×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Senior Analyst, Governance, Risk & Compliance

Remote / Online - Candidates ideally in
Columbus, Franklin County, Ohio, 43224, USA
Listing for: Chipotle Mexican Grill
Remote/Work from Home position
Listed on 2026-06-05
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below
** CULTIVATE A BETTER WORLD
** Food served fast does not have to be a typical fast-food experience. Chipotle has always done things differently, both in and out of our restaurants. We are changing the face of fast food, starting conversations, and directly supporting efforts to shift the future of farming and food. We hope you will join us as we continue to learn, evolve, and shape what comes next on our mission to make better food accessible to everyone.
** THE OPPORTUNITY
** As the Senior Analyst, Governance, Risk & Compliance, you will collaborate with all departments at Chipotle to ensure compliance with policies and other activities which impact the confidentiality, integrity, and availability of our application, infrastructure, and business processes.  The role will require the creation of new policies and procedures while recommending, implementing, and ensuring compliance with appropriate information security frameworks and standards all while keeping in mind the efficiencies that can be gained for those fulfilling the policy and/or procedure.
** LOCATION
* * This position will be based in our Columbus, OH office 4 days per week (with work from home on Friday). Remote work is not available for this role.
** WHAT YOU’LL DO
*** Strong candidates are motivated by what they can achieve, growth they could experience and how they will impact the company.
* Participate in the development and implementation of security awareness trainings and phishing campaigns for the whole organization. Collect data for analysis and continuously improve the organization’s security posture.
* Work closely with GRC Leadership to implement global policies, regulatory changes, and risk frameworks across products and systems.
* Stay up to date in industry trends and best practices, including monitoring for changes in PCI-DSS and recommending necessary adjustments to our compliance program.  Contribute to the development of audit process improvements.
* Provide guidance and support to internal project teams to ensure new systems, applications, or processes are designed and implemented in accordance with relevant standards.
* Perform risk assessments, audits, and control testing to ensure Chipotle systems and processes remain in compliance with applicable regulations (PCI-DSS, SOX) and internal Information Security policies, ensuring evidence is collected, reviewed, and maintained to meet compliance objectives.
* Support and enhance the Third-Party Risk Management (TPRM) program, including conducting vendor risk assessments, reviewing security documentation, leveraging tools such as Viso Trust, and partnering with stakeholders to manage third-party risk throughout the vendor lifecycle.
* Monitor and track remediation efforts for identified non-compliance issues to ensure timely resolution, including managing policy exceptions and violations.
* Participate in incident response activities as a Scribe and on-call team member, ensuring accurate documentation of events, timelines, decisions, and actions during security incidents, and supporting post-incident reviews and reporting.
* Create written reports and dashboards for monitoring compliance and communicating status with business leaders.
* Assist in coordinating annual on-site audits and preparing compliance reports for submission to external stakeholders.
* Review change management tickets and associated evidence to validate control effectiveness and audit readiness, ensuring completeness, accuracy, and alignment with compliance requirements.
* Assist with other compliance team projects as required to meet evolving regulatory and compliance needs and objectives.
* Assist in architecting and improving a suite of GRC tools to automate controls, risk data collection, monitoring, and governance procedures.
* Develop and maintain policies and standards in support of operational and compliance goals, including creating supporting operational work instructions where it would be most effective.
* Develop, execute, and/or coordinate governance structures to align with industry and compliance frameworks such as PCI, SOX, and NIST CSF.
** WHAT YOU’LL BRING TO THE TABLE
*** Bachelor’s degree in…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search