Director of Audit & Risk Management
Good360, Alexandria, VA, United States
Director of Audit & Risk Management
Hybrid Alexandria, VA Salary Range $120,000.00 - $140,000.00 Salary Position Type Full Time Position Summary
The Director of Audit & Risk Management will lead the design, implementation and ongoing oversight of Good360's internal audit function, enterprise risk management (ERM) program, and compliance monitoring. This senior-leadership position will partner closely with senior executives and the Board (and its Audit & Risk Committee) to proactively identify, assess and mitigate risks inherent in the organization's operational, financial, compliance, reputational, supply-chain and disaster - response activities. The role will also oversee internal control assessments, manage external audit and regulatory reviews, and drive a culture of risk awareness and good governance across the organization. Key Responsibilities Include, But Are Not Limited To The Following
Audit & Assurance Develop and maintain an internal audit plan aligned with Good360's strategic objectives, risk profile and operational footprint (including logistics, disaster-relief supply chains, product donations, nonprofit partner network). Lead and supervise audit engagements: financial audits, operational audits, compliance audits, information-technology and cybersecurity audits. Ensure timely reporting of audit findings, root-cause analysis, and follow - up on remediation plans. Coordinate with external auditors, regulatory auditors and other assurance providers; provide support for their work, assess their findings, and implement recommendations. Present audit reports, trends and risk-insights to senior leadership and the Audit & Risk Committee of the Board. Risk Management & Compliance Develop and maintain an enterprise risk management (ERM) framework: risk identification, risk assessment (likelihood/impact), risk monitoring, and risk-mitigation strategies. Partner with functional leads (finance, operations, logistics, IT, legal, compliance, disaster-response) to identify emerging risks (e.g., supply-chain disruptions, regulatory changes, disaster response liability, donation-compliance, reputational risks) and integrate risk mitigation into strategy and operations. Design and implement appropriate internal control frameworks (e.g., policies & procedures, segregation of duties, monitoring controls) to mitigate key risks in the organization. Monitor compliance with applicable laws, non-profit industry standards, donor restrictions, and internal policies (for example, guidelines for donated goods distribution, compliance best-practices). Develop or enhance risk-reporting dashboards, key risk indicators (KRIs) and risk appetite metrics for senior leadership and the Board. Program Leadership & Advising Serve as a trusted advisor to the CEO, CFO, senior management and the Board on governance, audit and risk-related matters. Lead or participate in enterprise initiatives (e.g., major system implementations, disaster-response logistics expansions, new program roll-outs) to ensure risks are evaluated and controls embedded proactively. Foster a strong compliance and risk-awareness culture across Good360 through training, communications and cross-functional engagement. Manage the internal audit & risk team: hire, develop, set goals, monitor performance and build capability. Ensure the organization is audit-readymaintain documentation, processes, and tools to support efficient external and internal reviews. Metrics & Continuous Improvement Develop metrics to measure the effectiveness of the audit and risk-management functions (e.g., closed audit findings rate, risk-mitigation effectiveness, control exceptions, trend-analysis). Conduct periodic reviews of the audit/risk function to benchmark against best practices in the nonprofit sector and identify improvement opportunities. Stay current on nonprofit governance, regulatory developments, risk-management best practices and assurance methodologies. Qualifications
Bachelor's degree in Accounting, Finance, Business Administration, Risk Management or a related field. (Master's degree or professional certification preferred.) Relevant certification such as CPA, CIA (Certified Internal Auditor), CRMA (Certification in Risk Management Assurance), or equivalent. Minimum of 812 years of progressively responsible experience in internal audit, risk-management, compliance or assurance rolespreferably within a complex global or multi-state nonprofit organization (or large corporate/multinational environment with nonprofit experience). Proven experience designing and implementing enterprise risk management frameworks and internal audit programs. Strong understanding of nonprofit accounting, regulatory environment (including 501(c)(3) issues, donor - compliance, grant or in-kind donation dynamics). Experience with supply-chain/logistics risk, disaster-recovery operations or product-philanthropy/charitable-goods distribution is a plus. Excellent analytical, conceptual thinking and problem-solving skills. Strong communicator: ability to articulate risk-and-control issues to executive leadership and Board in clear terms, with actionable recommendations. Demonstrated ability to lead and develop teams, build relationships across functions, and influence change. High integrity and commitment to ethical frameworks, transparency, and good governance. Competencies & Attributes
