Manager, Governance, Risk & Compliance

West Fraser places the highest importance on the confidentiality, availability and integrity of customer, company, and employee information. As a member of West Fraser's Cyber Security team, you will play a critical role to ensure that customer, company and employee information is security while enabling technology and business partners throughout West Fraser to innovate, drive sale and safely maintain the operation throughout our facilities.

As the Senior Manager of Governance, Risk, and Compliance (GRC) in our cybersecurity team, you'll play a key role in shaping and overseeing our GRC strategies. Your responsibilities include identifying and managing cybersecurity risks, ensuring compliance with relevant regulations, and developing risk mitigation plans. You'll lead the GRC team, conduct audits to assess the effectiveness of our GRC practices and stay updated with emerging cybersecurity threats and regulatory changes. Your role also involves liaising with external partners and regulators, and providing strategic advice to senior management on GRC matters. This role is instrumental in protecting our organization from the ever-evolving cyber threat landscape and is under the direct supervision of the Chief Information Security Officer (CISO).

Responsibilities

• Develop and implement comprehensive GRC strategies and programs in alignment with organizational goals and cybersecurity best practices.
• Lead the assessment and management of cybersecurity risks, implementing risk mitigation strategies, and ensuring compliance with relevant laws, regulations, and standards.
• Oversee developing and maintaining policies, procedures, and controls related to cybersecurity and information protection.
• Develop and implement a third-party risk assessment strategy and practice to manage risks related to vendors, 3^rd parties and partners.
• Coordinate with various departments to integrate GRC activities into the broader cybersecurity and organizational strategy.
• Conduct regular audits and reviews to assess the effectiveness of GRC initiatives and compliance with regulatory requirements.
• Liaise with external stakeholders, including regulatory bodies, auditors, and vendors, to ensure adherence to compliance standards and best practices.
• Stay abreast of emerging cybersecurity threats, trends, and regulatory changes, adapting GRC strategies accordingly.
• Provide expert guidance and leadership during cybersecurity incidents and crisis management situations.
• Prepare and present reports on GRC activities, findings, and recommendations to senior management and key stakeholders.

Position Requirements

• Bachelor's or Master's degree in Information Technology, Cybersecurity, Risk Management, or a related field or equivalent professional experience.
• Professional certifications such as CISM, CISA, CISSP, CRISC, or similar.
• Minimum of 7 years of experience in a GRC role within a cybersecurity context, with proven leadership experience.
• Strong understanding of cybersecurity principles, risk management practices, and compliance frameworks (e.g., ISO 27001, NIST, CIS, SOX).
• Excellent organizational, communication, and leadership skills.
• Ability to work cross-functionally and influence decision-making at all levels of the organization.
• Experience in managing and developing teams.
• Ability to work collaboratively in a team environment and lead cross-functional teams.

Work Conditions

• Occasional travel between Canada, the United States and Europe
• Posting locations: Vancouver BC or Quesnel BC

Our highly competitive compensation package includes:

• Competitive base salary with annual bonus opportunity
• Outstanding benefits package including medical, dental, pension, life insurance, disability, accident insurance, vacation, and holidays
• The salary range for this position is usually between $135,000 - $150,000 depending on skills and experience.

Current Employees: Apply using UltiPro's online application. Login to your UltiPro account (https://t11.ultipro.ca). In the Menu, select "My Company" and "View Opportunities" to view the position description and to submit your online application.

West Fraser Timber has over 60 locations across Canada, the United States and Europe. We believe strongly in promoting from within and pride ourselves on providing a challenging environment with continuous development. The successful candidate should be interested in future growth opportunities within the company. West Fraser offers an excellent compensation package including a competitive salary, excellent benefits, and an outstanding pension plan.

West Fraser believes inclusive, diverse teams build a more vibrant workforce, safer operations, and a stronger company overall. We strive to create workplaces and leadership teams that are reflective of the diverse communities we are a part of. We will not discriminate against any applicant for employment on the basis of race, gender, national origin, or any other protected legal characteristic.

If this position sounds like the start of a career for you, submit your cover letter and resume at www.westfraser.com/jobs click "apply now" in green at the top of the page.

We thank all candidates for their interest; however, only those selected for an interview will be contacted.