining and enforcing the program's supervisory structure, enhance the overall accountability/ownership and strengthening supplier management capacities.

Position Responsibilities:

Strategy Development, Implementation, and Monitoring

• Develop 3-5 years rolling roadmaps to outline where Cybersecurity as an internal
  service provider wants to be.
• Serve as a central point of contact for the CISO and ensures operations and strategy are
  working as planned and ensure we continuously measure the program success.
• Provide leadership support and help ensure the CISO's strategic vision reaches across
  the diverse teams that support global enterprise security initiatives.
• Assist with program roadmaps and communications disseminated throughout the
  organization.
• Aid the CISO to ensure business decisions are not hampered by security, but made and
  implemented with security and security policies in mind, resulting in an adaptable,
  secure operating business environment.
• Work with Cybersecurity leadership team to help define program key performance
  indicators (KPIs) and other metrics that align with business initiatives and deliver to non-technical individuals.
• Refine and operationalize the Cybersecurity's Target Operating Model (TOM2.0).
• Maintain adequate knowledge on best practice recommendations based on the evolving threat landscape to protect the business.

Cybersecurity People Management Strategy Planning and Execution

• Perform strategic planning of Cybersecurity's human resources to align with the overall
  cyber program transformation strategy.
  
  • Ensure that critical roles have been developed by accountable managers.
  • Ensure the identification of key skillset and capacity gaps.
  • Create gaps closure plan with accountable managers.
  • Create career pipeline to allow career mobility.
  • Establish a Cyber program of mentorship/coach/evaluation /sponsorship to
    promote staff upskilling and career advancement.
• Ensure the optimization of Cybersecurity's human resources and support our
  transformational changes through various programs such as: communication, training,
  further engagement, mentoring and coaching, recognition and rewarding programs.
• Foster a synergistic team environment where employees are valued, challenged to
  achieve excellence and enjoy working for the company.
• Promote a strong Cybersecurity culture within the Cybersecurity department, but also
  organization-wide across management and employees.
• Ensure the establishment of a measurement system to track the usage and
  improvement of Cybersecurity's human resources to support the execution of our
  transformation strategy.
• Work with the talent acquisition team to improve the talent recruitment through more
  diverse channels.
• Work with Cybersecurity's PMO team to enhance the CTB demand management capability.

Cybersecurity Capacity Strategy Development and Execution

• Clearly define the Cybersecurity service offering, time required to deliver services, and
  accountable service owners.
• Better estimate and manage demands driven by:
  
  • Cybersecurity's RTB and CTB initiatives
  • Cybersecurity's ongoing BAU activities
  • Technology Projects
  • Incremental Business Request
  • New Risks and Regulatory driven requirements
• Allow flexible diverse sourcing options.
• Ensure Cybersecurity's accountable parties continuously capturing accurate actual
  demands and service consumption data.

Cybersecurity Supervisory Management

• Work with the Cyber SLT team to clearly define the baseline RACI for all key functions
  and roles.
• Operationalize the supervisory structure.
• Enforce the supervisory structure though alignment with our HR processes and
  measurement systems (performance evaluation, compensation decisions, promotion
  decisions).
• Reinforce communication and awareness to support the operationalization of the RACI
  structure for our key roles.
• Continuously maintain and update the supervisory structure as needed driven by
  internal and/or external changes.
• Meet relevant regulatory requirements.

Other duties as assigned, including

• Plan and/or execute special projects assigned by the CISO.
• Conduct research and develop position papers on various topics raised by the CISO.
• Help prepare and refine board-level and senior management presentations and
  company-wide Cybersecurity communications.