About the position
As a Compliance and Audit Specialist, you will strengthen Whataburger’s cybersecurity, technology, and regulatory posture by ensuring we meet internal policies, industry standards, and compliance obligations. Your work supports a secure and resilient environment that empowers our restaurants and teams to Make a Difference by protecting our systems and data; Serve with Heart by helping stakeholders understand and implement effective controls; Win as One by collaborating across Technology, Security, Risk, Legal, and business partners; and Move Forward Boldly by driving continuous improvement, audit readiness, and proactive compliance practices across the enterprise
Responsibilities
• Prepare and support internal and external audits, coordinating evidence, documentation, and control testing.
• Evaluate IT and security controls, identify gaps, and track remediation through completion.
• Monitor regulatory and industry cybersecurity standards to ensure ongoing compliance.
• Review third‑party and vendor risk materials, including questionnaires and audit attestations.
• Provide clear compliance updates, audit findings, and risk insights to Technology leadership.
• Partner cross‑functionally to align security practices with evolving requirements and operational needs.
Requirements
• Working knowledge of cybersecurity governance, risk, and compliance (GRC) concepts.
• Understanding of PCI DSS v4.0 requirements and how to apply them in enterprise IT environments.
• Ability to map regulatory frameworks to administrative and technical controls.
• Skill in identifying control deficiencies, audit findings, and compliance risks.
• Familiarity with security governance tools and platforms that support compliance monitoring.
• Strong written and verbal communication skills for presenting audit results and compliance expectations.
• Proven ability to conduct interviews, facilitate control reviews, and collaborate across IT, Security, Risk, Legal, and business teams.
• 5+ years of relevant professional experience.
Nice-to-haves
• CISA (Certified Information Systems Auditor).
• CRISC (Certified in Risk and Information Systems Control).
• Experience supporting third‑party risk, cybersecurity governance, or audit programs in large organizations.
Benefits
• Competitive Weekly Pay
• Bonus Program that scales up to 2.5X payout potential based on company results
• 5 weeks PTO
• Flex Weeks
• Paid Corporate Holidays
• Paid Parental Leave
• 401(k) match $1/$1 up to 4%
• Competitive Medical, Dental and Vision Benefits
• Short-term and Long-term Disability Benefits
• Opportunities for Career Development and Growth
• Whataburger Family Foundation - Scholarship Program (dependents eligible) and Hardship Grant Assistance
• Discounted Meals for You and a Guest
• Wireless Service Discounts
• Computer & Software Discounts
• Fitness / Gym Discounts
• Awards and recognition for all you do
• Retirement Celebration Program