Manager Internal Controls

Philip Morris International U.S.•Tampa, FL

1d•Hybrid

About The Position

U.S. Internal Controls is an advisory team within the Finance organization, that partners with multiple functions to design, implement, and sustain an effective internal controls framework for in-scope business processes, aligned with PMI policies, standards, and the Risk & Controls methodology. The team works closely with U.S. stakeholders, global functions, and internal/external audit to support business process risk and control advisory activities, and to ensure the GRC application (OneGRC) is maintained with accurate, high-quality controls data. Based in our new Business Solutions Center (BSC), in this role you will partner with business process stakeholders to strengthen risk and control management as key processes are centralized and standardized. You will lead risk and control advisory work, including but not limited to - control design and remediation, promoting risk-aware decision-making, and ensuring control governance artifacts are maintained with high quality. This position specifically supports the BSC scope, including but not limited to process areas such as: Record-to-Report (R2R), Procure-to-Pay (P2P), Order-to-Cash (O2C), Treasury (TRE), Hire-to-Retire (H2R) etc. Additionally, this position will be involved in cross-functional process enablement elements that support scalability, standardization, and efficiency.

Requirements

At least 8+ years of experience in one or more of the following: Risk Management, Internal Controls, Controls & Compliance, Audit (Internal/External), Controllership, Finance, Accounting, Process Optimization etc.
Bachelor’s Degree in Accounting, Finance, Economics, or Business Administration
Strong project management skills, with the ability to organize, prioritize, multi-task, and maintain flexibility in a fast-paced, changing environment.
Self-Starter: Curious mindset and positive attitude.
Proven ability to build relationships, collaborate, and communicate effectively.
Excellent analytical and problem-solving skills.
Effective communication and presentation skills (fluent written and verbal English language skills).
Proficient in Microsoft 365 (Office) applications, including Excel, Word, PowerPoint, and Outlook.
Legally Authorized to work in the U.S.

Nice To Haves

Professional Certification / Education - examples: Graduate Certificate Program, Certified Public Accountant (CPA), Executive Master Internal/Operational Auditor (EMIA), Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA), Certification Risk Management Assurance (CRMA), Governance Risk Compliance Professional (GRCP) etc.
Familiarity working in multi-ERP environments (e.g. Microsoft Dynamics / SAP) and understanding how system landscapes impact controls design and operating effectiveness.
Experience using / maintaining governance and controls content (e.g. in a GRC system).
Experience in Fast Moving Consumer Goods (FMGC), Global / Matrixed Organizations etc.

Responsibilities

Enable risk-based decision making across the Three Lines Model by partnering with key stakeholders to identify, assess, and mitigate business process risks.
Lead Internal Controls advisories / business support for in-scope processes (e.g., R2R, P2P, O2C, TRE, H2R), focusing on control design, remediation, and continuous improvement aligned with PMI Risk & Controls methodology and ICFR/SOX expectations where applicable.
Identify, document, and communicate control gaps, issues, and recommendations, including issue evaluation and prioritization; support stakeholders in defining pragmatic remediation actions and strengthening control activities.
Coordinate control localization and governance for processes impacted by BSC transition / standardization; ensure risks, controls, and related artifacts are appropriately documented, maintained, and kept audit-ready, including high-quality updates in OneGRC.
Drive timely execution of the U.S. Internal Controls plan by monitoring changes in the risk landscape, aligning plan updates with the U.S. IC team, communicating impacts to stakeholders, and performing quality reviews of IC deliverables.
Prepare and deliver clear stakeholder reporting for governance routines (e.g., advisories, pre-close, leadership updates), including emerging risks, quarterly IC activity progress, issues/deficiencies, and key developments (e.g., fraud/theft or exception themes).
Promote a strong risk & controls culture through regular engagement with stakeholders—providing clear, factual, easy-to-understand insights that drive ownership and avoid confusion or conflict.
Lead ongoing Process Risk Assessment (PRA) by ensuring a consistent process to identify, assess, monitor, and recommend risk responses; contribute insights to continuous risk assessment and ensure a risk-based approach to defining responses.
Support SOX/ICFR deficiency remediation and assurance coordination by partnering with business owners and internal/external auditors as needed; to strengthen control maturity and close open items linked to process transitions and control improvements.
Contribute to cross-functional enablement and team effectiveness by partnering with key stakeholders, supporting intersecting topics (process documentation, governance routines, technology enablement), and promoting engagement/wellbeing through coaching and performance/capability feedback where applicable.