Skip to main content

Senior Analyst, Governance, Risk & Compliance

Columbus, Ohio 500 Neil Ave, 43215
Senior Analyst, Governance, Risk & Compliance (23021701)



Food served fast does not have to be a typical fast-food experience.  Chipotle has always done things differently, both in and out of our restaurants. We are changing the face of fast food, starting conversations, and directly supporting efforts to shift the future of farming and food. We hope you will join us as we continue to learn, evolve, and shape what comes next on our mission to make better food accessible to everyone.



As the Senior Analyst in Governance, Risk & Compliance, you will be responsible for coordinating governance, risk, and compliance activities to mitigate and manage risks at Chipotle. This role will lead the GRC team to grow and mature its risk and compliance processes to gain efficiencies and effectiveness. You will collaborate with all departments at Chipotle to ensure an acceptable risk posture for the organization, thereby enhancing the security posture for activities which impact the confidentiality, integrity, and availability of our information assets and resources, our infrastructure, and our business processes.



·         Design and execute procedures to assess control effectiveness in treating technology risks.

·         Consult with and assist operational partners to design governance structures to effectively address risk, including controls, policies, remediation models, and work instructions.

·         Assist in architecting a suite of GRC tools to automate controls, risk data collection and monitoring, and other governance procedures.

·         Develop and maintain policies and standards in support of operational and compliance goals; creating supporting operational work instructions when it would be most effective.

·         Develop, execute, and/or coordinate governance structures to align with industry and compliance frameworks such as PCI, SOX, NIST CSF, COBIT, GAAP, ITIL, GDPR, CCPA, and various NIST SP’s, implementing where appropriate.

·         Develop and maintain risk monitoring mechanisms, such as Key Performance Indicators (KPIs), reports on status of risk assessment, control effectiveness, gap remediation, third party risk management issues, and internal and external audit findings and recommendations. Utilize GRC tools and applications to

·         Manage control exceptions or deficiencies tracking and monitoring, assisting with remediation development within Chipotle, and serve as a liaison to internal and/or external audit entities.

·         Maintain a working knowledge of applicable compliance drivers (SOX, PCI, GDPR, CCPA, ITIL, etc.). and keep abreast of developing regulatory changes and assist in providing guidance to assess new requirements.

·         Utilize GRC applications to conduct risk assessments for internal and third-party vendor technology systems.

·         Other duties as assigned.




·         High school diploma or general education degree (GED) required.

·         Bachelor's Degree (BA/BS) from 4-year college or university preferred.

·         Certified Information Systems Security Professional (CISSP), Systems Security Certified Practitioner (SSCP) Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM) preferred.



Chipotle Mexican Grill, Inc. (NYSE: CMG) is cultivating a better world by serving responsibly sourced, classically cooked, real food with wholesome ingredients without artificial colors, flavors or preservatives. Chipotle has over 3,000 restaurants in the United States, Canada, the United Kingdom, France and Germany and is the only restaurant company of its size that owns and operates all its restaurants. Chipotle is ranked on the Fortune 500 and is recognized on the 2022 list for Fortune's Most Admired Companies. With over 100,000 employees passionate about providing a great guest experience, Chipotle is a longtime leader and innovator in the food industry. Chipotle is committed to making its food more accessible to everyone while continuing to be a brand with a demonstrated purpose as it leads the way in digital, technology and sustainable business practices. For more information or to place an order online, visit



A reasonable estimate of the current base salary range for this position is $96,000 to $131,000. You are also eligible for annual cash bonuses and equity awards based upon performance and other factors. Actual compensation offered may vary depending on skill level, experience, and/or education. Chipotle offers a competitive total rewards package, which includes medical, dental, and vision insurance, 401k, sick leave, vacation time, and much more.  Visit

Chipotle Mexican Grill is an equal opportunity employer that values diversity at all levels. As a people-first company rooted in values, our purpose extends beyond serving nutritious food using real ingredients. It means hiring world-class individuals and fostering a culture that champions diversity, ensures equity, and celebrates inclusion. All qualified applicants, regardless of personal characteristics, are encouraged to apply.

Qualified applicants with disabilities may be entitled to reasonable accommodation under the terms of the Americans with Disabilities Act and/or certain state or local laws. Please contact if you need an accommodation due to a disability to complete an application, job interview, and/or to otherwise participate in the hiring process. This email does not respond to non-accommodations related requests.

Primary Location: Ohio - Columbus - 8890 - 500 Neil Ave-(08890)

Work Location:
8890 - 500 Neil Ave-(08890)
500 Neil Ave
Columbus 43215

Job Information Technology Job Posting Jun. 22, 2023 Job Number 23021701

You have not viewed any jobs recently.

Dream JobsDo Come True

Eyeing your ideal job? Sign up for alerts and
we’ll let you know when the position opens up.

Already signed up? click here

By submitting this form, you are agreeing to our privacy agreement. Opens in a new window