Director - Risk Management

About Us

Since 1989, SHI International Corp. has helped organizations change the world through technology. We’ve grown every year since, and today we’re proud to be a $16 billion global provider of IT solutions and services.

Over 17,000 Organizations Worldwide Rely On SHI’s Concierge Approach To Help Them Solve What’s Next. But The Heartbeat Of SHI Is Our Employees – All 7,000 Of Them. If You Join Our Team, You’ll Enjoy

• Our commitment to diversity, as the largest minority- and woman-owned enterprise in the U.S.
• Continuous professional growth and leadership opportunities.
• Health, wellness, and financial benefits to offer peace of mind to you and your family.
• World-class facilities and the technology you need to thrive – in our offices or yours.
  
  

Job Summary

This role represents a unique opportunity to enhance and mature SHI’s enterprise risk and compliance framework within a fast-growing, global technology solutions business. As part of SHI’s Global Compliance program, the Director of Risk Management will help establish the structure, disciplines, and operating rhythm needed to embed integrity, accountability, and transparency across the business.

Reporting into Business Assurance (GRC) this leader will shape and execute the enterprise risk and compliance agenda, translating risk into clear, decision-ready insights and helping the organization move from fragmented practices to a cohesive, scalable, and practical function. You will work closely with the Leader of Business Assurance (GRC) and partner cross-functionally with Legal, InfoSec, IT, Finance, Sales Operations, HR, Privacy, Vendor Management, and Internal Audit to build fit-for-purpose governance, escalation, and reporting mechanisms.

This role is ideal for a Senior risk professional who is already operating at this level and is motivated by the opportunity to apply their experience, judgment, and leadership to build a world-class risk and compliance capability and leave a lasting mark.

Success will be measured by the establishment of clear risk ownership, consistently effective controls, disciplined issue management, and credible reporting that enables confident leadership decisions and protects SHI’s growth, reputation, and customer trust.

Role Description

Enterprise Risk Management, Risk and Control Self-Assessment 

• Lead the development and maturing of the ERM approach, including risk assessments, risk taxonomy, and articulating the risk appetite and tolerances. 
• Establish and embed a scalable Risk & Control Self-Assessment program to ensure risks are consistently identified, assessed, and mitigated. 
• Define and implement Key Risk Indicators for priority risks (e.g., third-party risk, anticorruption, privacy, information security, trade compliance, fraud, order-to-cash). 
• Introduce monitoring and testing practices to surface emerging risks and support timely escalation. 
  
  

Governance & Escalation 

• Stand up and facilitate the Risk and Compliance Functional Steering Committee, creating a consistent forum for cross-functional alignment and decision-making. 
• Act as a central coordination point for material risk and compliance issues, supporting structured escalation, options analysis, and remediation tracking. 
• Establish clear reporting and escalation pathways to leadership,
  
  

Compliance Framework & Culture 

• Build and maintain a practical governance framework, including policies, standards, and procedures aligned to SHI’s operating model. 
• Partner with Legal and HR to strengthen Code of Conduct and ethics coverage. 
• Develop targeted, role-based training and communications. 
• Embed compliance considerations into all operational workflows. 
  
  

Third-Party & Operational Risk 

• Design and mature third-party risk segmentation, due diligence, and lifecycle oversight. 
• Coordinate with InfoSec and Privacy on security and data protection requirements. 
• Partner with Operations and Finance to enhance controls around export compliance, channel integrity, and fraud risk. 
  
  

Testing, Reporting & Enablement 

• Establish independent testing and assurance activities to validate control effectiveness and remediation. 
• Deliver clear, concise executive reporting focused on insights, trends, and priorities. 
• Help select, implement, and optimize risk and compliance tools, dashboards, and analytics over time. 
  
  

Leadership 

• Build and develop a high-performing risk and compliance team as the function matures. 
• Promote a culture of accountability, practicality, and continuous improvement. 
  
  

Behaviors and Competencies

• Strategic Thinking: Analyze complex situations, anticipate future trends, and align and integrate strategies across departments or functions.
• Leadership: Take ownership of complex initiatives, collaborate with others in decision-making processes, and drive team performance.
• Business Acumen: Understand the business and right-size controls to support growth.
• Communication: Effectively communicate information to diverse audiences, facilitate and mentor others in effective communication.
• Collaboration: Foster a collaborative environment with peers across the organization.
• Problem-Solving: Proactively identify and take ownership of complex problem-solving initiatives, initiate preventative measures, collaborate with others to find solutions, and drive successful outcomes.
• Ethics: Uphold integrity and ethics across the organization.
• Attention to Detail: Drive multiple projects, maintaining a high level of detail, identifying errors or inconsistencies in work, and ensuring accuracy across all tasks.
• Risk Management: Evaluate the risk landscape and identify pragmatics solutions.
• Continuous Improvement: Identify major areas for improvement, implement major changes, and support others in their continuous improvement efforts.
  
  

Skill Level Requirements

• Lead the development and maturation of enterprise risk management and Risk & Control Self-Assessment programs.
• Establish governance forums, escalation pathways, and executive level reporting.
• Define and monitor Key Risk Indicators across priority risk areas (e.g., third-party, anticorruption, privacy, security, trade, fraud, order-to-cash).
• Build a practical compliance framework (policies, training, workflows) embedded into how the business operates.
• Strengthen third-party and operational risk practices in partnership with cross-functional teams.
• Introduce monitoring, testing, and assurance to validate control effectiveness.
  
  

Other Requirements

• A senior risk and compliance professional already performing this role and ready to leave a lasting mark. 
• 10 years’ experience in enterprise risk, compliance, or internal controls within Technology or IT resale is preferable. 
• Proven experience building or significantly maturing ERM, RCSA, and third-party risk programs. 
• Comfortable influencing across a matrix and engaging executive leadership. 
• Motivated by building, not maintaining—practical, commercial, and outcomes-focused. 
• Ability to travel – 10% 
  
  

The estimated annual pay range for this position is $200,000 - $230,000 which includes a base salary and bonus. The compensation for this position is dependent on job-related knowledge, skills, experience, and market location and, therefore, will vary from individual to individual. Benefits may include, but are not limited to, medical, vision, dental, 401K, and flexible spending.

Equal Employment Opportunity – M/F/Disability/Protected Veteran Status