Strategic-mindset: able to see the "big picture" of Good360's mission, operations and risk profile and translate that into audit/risk frameworks and initiatives. Operational acumen: comfortable working in a dynamic, mission-driven environment, where logistics, disaster - response and nonprofit partner networks create unique risk exposures. Change-agent: able to lead improvements, embed controls, influence culture and drive continuous enhancement of audit/risk capacity. Collaborative: works well across functions, builds trust with operational teams, business units, senior leadership and the Board. Resilient and adaptable: able to navigate ambiguity, shifting priorities and high-stakes operational environments (e.g., disaster relief mobilization). Ethical, reliable, and mission-aligned: committed to the organization's purpose of reducing waste and advancing social impact through donated goods. Key Performance Indicators (KPIs)
Percentage of audit engagements completed versus plan. Time to close audit findings and remediate control deficiencies. Number and severity of control exceptions identified (and trends over time). Risk-mitigation projects completed on schedule and within budget. Risk-profile maturity improvements (e.g., reduction of high-impact/likelihood risks over time). Stakeholder satisfaction (senior leadership and Board) with the audit & risk function. Training/compliance completion rates across organization. Benefits
Our team is Good360's greatest asset. We recognize that our team members contribute valuable skills, knowledge, experience, and passion that is critical to the pursuit of our mission and our progress toward closing the need gap. That is why we offer our team members numerous perks and benefits, including: Heath, dental, and vision coverage programs (including competitive deductible and reimbursement policy) Short-term and long-term disability and life insurance coverage options 403B plan with matching Generous and flexible paid time off policy Volunteer time off policy Hybrid work environment Salary Range $120,000 $140,000 annually Note: Compensation is based on a candidate's experience, skills, education, and geographic location. This range is based on Washington, D.C.MarylandVirginia (DMV) market data; offers to candidates outside this area will reflect local market data. Work Location Hybrid, based in our Old Town Alexandria, VA office (minimum of two days per week with Tuesday as an anchor day) Note: While hybrid is strongly preferred, we are open to considering fully remote candidates residing in CO, DE, DC, FL, GA, IL, IN, KY, MD, MN, NE, NV, NC, OH, OR, PA, TN, TX, VA, WA, WV
Hybrid Alexandria, VA Salary Range $120,000.00 - $140,000.00 Salary Position Type Full Time Position Summary
The Director of Audit & Risk Management will lead the design, implementation and ongoing oversight of Good360's internal audit function, enterprise risk management (ERM) program, and compliance monitoring. This senior-leadership position will partner closely with senior executives and the Board (and its Audit & Risk Committee) to proactively identify, assess and mitigate risks inherent in the organization's operational, financial, compliance, reputational, supply-chain and disaster - response activities. The role will also oversee internal control assessments, manage external audit and regulatory reviews, and drive a culture of risk awareness and good governance across the organization. Key Responsibilities Include, But Are Not Limited To The Following
Audit & Assurance Develop and maintain an internal audit plan aligned with Good360's strategic objectives, risk profile and operational footprint (including logistics, disaster-relief supply chains, product donations, nonprofit partner network). Lead and supervise audit engagements: financial audits, operational audits, compliance audits, information-technology and cybersecurity audits. Ensure timely reporting of audit findings, root-cause analysis, and follow - up on remediation plans. Coordinate with external auditors, regulatory auditors and other assurance providers; provide support for their work, assess their findings, and implement recommendations. Present audit reports, trends and risk-insights to senior leadership and the Audit & Risk Committee of the Board. Risk Management & Compliance Develop and maintain an enterprise risk management (ERM) framework: risk identification, risk assessment (likelihood/impact), risk monitoring, and risk-mitigation strategies. Partner with functional leads (finance, operations, logistics, IT, legal, compliance, disaster-response) to identify emerging risks (e.g., supply-chain disruptions, regulatory changes, disaster response liability, donation-compliance, reputational risks) and integrate risk mitigation into strategy and operations. Design and implement appropriate internal control frameworks (e.g., policies & procedures, segregation of duties, monitoring controls) to mitigate key risks in the organization. Monitor compliance with applicable laws, non-profit industry standards, donor restrictions, and internal policies (for example, guidelines for donated goods distribution, compliance best-practices). Develop or enhance risk-reporting dashboards, key risk indicators (KRIs) and risk