Director - GRC for SOX Systems

CREATIVITY IS OUR SUPERPOWER. It’s our heritage and it’s also our future. Because we don’t just make toys. We create innovative products and experiences that inspire fans, entertain audiences and develop children through play. Mattel is at its best when every member of our team feels respected, included, and heard—when everyone can show up as themselves and do their best work every day. We value and share an infinite range of ideas and voices that evolve and broaden our perspectives with a reach that extends into all our brands, partners, and suppliers.

The Opportunity: 

We are seeking an experienced and strategic Director of Governance, Risk, and Compliance (GRC). You will report to the Senior Director - GRC and help with an evolving workload in a fast-paced environment. If you are passionate about continuous learning and keeping up with cutting edge technology and influencing the future of GRC leveraging data and automation, then this is the position for you! Whether it is facilitating Mattel’s SOX compliance efforts or conducting ITGCs, we strive to enhance the effectiveness, efficiency and scalability of the company’s processes, systems, and underlying IT control environment. You will be expected to problem solve, collaborate, and move fast while keeping attention to detail.

Position is expected to be Onsite role : El Segundo, CA 

The Director will be instrumental in building a world-class IT GRC function, that provides assurance and advisory services regarding Mattel’s IT & Security governance, risk and control effectiveness.

The Director must demonstrate significant experience with assessing risk and demonstrate excellence in designing and implementing a risk-based approach.

What Your Impact Will Be: 

• Partnering and strengthening relationships with key stakeholders (including Internal Audit, IT Engineering, Product Security teams, and external auditors) for ongoing risk assessments, proactive insights on risks and oversight on planned audit(s) planning & execution.

• Deep dive into Mattel’s IT environment to develop broad domain and technical understanding of our key policies, risks & controls in place to ensure that Mattel has a controlled IT environment.

• Overseeing the coordination and delivery of ITGCs and other IT controls to internal and external audit. Facilitate and lead IT control remediation efforts

• Be a GRC Liaison for all system implementations and its SDLC processes

• Strategic Leadership: Develop and implement the GRC strategy aligned with organizational goals and regulatory requirements.

• GRC Planning: Design and execute a comprehensive risk-based annual IT & Security internal GRC & audit plan for approval by all stakeholders that identifies and evaluates risk areas, controls, and compliance with internal policies and external regulations.

• Risk Assessment: Conduct risk assessments to identify system vulnerabilities, compliance gaps, and areas for improvement, ensuring robust protection against security threats and mismanagement.

• Team Management: Lead, mentor, and develop our high-performing GRC team, fostering a culture of continuous improvement (e.g., efficient and effective ways of testing controls leveraging data/ Snowflake product as needed) and professional growth.

• Reporting: Prepare and communicate clear, concise reports to senior management, highlighting significant findings, risks, and recommendations for improvement.

• Stakeholder Collaboration: Work closely with key stakeholders, including Engineering, Product Management, Security / IT risk management, IT Enterprise Apps teams, to build strong working relationships and facilitate collaborative approaches to managing risk.

• Continuous Improvement: Recommend enhancements to internal controls and processes based on audit findings and industry best practices, aiding in the establishment of an agile and responsive GRC function.

• Education and Awareness: Conduct training sessions to promote awareness of internal controls, risk management, and compliance across the organization

What We’re Looking For:

• 15+ years of experience with a combination of IT / Security / audit and Tech Industry background

• 10+ years in managing and building high performing teams

• Experience with system implementations like Oracle Cloud.

• Hands-on experience with GRC platforms (e.g., AuditBoard, Fastpath, Archer, ServiceNow, etc.) and risk management tools.

• Experience in leading an IT / Security audit function

• Bachelor’s or Master’s degree in Computer Science, Information Technology or Systems; or relevant MBA.

• CISA, CISSP, CISM, or similar certifications.

• Relevant work experience in IT SOX, other Technology or System audits and SOC 1 / SOC 2 / ISO / CIS controls assessment.

• In-depth knowledge of IT / IS management concepts such as logical access management, cybersecurity, change management and relevant auditing standards, compliance regulations, and risk assessment methodologies

• A record of delivery of IT process improvement projects with technology processes and/or major tech companies along with generating automated metrics to measure effectiveness and consistency.

• Experience in technical security design, compliance consulting, or advisory work in support of a highly technical environment. 

• Experience with cloud-based security & deployment practices, and certifications like AWS, Azure and Google Cloud is strongly preferred.

• Strong quantitative, analytical, data-intuition, and problem-solving skills, and proficiency in data analytics techniques.

• Working knowledge of internal controls and auditing techniques.

• Detail and team orientated; ability to work both independently and as a team member.

• Self-starter, ability to proactively problem-solve, identify, advocate for and execute improvements.

• Ability to manage multiple, concurrent projects efficiently and effectively

• Effectively manage relationships with senior management and other key stakeholders.

The annual base salary range for this position is between $193,000 and $235,000.
**This range is indicative of projected hiring range, however annual base salary will be determined based on a candidate’s work location, skills and experience. Mattel offers competitive total pay programs, comprehensive benefits, and resources to help empower a culture where every employee can reach their full potential.

Don’t meet every single requirement? At Mattel, we are dedicated to an inclusive workplace and a culture of belonging. If you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we still encourage you to apply. You may be just the right candidate for this or other roles.

How We Work:

We are a purpose driven company aiming to empower generations to explore the wonder of childhood and reach their full potential. We live up to our purpose employing the following behaviors:

• We collaborate: Being a part of Mattel means being part of one team with shared values and common goals. Every person counts and working closely together always brings better results. Partnership is our process and our collective capabilities is our superpower.
• We innovate: At Mattel we always aim to find new and better ways to create innovative products and experiences. No matter where you work in the organization, you can always make a difference and have real impact. We welcome new ideas and value new initiatives that challenge conventional thinking.
• We execute: We are a performance-driven company. We strive for excellence and are focused on pursuing best-in-class outcomes. We believe in accountability and ownership and know that our people are at their best when they are empowered to create and deliver results.

Who We Are:

Mattel is a leading global toy and family entertainment company and owner of one of the most iconic brand portfolios in the world. We engage consumers and fans through our franchise brands, including Barbie, Hot Wheels, Fisher-Price, American Girl, Thomas & Friends, UNO, Masters of the Universe, Matchbox, Monster High, MEGA and Polly Pocket, as well as other popular properties that we own or license in partnership with global entertainment companies. Our offerings include toys, content, consumer products, digital and live experiences. Our products are sold in collaboration with the world’s leading retail and ecommerce companies. Since its founding in 1945, Mattel is proud to be a trusted partner in empowering generations to explore the wonder of childhood and reach their full potential.

Mattel’s award-winning workplace culture has been recognized by Forbes, Fast Company, Newsweek, Great Place to Work, TIME, and more.

Visit us at https://jobs.mattel.com/ and www.instagram.com/MattelCareers.

Mattel is an Affirmative Action/Equal Opportunity Employer where we want you to bring your authentic self to work every day. We welcome all job seekers, and all applicants will receive consideration for employment without regard to race, ethnicity, color, national origin, religion, sex, gender, gender identity or expression, sexual orientation, veteran and protected veteran status, disability status, and or any other basis protected by applicable federal, state or local law.

Pursuant to the Los Angeles Fair Chance Ordinance and the California Fair Chance Act, qualified applicants with arrest or conviction records will be considered for employment.

Videos to watch:
The Culture at Mattel
Mattel Investor Highlights