CULTIVATE A BETTER WORLD
Food served fast does not have to be a typical fast-food experience. Chipotle has always done things differently, both in and out of our restaurants. We are changing the face of fast food, starting conversations, and directly supporting efforts to shift the future of farming and food. We hope you will join us as we continue to learn, evolve, and shape what comes next on our mission to make better food accessible to everyone.
THE OPPORTUNITY
As the Manager, Governance, Risk, and Compliance (GRC), you will be responsible for the coordination of compliance initiatives, as well as the proactive management and mitigation of risks within Chipotle. This role is instrumental in the advancement of our IT Compliance team, fostering growth and the refinement of our risk and compliance procedures, all with the overarching aim of achieving greater operational efficiency.
WHAT YOU’LL DO
Strong candidates are motivated by what they can achieve, growth they could experience and how they will impact the company.
Lead the team responsible for the automation and engineering-led thinking for security control assessment, evidence collection, and summary reporting.
Develop policies and procedures, coupled with the recommendation, implementation, and enforcement of relevant information security frameworks and standards.
Design and lead implementation of automation for trust, assurance, compliance, and regulatory activities.
Collaborate with various departments to safeguard our adherence to policies and other undertakings that influence the security, confidentiality, integrity, and accessibility of our application, infrastructure, and business operations.
Lead the development and implementation of security awareness trainings and phishing campaigns for the organization, collecting data for analysis and improving security posture.
Collaborate with internal and external auditors to communicate security controls and remediate any concerns.
Collaborate with the broader Security team to ensure successful delivery of security & business objectives.
Improve our reporting and metrics within the GRC team for our stakeholders.
Promote and demonstrate the relevance and importance of security controls and how they provide business value.
Stay ahead of the calendar of our assessments and engage stakeholders in a frictionless, empathetic way.
Integrate GRC systems with cross-functional stakeholder systems to ensure accuracy and consistency.
Serve as the subject matter expert for control validation in the Security team.
Coordinate audit-related tasks to ensure the readiness for audit testing with both internal personnel and external auditors.
Lead the coordination of data gathering needed for internal and external audits, regulatory requirements, and other compliance and risk management needs requirements.
Maintain a working knowledge of applicable compliance drivers (SOX, PCI).
Conduct, document, and report on internal and third-party risk program.
WHAT YOU’LL BRING TO THE TABLE
Bachelor's Degree (BA/BS) from 4-year college or university in Computer Science, Information Technology, or related field preferred.
7+ years of experience working in a cybersecurity capacity developing risk-based solutions, controls frameworks and implementations.
5+ years of experience managing stakeholders internally and externally.
Strong experience in managing enterprise risks and mitigation efforts.
5+ years managing Information Technology individual contributors.
Technical leader with an understanding of cloud technologies, API systems, infrastructure, network, and mobile security.
Analytical in Information Technology, Security, Privacy, or Compliance fields.
Advanced organizational and deadline achieving skillset.
Experience as a GRC or Cybersecurity Player-coach.
Business outcome-based leadership.
Ability to work in complex environments effectively, independently, and collaboratively within a team environment.
Highly analytical and effective communicator capable of influencing other teams and departments.
CISSP, CISM, CISA Certifications Preferred.
PAY TRANSPARENCY
A reasonable estimate of the current base pay range for this position is $126,000.00–$186,000.00. You are also eligible for annual cash bonuses and equity awards based upon performance and other factors. Actual compensation offered may vary depending on skill level, experience, and/or education. Chipotle offers a competitive total rewards package, which includes medical, dental, and vision insurance, 401k, sick leave, vacation time, and much more. Visit https://jobs.chipotle.com/benefits for more details.WHO WE ARE
Chipotle Mexican Grill, Inc. (NYSE: CMG) is cultivating a better world by serving responsibly sourced, classically cooked, real food with wholesome ingredients without artificial colors, flavors or preservatives. Chipotle has restaurants in the United States, Canada, the United Kingdom, France and Germany and is the only restaurant company of its size that owns and operates all its restaurants in North America and Europe. With employees passionate about providing a great guest experience, Chipotle is a longtime leader and innovator in the food industry. Chipotle is committed to making its food more accessible to everyone while continuing to be a brand with a demonstrated purpose as it leads the way in digital, technology and sustainable business practices. For more information or to place an order online, visit WWW.CHIPOTLE.COM
Chipotle Mexican Grill is an equal opportunity employer that values diversity at all levels. As a people-first company rooted in values, our purpose extends beyond serving nutritious food using real ingredients. It means hiring world-class individuals and fostering a culture that champions diversity, ensures equity, and celebrates inclusion. All qualified applicants, regardless of personal characteristics, are encouraged to apply.
Qualified applicants with disabilities may be entitled to reasonable accommodation under the terms of the Americans with Disabilities Act and/or certain state or local laws. Please contact ADAaccommodations@chipotle.comif you need an accommodation due to a disability to complete an application, job interview, and/or to otherwise participate in the hiring process. This email does not respond to non-accommodations related requests.