Sr Manager - IT Governance and Controls

At Weyerhaeuser we are the worlds premier timber land and forest products company. Sustainability is the founding concept of our business and our values drive every decision to ensure we continue to lead the forestry industry in sustainability practices. And we know about sustainability we led it in the forestry industry when we planted our first seedling by hand in 1938. We recognize that our success is dependent on the success of our people. For 125 years our Weyerhaeuser team has been making a difference in the world from the seedlings we plant to the forests and trees we nurture we ensure every acre is managed with diligence patience and pride. Thats the Weyerhaeuser way.

Our IT team is on a mission to transform the timber industry. We are not just in the cloud; we are implementing technology that will keep us at the forefront of innovation in the forest products industry. Join our team and be a key partner to help us shape our digital future. This role will help expand our strategic technical direction and implement solutions that enable business strategies. If you want to be part of a world-class technology team changing the world we live in come grow with us!

We are seeking a highly skilled and experienced Sr Manager IT Governance and Controls to join our IT PMO & Business Office organization. In this role you will lead a team focused on managing IT general controls (ITGC) supporting internal and external audits (including SOX) and driving consistent risk management practices across IT services projects and operations. If you are a strategic proactive leader with a passion for governance risk and controls we invite you to apply for this exciting opportunity.

Job Responsibilities

• Lead the development maintenance and monitoring of IT general controls (ITGC) across applications and services in alignment with Weyerhaeusers Security Framework.
• Plan and administer compliance with Sarbanes Oxley control requirements.
• Define and communicate role expectations across the continuum of SOX compliance.
• Oversee IT audit preparation and response activities including walkthroughs evidence collection and remediation for SOX and business process audits.
• Lead the development maintenance and monitoring of IT controls for Systems Development projects (SDLC) in alignment with Weyerhaeusers Security Framework and IT PMO standards.
• Collaborate with internal stakeholders (e.g. IT internal audit security procurement PMO) to ensure control requirements are implemented and maintained throughout project and service lifecycles.
• Perform or oversee IT risk assessments control gap assessments.
• Manage the centralized risk and control repository (AuditBoard) including certification processes and evidence tracking.
• Provide governance consultation and readiness assessments for IT initiatives ensuring risk mitigation and control compliance from design through operational readiness.
• Key liaison between IT internal and external audit and business teams to ensure transparency accountability and control effectiveness throughout project and service lifecycles.
• Service as primary point of contact representing IT with external audit in partnership with internal audit.
• Drive training education and awareness across IT on governance processes control requirements and audit preparation best practices.
• Provide leadership and guidance to your team of IT Governance Analysts. Ensure effective communication collaboration and professional development. Foster collaboration and support professional development opportunities.
• Defines and maintains key performance indicators and compliance metrics to effectively communicate compliance to senior leadership.
• Seeks to automate processes & controls to reduce manual tasks and improve quality of audit evidence.
• Strategy development resource management and talent development focusing on innovation value delivery and operational excellence to drive growth efficiency and resilience in partnership with business units.

• Bachelors degree and/or equivalent work experience noted below.
• 10 years of progressive relevant required. Background in IT Audit IT Security or IT Risk Management required.
• Strong leadership and team management skills with the ability to influence and motivate cross-functional teams required.
• Excellent communication and stakeholder management skills with the ability to effectively communicate technical concepts to both technical and non-technical audiences at all levels required.
• Expert level and proven experience with IT risk management control frameworks (e.g. COBIT ISO) and general control practices (SOX) required.
• Prior experience working with internal and external IT audit and remediating control deficiencies required.

Additional Qualifications

• SAP experience including GRC preferred.
• CISA or CRISC certifications preferred.
• Familiarity with tools such as AuditBoard ServiceNow or similar GRC platforms.
• Ability to interpret and apply regulatory audit and security requirements in a business-friendly risk-aware manner.
• Enthusiastic team player proven ability to build partnerships with stakeholders across IT audit and business units.

What We Offer:

Compensation: This role is eligible for our annual merit-increase program and we are targeting a salary range of $142650-$213975 based on your level of skills qualifications and experience. You will also be eligible for our Annual Incentive Program which offers a cash bonus targeting 25% of base pay. Potential plan funding may range from zero to two times that target.

Benefits: When you join our team you and your dependents will be offered coverage under our comprehensive employee benefits plan which includes medical dental vision short and long-term disability and life insurance. We offer a pre-tax Health Savings Account option which includes a company contribution. Other benefit options are also available such as voluntary Long-Term Care and Employee Assistance Programs. We also support personal volunteerism sponsor a host of diversity networks promote mentoring and provide training and development opportunities to help you chart your path to a fulfilling career.

Retirement: Employees are able to enroll in our companys 401k plan which includes a paid company match in addition to our annual contribution equal to 5% of your base salary.

Paid Time Off or Vacation:We provide eligible employees who are scheduled to work 25 hours or more per week with 3-weeks of paid vacation to use during your first year of employment. In addition after being employed for six months eligible employees begin to accrue vacation for future use. We also recognize eleven paid holidays per year providing a total of 88 holiday hours and paid parental leave for all full-time employees.

About Weyerhaeuser

We sustainably manage forests and manufacture products that make the world a better place. Were serious about safety driven to achieve excellence and proud of what we do. With multiple business lines in locations across North America we offer a range of exciting career opportunities for smart talented people who are passionate about making a difference.
We know you have a choice in your career. We want you to choose us.

Weyerhaeuser is an equal opportunity employer. Inclusion is one of our five core valuesand we strive to maintain a culture where all our people feel a sense of belonging opportunity and shared purpose. We are committed to recruiting a diverse workforce and supporting an equitable and inclusive environment that inspires people of all backgrounds to join stay and thrive with our team.