Skip to main content

Senior Analyst, Governance, Risk & Compliance

Columbus, Ohio 333 W Nationwide Blvd, 43215
Senior Analyst, Governance, Risk & Compliance (21005971)

<p style="margin-top:0px;margin-bottom:0px;font-family: Arial">


The Senior GRC Analyst will be responsible for coordinating governance, risk, and compliance activities to mitigate and manage risks at Chipotle. This role will lead the GRC team to grow and mature its risk and compliance processes to gain efficiencies and effectiveness and requires collaboration with all departments at Chipotle to ensure an acceptable risk posture for the organization, thereby enhancing the security posture for activities that impact the confidentiality, integrity, and availability of our information assets and resources, our infrastructure, and our business processes.


  • Develop and coordinate alignment to technology governance and control frameworks such as PCI, SOX, ISO 27001/2, COBIT, GAPP, ITIL, GDPR, CCPA, and various NIST SP’s, implementing where appropriate.

  • Develop remediation models for events, incidents, and alerts in IT control domains (SOX, PCI, NIST, etc.), internal or external audits, and/or control readiness assessments.

  • Implement control design and effectiveness testing to assess control strength in treating technology risks.

  • Develop and prepare governance Key Performance Indicators (KPI) reports on the status of risk assessment, control effectiveness, gap remediation, third party risk management issues, and internal and external audit findings and recommendations.

  • Work cross-functionally with business partners throughout Chipotle’s organization, collaborating with management and their respective teams to drive adoption of Governance, Risk & Compliance policies, standards, principles, procedures, and requirements.

  • Manage control exceptions or deficiencies tracking and monitoring, assisting with remediation development within Chipotle, and serve as a liaison to internal and/or external audit entities.

  • Maintain a working knowledge of applicable compliance drivers (SOX, PCI, GDRP, CCPA, ITIL, etc.). and keep abreast of developing regulatory changes and assist in providing guidance to assess new requirements.


  • Bachelor's Degree (BA/BS) from 4-year college or university.

  • 3-5 Information Technology (IT)

  • Preferred, Certified Information Systems Security Professional (CISSP), Systems Security Certified Practitioner (SSCP) Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM)

  • Proficient with MS Office - Excel, Word, PowerPoint, & Outlook

  • Working in GRC Tools, Testing and validation of SOX Key Controls

  • Excellent communication (written and verbal) skills; analytical in Security, Privacy, and Compliance (SOX) fields; advanced organizational and deadline achieving skillset


Food served fast doesn’t have to be a typical fast food experience. Chipotle has always done things differently, both in and out of our restaurants. We're changing the face of fast food, starting conversations, and directly supporting efforts to shift the future of farming and food. We hope you'll join us as we continue to learn, evolve, and shape what comes next on our mission to make better food accessible to everyone.

Chipotle Mexican Grill, Inc. (NYSE: CMG) is cultivating a better world by serving responsibly sourced, classically-cooked, real food with wholesome ingredients without artificial colors, flavors, or preservatives. Chipotle had over 2,800 restaurants as of December 30, 2020, in the United States, Canada, the United Kingdom, France, and Germany and is the only restaurant company of its size that owns and operates all its restaurants. With more than 91,000 employees passionate about providing a great guest experience, Chipotle is a longtime leader and innovator in the food industry. Chipotle is committed to making its food more accessible to everyone while continuing to be a brand with a demonstrated purpose as it leads the way in digital, technology, and sustainable business practices. Steve Ells, founder, and executive chairman, first opened Chipotle with a single restaurant in Denver, Colorado in 1993. For more information or to place an order online, visit WWW.CHIPOTLE.COM.

Primary Location: Ohio - Columbus - 8889 - 333 W Nationwide-(08889)

Work Location:
8889 - 333 W Nationwide-(08889)
333 W Nationwide Blvd
Columbus 43215

Job Information Technology Job Posting Feb. 17, 2021 Job Number 21005971

You have not viewed any jobs recently.

Dream Jobs Do Come True

Eyeing your ideal job? Sign up for alerts and we’ll let you know when the position opens up.

Let us know what you’re interested in.Select a job category from the list of options. Search for a location and select one from the list of suggestions. Finally, click “Add” to create your job alert.

  • Information Technology, Columbus, Ohio, United StatesRemove
  • Information Technology, Dublin, Ohio, United StatesRemove

By submitting this form, you are agreeing to our privacy agreement. Opens in a new window