Senior Engineer, Security Engineering

CULTIVATING A BETTER WORLD

Food served fast does not have to be a typical fast-food experience.  Chipotle has always done things differently, both in and out of our restaurants. We are changing the face of fast food, starting conversations, and directly supporting efforts to shift the future of farming and food. We hope you will join us as we continue to learn, evolve, and shape what comes next on our mission to make better food accessible to everyone.

THE OPPORTUNITY

With minimal supervision, the Senior Engineer, Security Engineering participates in efforts to implement security capabilities, assist other technology and business organizations in the implementation of solutions and strategies to complex challenges, with adherence to the NIST framework. This individual will perform analysis of security events received through native platforms, third party, or internal reporting sources.

WHAT YOU’LL DO

• In addition to following Chipotle’s policies and procedures, principal accountabilities include, but are not limited to:

• Evangelize IT security fundamentals, tools, processes, and acts as a consultative partner with IT and Business teams.
• Performs IT security assessments and remediation activities as part of the IT security organization and ensures CMG teams adhere to the NIST Framework.
• Manage a suite of IT security tools providing controls that support our security policies.
• Technical ownership with current or future solution providers, and work closely with Governance Risk and Compliance team to provide analysis of external, and internal risk assessments. 
• Provide Security Guidance through project participation - Work cross functionally with all departments for SME level security guidance on all projects which have security impact to CMG.
• Guide and perform security activities including vulnerability testing and analysis, design and implementation of new solutions/features and investigation into security events.
• Ensure teams are implementing applications/environments in compliance of defined security policies based on risk avoidance and security best practices.
• Make recommendations on toolset and process modifications and improvements and production IT security support.
• Perform the Evaluation and Recommendation of current and future technology solutions to mitigate risk to the business.
• Participate as a key member in security incident response activities as well as daily Security Operational tasks.
• Participate in documentation and adherence to Security Policies and Operating Procedures.

WHAT YOU’LL BRING TO THE TABLE

• BS in related field, or equivalent experience and training required.
• 5-8 years of experience in IT Security Engineering or related field.
• Relevant trainings and certifications preferred (CISSP, CCSP, CCSK, etc).
• Ability to perform event analysis and investigation.
• Comprehensive understanding of Security Risk Frameworks.
• Ability to configure and manage core technologies.
• Expert level understanding of security skills and concepts.
• Extensive networking knowledge in one or more of CMG's core technologies.
• Functional knowledge of event logging, parsing and orchestration.
• Understanding of proper maintenance of security solutions.
• Strong communication and relationship building skills.
• Experience in technical writing, and ability to present information at the executive level.
• Skilled at performing IT security focused application/environment design reviews.
• Experience using common security testing tools and techniques to perform a variety of security assessments across multiple platforms with significant expertise in either web or mobile penetration testing.
• Deeply knowledgeable about security vulnerabilities with the ability to identify them, assess risk, and provide remediation guidance.
• Knowledgeable regarding incorporating security requirements into a SDLC.
• Functional knowledge of event logging, parsing and orchestration.
• Design and implementation experience in Security solutions.
• SME level participation with ePMO, Architecture, and Leadership activities.
• Development and maturation of IT security program through interaction with Security and GRC Leadership.
• Remain current with Information Security best practices

WHO WE ARE

Chipotle Mexican Grill, Inc. (NYSE: CMG) is cultivating a better world by serving responsibly sourced, classically cooked, real food with wholesome ingredients without artificial colors, flavors or preservatives. Chipotle has over 3,000 restaurants in the United States, Canada, the United Kingdom, France and Germany and is the only restaurant company of its size that owns and operates all its restaurants. Chipotle is ranked on the Fortune 500 and is recognized on the 2022 list for Fortune's Most Admired Companies. With over 100,000 employees passionate about providing a great guest experience, Chipotle is a longtime leader and innovator in the food industry. Chipotle is committed to making its food more accessible to everyone while continuing to be a brand with a demonstrated purpose as it leads the way in digital, technology and sustainable business practices. For more information or to place an order online, visit www.chipotle.com

PAY TRANSPARENCY

A reasonable estimate of the current base salary range for this position is $112,000 to $156,000. You are also eligible for annual cash bonuses and equity awards based upon performance and other factors. Actual compensation offered may vary depending on skill level, experience, and/or education. Chipotle offers a competitive total rewards package, which includes medical, dental, and vision insurance, 401k, sick leave, vacation time, and much more.  Visit https://jobs.chipotle.com/benefits

Chipotle Mexican Grill is an equal opportunity employer that values diversity at all levels. As a people-first company rooted in values, our purpose extends beyond serving nutritious food using real ingredients. It means hiring world-class individuals and fostering a culture that champions diversity, ensures equity, and celebrates inclusion. All qualified applicants, regardless of personal characteristics, are encouraged to apply.

Qualified applicants with disabilities may be entitled to reasonable accommodation under the terms of the Americans with Disabilities Act and/or certain state or local laws. Please contact ADAaccommodations@chipotle.com if you need an accommodation due to a disability to complete an application, job interview, and/or to otherwise participate in the hiring process. This email does not respond to non-accommodations related requests.

Primary Location: Ohio - Columbus - 8890 - 500 Neil Ave-(08890)

Work Location:

8890 - 500 Neil Ave-(08890)

500 Neil Ave

Columbus 43215

Primary Location: Ohio - Columbus - 8890 - 500 Neil Ave-(08890)

Work Location:
8890 - 500 Neil Ave-(08890)
500 Neil Ave
Columbus 43215