Manager, IT Governance, Risk & Compliance

$126,000 - $186,000/Yr

Chipotle - Columbus, OH

posted about 2 months ago

Full-time - Manager
Columbus, OH
Food Services and Drinking Places

About the position

As the Manager of Governance, Risk, and Compliance (GRC) at Chipotle, you will play a crucial role in coordinating compliance initiatives and proactively managing risks. This position is essential for advancing the IT Compliance team, enhancing risk and compliance procedures, and achieving operational efficiency. You will lead a team focused on automating security control assessments and developing policies to ensure adherence to information security frameworks.

Responsibilities

  • Lead the team responsible for automation and engineering-led thinking for security control assessment, evidence collection, and summary reporting.
  • Develop policies and procedures, and recommend, implement, and enforce relevant information security frameworks and standards.
  • Design and lead the implementation of automation for trust, assurance, compliance, and regulatory activities.
  • Collaborate with various departments to ensure adherence to policies affecting security, confidentiality, integrity, and accessibility.
  • Lead the development and implementation of security awareness trainings and phishing campaigns, analyzing data to improve security posture.
  • Collaborate with internal and external auditors to communicate security controls and address concerns.
  • Work with the broader Security team to ensure successful delivery of security and business objectives.
  • Enhance reporting and metrics within the GRC team for stakeholders.
  • Promote the relevance and importance of security controls and their business value.
  • Engage stakeholders in a frictionless manner regarding assessment calendars.
  • Integrate GRC systems with cross-functional stakeholder systems for accuracy and consistency.
  • Serve as the subject matter expert for control validation in the Security team.
  • Coordinate audit-related tasks to ensure readiness for audit testing with internal and external auditors.
  • Lead the coordination of data gathering for audits, regulatory requirements, and compliance needs.
  • Maintain knowledge of applicable compliance drivers (SOX, PCI).
  • Conduct, document, and report on internal and third-party risk programs.

Requirements

  • Bachelor's Degree in Computer Science, Information Technology, or related field preferred.
  • 7+ years of experience in a cybersecurity capacity developing risk-based solutions and controls frameworks.
  • 5+ years of experience managing stakeholders internally and externally.
  • Strong experience in managing enterprise risks and mitigation efforts.
  • 5+ years managing Information Technology individual contributors.
  • Technical leadership understanding of cloud technologies, API systems, infrastructure, network, and mobile security.
  • Analytical skills in Information Technology, Security, Privacy, or Compliance fields.
  • Advanced organizational and deadline management skills.
  • Experience as a GRC or Cybersecurity Player-coach.
  • Business outcome-based leadership ability.
  • Ability to work effectively in complex environments, both independently and collaboratively.
  • Highly analytical and effective communicator capable of influencing teams.

Nice-to-haves

  • CISSP, CISM, CISA Certifications Preferred.

Benefits

  • Medical insurance
  • Dental insurance
  • Vision insurance
  • 401k
  • Sick leave
  • Vacation time
  • Annual cash bonuses
  • Equity awards based on performance
Job Description Matching

Match and compare your resume to any job description

Start Matching

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service