Director of Audit & Risk Management
Good360, Alexandria, VA, United States
Director of Audit & Risk Management
Director of Audit & Risk Management Reports To: General Counsel & Chief Compliance Officer Location: Hybrid Alexandria, VA FLSA Status: Exempt Position Type: Full-Time Good360 is Closing the Need Gap to Open Opportunity for All Join a fast-growing organization with a strong culture and powerful mission! As the global leader in product philanthropy and purposeful giving, Good360 partners with more than 400 socially responsible companies to source highly needed donated goods and distribute them through our network of more than 100,000 diverse nonprofits that support people in need. Good360 is the link between organizations with so much to give and communities in critical need, closing that gap and opening new opportunities for all. Since 1983, Good360 has distributed more than $18 billion in needed goods, including more than $3 billion in goods in 2025 alone. Good360 has been named the #2 charity on the Forbes list of America's Top 100 Charities for 2023 and 2024 and has a 4-star Charity Navigator rating. The organization has also been recognized as both a top workplace in the Washington, DC metro area (by the Washington Post) and as a top nonprofit to work for in the United States (by NonProfit Times). Position Summary The Director of Audit & Risk Management will lead the design, implementation and ongoing oversight of Good360's internal audit function, enterprise risk management (ERM) program, and compliance monitoring. This senior-leadership position will partner closely with senior executives and the Board (and its Audit & Risk Committee) to proactively identify, assess and mitigate risks inherent in the organization's operational, financial, compliance, reputational, supply-chain and disaster response activities. The role will also oversee internal control assessments, manage external audit and regulatory reviews, and drive a culture of risk awareness and good governance across the organization. Key Responsibilities include, but are not limited to the following: Audit & Assurance Develop and maintain an internal audit plan aligned with Good360's strategic objectives, risk profile and operational footprint (including logistics, disaster-relief supply chains, product donations, nonprofit partner network). Lead and supervise audit engagements: financial audits, operational audits, compliance audits, information-technology and cybersecurity audits. Ensure timely reporting of audit findings, root-cause analysis, and follow up on remediation plans. Coordinate with external auditors, regulatory auditors and other assurance providers; provide support for their work, assess their findings, and implement recommendations. Present audit reports, trends and risk-insights to senior leadership and the Audit & Risk Committee of the Board. Risk Management & Compliance Develop and maintain an enterprise risk management (ERM) framework: risk identification, risk assessment (likelihood/impact), risk monitoring, and risk-mitigation strategies. Partner with functional leads (finance, operations, logistics, IT, legal, compliance, disaster-response) to identify emerging risks (e.g., supply-chain disruptions, regulatory changes, disaster response liability, donation-compliance, reputational risks) and integrate risk mitigation into strategy and operations. Design and implement appropriate internal control frameworks (e.g., policies & procedures, segregation of duties, monitoring controls) to mitigate key risks in the organization. Monitor compliance with applicable laws, non-profit industry standards, donor restrictions, and internal policies (for example, guidelines for donated goods distribution, compliance best-practices). Develop or enhance risk-reporting dashboards, key risk indicators (KRIs) and risk appetite metrics for senior leadership and the Board. Program Leadership & Advising Serve as a trusted advisor to the CEO, CFO, senior management and the Board on governance, audit and risk-related matters. Lead or participate in enterprise initiatives (e.g., major system implementations, disaster-response logistics expansions, new program roll-outs) to ensure risks are evaluated and controls embedded proactively. Foster a strong compliance and risk-awareness culture across Good360 through training, communications and cross-functional engagement. Manage the internal audit & risk team: hire, develop, set goals, monitor performance and build capability. Ensure the organization is audit-readymaintain documentation, processes, and tools to support efficient external and internal reviews. Metrics & Continuous Improvement Develop metrics to measure the effectiveness of the audit and risk-management functions (e.g., closed audit findings rate, risk-mitigation effectiveness, control exceptions, trend-analysis). Conduct periodic reviews of the audit/risk function to benchmark against best practices in the nonprofit sector and identify improvement opportunities. Stay current on nonprofit governance, regulatory developments, risk-management best practices and assurance methodologies.