appetite metrics for senior leadership and the Board. Program Leadership & Advising Serve as a trusted advisor to the CEO, CFO, senior management and the Board on governance, audit and risk-related matters. Lead or participate in enterprise initiatives (e.g., major system implementations, disaster-response logistics expansions, new program roll-outs) to ensure risks are evaluated and controls embedded proactively. Foster a strong compliance and risk-awareness culture across Good360 through training, communications and cross-functional engagement. Manage the internal audit & risk team: hire, develop, set goals, monitor performance and build capability. Ensure the organization is audit-readymaintain documentation, processes, and tools to support efficient external and internal reviews. Metrics & Continuous Improvement Develop metrics to measure the effectiveness of the audit and risk-management functions (e.g., closed audit findings rate, risk-mitigation effectiveness, control exceptions, trend-analysis). Conduct periodic reviews of the audit/risk function to benchmark against best practices in the nonprofit sector and identify improvement opportunities. Stay current on nonprofit governance, regulatory developments, risk-management best practices and assurance methodologies. Qualifications
Bachelor's degree in Accounting, Finance, Business Administration, Risk Management or a related field. (Master's degree or professional certification preferred.) Relevant certification such as CPA, CIA (Certified Internal Auditor), CRMA (Certification in Risk Management Assurance), or equivalent. Minimum of 812 years of progressively responsible experience in internal audit, risk-management, compliance or assurance rolespreferably within a complex global or multi-state nonprofit organization (or large corporate/multinational environment with nonprofit experience). Proven experience designing and implementing enterprise risk management frameworks and internal audit programs. Strong understanding of nonprofit accounting, regulatory environment (including 501(c)(3) issues, donor - compliance, grant or in-kind donation dynamics). Experience with supply-chain/logistics risk, disaster-recovery operations or product-philanthropy/charitable-goods distribution is a plus. Excellent analytical, conceptual thinking and problem-solving skills. Strong communicator: ability to articulate risk-and-control issues to executive leadership and Board in clear terms, with actionable recommendations. Demonstrated ability to lead and develop teams, build relationships across functions, and influence change. High integrity and commitment to ethical frameworks, transparency, and good governance. Competencies & Attributes
Strategic-mindset: able to see the "big picture" of Good360's mission, operations and risk profile and translate that into audit/risk frameworks and initiatives. Operational acumen: comfortable working in a dynamic, mission-driven environment, where logistics, disaster - response and nonprofit partner networks create unique risk exposures. Change-agent: able to lead improvements, embed controls, influence culture and drive continuous enhancement of audit/risk capacity. Collaborative: works well across functions, builds trust with operational teams, business units, senior leadership and the Board. Resilient and adaptable: able to navigate ambiguity, shifting priorities and high-stakes operational environments (e.g., disaster relief mobilization). Ethical, reliable, and mission-aligned: committed to the organization's purpose of reducing waste and advancing social impact through donated goods. Key Performance Indicators (KPIs)
Percentage of audit engagements completed versus plan. Time to close audit findings and remediate control deficiencies. Number and severity of control exceptions identified (and trends over time). Risk-mitigation projects completed on schedule and within budget. Risk-profile maturity improvements (e.g., reduction of high-impact/likelihood risks over time). Stakeholder satisfaction (senior leadership and Board) with the audit & risk function. Training/compliance completion rates across organization. Benefits
Our team is Good360's greatest asset. We recognize that our team members contribute valuable skills, knowledge, experience, and passion that is critical to the pursuit of our mission and our progress toward closing the need gap. That is why we offer our team members numerous perks and benefits, including: Heath, dental, and vision coverage programs (including competitive deductible and reimbursement policy) Short-term and long-term disability and life insurance coverage options 403B plan with matching Generous and flexible paid time off policy Volunteer time off policy Hybrid work environment Salary Range $120,000 $140,000 annually Note: Compensation is based on a candidate's experience, skills, education, and geographic location. This range is based on Washington, D.C.MarylandVirginia (DMV) market data; offers to candidates outside this area will reflect local market data. Work Location Hybrid, based in our Old Town Alexandria, VA office (minimum of two days per week with Tuesday as an anchor day) Note: While hybrid is strongly preferred, we are open to considering fully remote candidates residing in CO, DE, DC, FL, GA, IL, IN, KY, MD, MN, NE, NV, NC, OH, OR, PA, TN, TX, VA, WA, WV