Senior Director, Internal Audit
About The Team
DoorDash’s Internal Audit team provides independent assurance that the company’s risk management, governance, and internal control processes are operating effectively. We are a small team that is looking to expand and bring on motivated professionals. We don’t think of ourselves as a typical audit function - we are obsessively focused on risks to the organizations which reflects in the type of projects we support and execute.
DoorDash is rapidly growing - we are expanding in multiple geos and launching new products. This exciting growth allows us to drive creative analysis, strategy, and solutions. Our focus areas include financial, operational, regulatory, security, IT, and more.
About The Role
We are seeking a Senior Director, IT Internal Audit to lead the strategy, execution and evolution of DoorDash’s global IT audit function. In this highly visible role, you will help shape the technology risk management practices across DoorDash - you will oversee a broad portfolio of audits, including IT SOX, cybersecurity, data governance, AI governance, and operational technology. You will report directly to the Chief Audit Executive and serve as a strategic advisor to DoorDash’s technology, security, and engineering leaders.
- Broadly responsible for shaping the technology risk management practices across DoorDash
- Oversee a broad portfolio of audits, including IT SOX, cybersecurity, data governance, AI governance, and operational technology
- Partner with executive leadership to identify, assess, and monitor key technology risks, including those tied to digital transformation and AI adoption
- Collaborate closely with business and engineering leaders to understand their strategic objectives and provide guidance on navigating IT compliance in a practical, business-first focused manner
- Shape the annual IT audit plan to strike the right balance between compliance, operational resilience, and innovation
- Drive the use of data analytics and automation to expand audit coverage and deliver more impactful insights
- Drive Global IT SOX Excellence
- Oversee DoorDash’s global IT SOX compliance program, maintaining a strong and scalable control environment across our complex and evolving technology landscapes
- As a trusted partner to external auditors and the Audit Committee, ensure transparency, alignment, and continuous improvement in IT governance
- Foster a proactive control mindset by embedding governance principles into how technology is designed, built, and operated - ensuring systems are secure and compliant by design
- Promote consistent standards of risk awareness and system reliability across all financial and technology environments
- Shape AI and Machine Learning Governance
- Establish and lead the development of DoorDash’s AI and ML audit strategy, focusing on accountability, fairness, data ethics, and regulatory compliance
- Partner with AI Governance and technology leaders to define principles for model risk management and AI lifecycle assurance
- Serve as a thought leader on emerging technology and AI risk, representing Internal Audit with senior stakeholders
- Drive the integration of AI risk considerations into the broader enterprise risk framework
- Strengthen Enterprise Data Governance & Trust
- Provide strategic oversight of audits focused on data governance, privacy, and information integrity
- Partner with data, security, and privacy leaders to build an enterprise-wide data control framework that supports business growth while meeting compliance requirements
- Champion a culture of data accountability and transparency, ensuring that data-driven decisions are built on reliable, well-controlled infrastructure
- Promote the adoption of scalable tools and metrics to monitor data risk and enable proactive remediation
- Elevate IT Operational and Transformation Audits
- Oversee global IT operational audit programs focused on systems resilience, change management, and technology modernization
- Anticipate and assess risks tied to major platform migrations, automation initiatives, and global expansion projects
- Partner with technology and business leaders to embed risk management principles into digital transformation and product lifecycle initiatives
- Lead Cybersecurity Assurance Oversight
- Shape and lead DoorDash’s global cybersecurity audit and assurance program
- Provide meaningful insights on cybersecurity threat posture, vulnerability management, and incident readiness to leadership and the Audit Committee
- Partner with Global Security Governance and Privacy teams to ensure alignment with frameworks such as NIST, ISO 27001, and SOC 2, and emerging regulatory standards
- Establish a proactive, analytics-based approach to monitor cybersecurity risks and strengthen organizational resilience
- Lead, mentor, and develop a global team of IT and cybersecurity auditors, empowering them to grow and deliver impactful work
- Manage co-sourced partners to ensure high-quality deliverables and alignment with DoorDash’s culture and goals
- Foster a collaborative, inclusive, and high-performing environment where innovation, curiosity and critical thinking thrive
- Drive the preparation and presentation of IT audit findings, insights, and recommendations to the Audit Committee and executive leadership
- Collaborate with external auditors to coordinate audit activities, drive efficiency, and avoid overlap or duplication of efforts
- Contribute to enterprise risk management and other strategic initiatives that strengthen DoorDash’s overall control environment and governance maturity
Qualifications
- 15+ years of progressive experience in internal audit, IT audit, or risk management within a complex, global, fast-paced, technology-driven environment
- Deep technical expertise in IT controls, ITGC, data governance, cybersecurity, cloud architecture, systems implementation, and emerging tech risks (AI/ML, privacy, automation)
- Hands-on leader with the ability to roll up your sleeves to operationalize IT compliance initiatives, drive execution, and ensure practical implementation of governance and control frameworks
- Proven ability to oversee the governance of complex, cross-functional system implementations, ensuring alignment with enterprise control frameworks, risk management objectives, and business outcomes
- Skilled in leveraging automation and next-generation technologies (e.g. GenAI) to enhance audit efficiency, expand coverage, and deliver deeper, data-driven insights
- Demonstrated the ability to navigate and assess complex technical and control environments, diagnose underlying issues, and design tailored, effective solutions suited to dynamic marketplace platforms
- Proven leadership experience building and leading high-performing, geographically distributed teams and managing third-party co-source providers
- Strong familiarity with frameworks such as COSO, COBIT, NIST, ISO 27001, ISO 420001, SOC 2, PCI DSS, and relevant SOX ITGC requirements
- Experience collaborating across Engineering, Security, and Product functions to embed governance into technology design
- Excellent communication skills, executive presence, and the ability to translate technical findings into actionable business insights
- Bachelor’s or Master’s degree in Information Systems, Computer Science, Accounting, or related discipline
- Professional certifications such as CISA, CISSP, CPA, or CIA (multiple preferred)
Benefits
- Comprehensive benefits package including a 401(k) plan with employer matching, 16 weeks of paid parental leave, wellness benefits, commuter benefits match, paid time off and paid sick leave in compliance with applicable laws (e.g. Colorado Healthy Families and Workplaces Act)
- Medical, dental, and vision benefits
- 11 paid holidays
- Disability and basic life insurance
- Family-forming assistance
- Mental health program