Director of Audit & Risk Management Reports To: General Counsel & Chief Compliance Officer Location: Hybrid Alexandria, VA FLSA Status: Exempt Position Type: Full-Time Good360 is Closing the Need Gap to Open Opportunity for All Join a fast-growing organization with a strong culture and powerful mission! As the global leader in product philanthropy and purposeful giving, Good360 partners with more than 400 socially responsible companies to source highly needed donated goods and distribute them through our network of more than 100,000 diverse nonprofits that support people in need. Good360 is the link between organizations with so much to give and communities in critical need, closing that gap and opening new opportunities for all. Since 1983, Good360 has distributed more than $18 billion in needed goods, including more than $3 billion in goods in 2025 alone. Good360 has been named the #2 charity on the Forbes list of America's Top 100 Charities for 2023 and 2024 and has a 4-star Charity Navigator rating. The organization has also been recognized as both a top workplace in the Washington, DC metro area (by the Washington Post) and as a top nonprofit to work for in the United States (by NonProfit Times). Position Summary The Director of Audit & Risk Management will lead the design, implementation and ongoing oversight of Good360's internal audit function, enterprise risk management (ERM) program, and compliance monitoring. This senior-leadership position will partner closely with senior executives and the Board (and its Audit & Risk Committee) to proactively identify, assess and mitigate risks inherent in the organization's operational, financial, compliance, reputational, supply-chain and disaster response activities. The role will also oversee internal control assessments, manage external audit and regulatory reviews, and drive a culture of risk awareness and good governance across the organization. Key Responsibilities include, but are not limited to the following: Audit & Assurance Develop and maintain an internal audit plan aligned with Good360's strategic objectives, risk profile and operational footprint (including logistics, disaster-relief supply chains, product donations, nonprofit partner network). Lead and supervise audit engagements: financial audits, operational audits, compliance audits, information-technology and cybersecurity audits. Ensure timely reporting of audit findings, root-cause analysis, and follow up on remediation plans. Coordinate with external auditors, regulatory auditors and other assurance providers; provide support for their work, assess their findings, and implement recommendations. Present audit reports, trends and risk-insights to senior leadership and the Audit & Risk Committee of the Board. Risk Management & Compliance Develop and maintain an enterprise risk management (ERM) framework: risk identification, risk assessment (likelihood/impact), risk monitoring, and risk-mitigation strategies. Partner with functional leads (finance, operations, logistics, IT, legal, compliance, disaster-response) to identify emerging risks (e.g., supply-chain disruptions, regulatory changes, disaster response liability, donation-compliance, reputational risks) and integrate risk mitigation into strategy and operations. Design and implement appropriate internal control frameworks (e.g., policies & procedures, segregation of duties, monitoring controls) to mitigate key risks in the organization. Monitor compliance with applicable laws, non-profit industry standards, donor restrictions, and internal policies (for example, guidelines for donated goods distribution, compliance best-practices). Develop or enhance risk-reporting dashboards, key risk indicators (KRIs) and risk appetite metrics for senior leadership and the Board. Program Leadership & Advising Serve as a trusted advisor to the CEO, CFO, senior management and the Board on governance, audit and risk-related matters. Lead or participate in enterprise initiatives (e.g., major system implementations, disaster-response logistics expansions, new program roll-outs) to ensure risks are evaluated and controls embedded proactively. Foster a strong compliance and risk-awareness culture across Good360 through training, communications and cross-functional engagement. Manage the internal audit & risk team: hire, develop, set goals, monitor performance and build capability. Ensure the organization is audit-readymaintain documentation, processes, and tools to support efficient external and internal reviews. Metrics & Continuous Improvement Develop metrics to measure the effectiveness of the audit and risk-management functions (e.g., closed audit findings rate, risk-mitigation effectiveness, control exceptions, trend-analysis). Conduct periodic reviews of the audit/risk function to benchmark against best practices in the nonprofit sector and identify improvement opportunities. Stay current on nonprofit governance, regulatory developments, risk-management best practices and assurance methodologies.