"Alerted.org

At Weyerhaeuser, we are the world’s premier timber, land, and forest products company. Sustainability is the founding concept of our business, and our values drive every decision to ensure we continue to lead the forestry industry in sustainability practices. And we know about sustainability – we led it in the forestry industry when we planted our first seedling by hand in 1938. We recognize that our success is dependent on the success of our people. For 125 years, our Weyerhaeuser team has been making a difference in the world – from the seedlings we plant, to the forests and trees we nurture, we ensure every acre is managed with diligence, patience, and pride. That’s the Weyerhaeuser way.

Our IT team is on a mission to transform the timber industry. We are not just in the cloud; we are implementing technology that will keep us at the forefront of innovation in the forest products industry. Join our team and be a key partner to help us shape our digital future. This role will help expand our strategic technical direction and implement solutions that enable business strategies. If you want to be part of a world-class technology team changing the world we live in – come grow with us!

We are seeking a highly skilled and experienced Sr Manager – IT Governance and Controls to join our IT PMO & Business Office organization. In this role, you will lead a team focused on managing IT general controls (ITGC), supporting internal and external audits (including SOX), and driving consistent risk management practices across IT services, projects, and operations. If you are a strategic, proactive leader with a passion for governance, risk, and controls, we invite you to apply for this exciting opportunity.

*Job Responsibilities*

* Lead the development, maintenance, and monitoring of IT general controls (ITGC) across applications and services in alignment with Weyerhaeuser’s Security Framework.

* Plan and administer compliance with Sarbanes Oxley control requirements.

* Define and communicate role expectations across the continuum of SOX compliance.

* Oversee IT audit preparation and response activities, including walkthroughs, evidence collection, and remediation for SOX and business process audits.

* Lead the development, maintenance, and monitoring of IT controls for Systems Development projects (SDLC) in alignment with Weyerhaeuser’s Security Framework and IT PMO standards.

* Collaborate with internal stakeholders (e.g., IT, internal audit, security, procurement, PMO) to ensure control requirements are implemented and maintained throughout project and service lifecycles.

* Perform or oversee IT risk assessments, control gap assessments.

* Manage the centralized risk and control repository (AuditBoard), including certification processes and evidence tracking.

* Provide governance consultation and readiness assessments for IT initiatives, ensuring risk mitigation and control compliance from design through operational readiness.

* Key liaison between IT, internal and external audit, and business teams to ensure transparency, accountability, and control effectiveness throughout project and service lifecycles.

* Service as primary point of contact representing IT with external audit, in partnership with internal audit.

* Drive training, education, and awareness across IT on governance processes, control requirements, and audit preparation best practices.

* Provide leadership and guidance to your team of IT Governance Analysts. Ensure effective communication, collaboration, and professional development. Foster collaboration and support professional development opportunities.

* Defines and maintains key performance indicators and compliance metrics to effectively communicate compliance to senior leadership.

* Seeks to automate processes & controls to reduce manual tasks and improve quality of audit evidence.

* Strategy development, resource management, and talent development, focusing on innovation, value delivery, and operational excellence to drive growth, efficiency, and resilience in partnership with business units.

* Bachelor’s degree and/or equivalent work experience noted below.

* 10 years of progressive, relevant required. Background in IT Audit, IT Security, or IT Risk Management required.

* Strong leadership and team management skills, with the ability to influence and motivate cross-functional teams required.

* Excellent communication and stakeholder management skills, with the ability to effectively communicate technical concepts to both technical and non-technical audiences at all levels required.

* Expert level and proven experience with IT risk management, control frameworks (e.g., COBIT, ISO), and general control practices (SOX) required.

* Prior experience working with internal and external IT audit and remediating control deficiencies required.

*Additional Qualifications***

* SAP experience including GRC preferred.

* CISA or CRISC certifications preferred.

* Familiarity with tools such as AuditBoard, ServiceNow, or similar GRC platforms.

* Ability to interpret and apply regulatory, audit, and security requirements in a business-friendly, risk-aware manner.

* Enthusiastic team player, proven ability to build partnerships with stakeholders across IT, audit, and business units.

*What We Offer:* **

*Compensation*: This role is eligible for our annual merit-increase program, and we are targeting a salary range of$142,650-$213,975based on your level of skills, qualifications and experience. You will also be eligible for our Annual Incentive Program, which offers a cash bonus targeting 25% of base pay. Potential plan funding may range from zero to two times that target.

*Benefits*: When you join our team, you and your dependents will be offered coverage under our comprehensive employee benefits plan, which includes medical, dental, vision, short and long-term disability, and life insurance. We offer a pre-tax Health Savings Account option which includes a company contribution. Other benefit options are also available such as voluntary Long-Term Care and Employee Assistance Programs. We also support personal volunteerism, sponsor a host of diversity networks, promote mentoring, and provide training and development opportunities to help you chart your path to a fulfilling career.

*Retirement*: Employees are able to enroll in our company’s 401k plan, which includes a paid company match in addition to our annual contribution equal to 5% of your base salary.

*Paid Time Off or Vacation*: We provide eligible employees who are scheduled to work 25 hours or more per week with 3-weeks of paid vacation to use during your first year of employment. In addition, after being employed for six months, eligible employees begin to accrue vacation for future use. We also recognize eleven paid holidays per year, providing a total of 88 holiday hours and paid parental leave for all full-time employees.

*About Weyerhaeuser*

We sustainably manage forests and manufacture products that make the world a better place. We’re serious about safety, driven to achieve excellence, and proud of what we do. With multiple business lines in locations across North America, we offer a range of exciting career opportunities for smart, talented people who are passionate about making a difference.

*We know you have a choice in your career. We want you to choose us.*

/Weyerhaeuser is an equal opportunity employer. Inclusion is one of our five core values and we strive to maintain a culture where all our people feel a sense of belonging, opportunity and shared purpose. We are committed to recruiting a diverse workforce and supporting an equitable and inclusive environment that inspires people of all backgrounds to join, stay and thrive with our team./

**Job:** **Information Technology*

**Title:** *Sr Manager - IT Governance and Controls*

**Location:** *WA-Seattle*

**Requisition ID:** *01022771*