IT AuditorColumbus, Ohio 333 W Nationwide Blvd, 43215
The IT Auditor will be responsible for coordinating governance, risk, and compliance activities to mitigate and manage risks at Chipotle. This role will lead the GRC team to grow and mature its risk and compliance processes to gain efficiencies and effectiveness and requires collaboration with all departments at Chipotle to ensure an acceptable risk posture for the organization, thereby enhancing the security posture for activities that impact the confidentiality, integrity, and availability of our information assets and resources, our infrastructure, and our business processes.
- Build, test, evaluate, and implement procedural documentation (e.g. process flows, data flow maps, application controls, IT controls, SOP's) or other work instructions to support the policies, standards, controls and compliance readiness capabilities.
- Analyze and evaluate how the organization, processes, and IT systems work, along with the identification of risks and controls.
- Conduct IT and IT-related audit projects using established Chipotle's IT auditing standards, requirements, and procedures, as well as regulatory requirements, standards, and good practices such as SOX, COBIT, ITIL, etc.
- Maintain a working knowledge of applicable audit, compliance, and governance drivers (SOX, PCI, ISO 27001/2, COBIT, GAPP, and ITIL, etc.) and keep abreast of developing regulatory changes and assist in providing guidance to assess new requirements.
- Identify emergent risks and execute an audit process for system/application for controlled, reliable, efficient, secure, and effective compliance assessments and works with management to establish remediation plans and timelines.
- Provide oversight and management of audit finding remediation, including generating requirements for full remediation, providing feedback and suggestions on managerial responses to findings, and tracking progress and providing status and updates to the GRC leadership for reporting purposes.
- Work cross functionally with business partners throughout Chipotle’s organization, collaborating with management and their respective teams to drive adoption of IT audit and SOX policies, standards, principles, procedures and requirements, consistently improving processes, and ensuring mitigating controls are implemented to lower risk to the organization.
- Manage relationship with audit partners (internal and external) to receive audit recommendations and findings to facilitate the collection of responses and remediation plans with business owners.
- Implement control design and effectiveness testing to assess control strength in treating technology risks.
- Manage control exceptions or deficiencies tracking and monitoring, assisting with remediation development within Chipotle, and serve as a liaison to internal and/or external audit entities.
- Develop and prepare governance Key Performance Indicators (KPI) reports on status of risk assessment, control effectiveness, gap remediation, third party risk management issues, and internal and external audit findings and recommendations.
- Develop and maintain IT audit and SOX policies, standards, and operational procedure documents.
- May perform other duties as assigned.
- Bachelor's Degree (BA/BS) from a 4-year college or university in Computer Science, Information Systems, Accounting or Finance.
- 3-5 years of experience in Information Technology, IT Audit and associated standards conducting IT audit/internal control reviews and consulting on special projects.
- Proficient with MS Office - Excel (queries, V lookups, Pivot tables, data extraction, etc.), Word, PowerPoint, & Outlook; Knowledge of IT General Controls or SOX controls.
- Strong communicator (written and verbal); analytical and critical thinking skills; proactive and know how to tackle a problem; advanced organizational and deadline achieving skillset
- Testing and validation of IT SOX Key Controls; experience with technology; knowledge of internal auditing standards including SOX, COSO and COBIT; Experience with any of the Big 4 (Ernst & Young, Deloitte, KPMG, PWC); data analysis; Familiarity with regulatory/compliance IT frameworks, including: SOX; GLBA; PCI DSS, ISO 27001/27002, FFIEC IT Handbooks, COBIT, ITIL preferred.
- Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), working history with Big 4 Audit Firm (public accounting/internal audit) preferred.
Chipotle Mexican Grill, Inc. (NYSE: CMG) is cultivating a better world by serving responsibly sourced, classically cooked, real food with wholesome ingredients without artificial colors, flavors, or preservatives. Chipotle had over 2,850 restaurants as of December 30th, 2020, in the United States, Canada, the United Kingdom, France and Germany and is the only restaurant company of its size that owns and operates all its restaurants. With more than 88,000 employees passionate about providing a great guest experience, Chipotle is a longtime leader and innovator in the food industry. Chipotle is committed to making its food more accessible to everyone while continuing to be a brand with a demonstrated purpose as it leads the way in digital, technology and sustainable business practices. Steve Ells, founder and former executive chairman, first opened Chipotle with a single restaurant in Denver, Colorado in 1993. For more information or to place an order online, visitWWW.CHIPOTLE.COM.
Food served fast does not have to be a typical fast-food experience. Chipotle has always done things differently, both in and out of our restaurants. We are changing the face of fast food, starting conversations, and directly supporting efforts to shift the future of farming and food. We hope you'll
Primary Location: Ohio - Columbus - 8889 - 333 W Nationwide-(08889)
8889 - 333 W Nationwide-(08889)
333 W Nationwide Blvd