Analyst Security(Cybersecurity Governance Analyst )

About Mattel

CREATIVITY IS OUR SUPERPOWER. It’s our heritage and it’s also our future. Because we don’t just make toys. We create innovative products and experiences that inspire fans, entertain audiences and develop children through play. Mattel is at its best when every member of our team feels respected, included, and heard—when everyone can show up as themselves and do their best work every day. We value and share an infinite range of ideas and voices that evolve and broaden our perspectives with a reach that extends into all our communities.

Job Summary

We are seeking a detail-oriented and highly collaborative Cybersecurity Governance Analyst to support the planning, coordination, and execution of cybersecurity audits and governance activities. This role will work within our larger cybersecurity governance program and play a key part in ensuring audit readiness, maintaining compliance with relevant cybersecurity frameworks and regulations, and driving cross-functional teams toward timely and effective control implementation.

The ideal candidate has a strong foundational understanding of cybersecurity governance, hands-on experience supporting audits, and the ability to translate control requirements into clear, actionable artifacts and responses. In this role, you will ensure the audit requests are addressed efficiently, accurately, and on time. You will ensure documentation is audit-ready, well-organized, and easy to navigate. Lastly, you will ensure the gaps are proactively identified, communicated, and remediated.

Key Responsibilities

• Coordinate and manage the logistics of cybersecurity audits, including preparation, evidence collection, response tracking, and follow-ups for internal and external audit requests.
• Interpreting and operationalize cybersecurity frameworks and regulatory requirements such as CCPA, CPRA, SOX ITGC, and NIST CSF 2.0, and other relevant cybersecurity or privacy frameworks.
• Demonstrate a deep understanding of security controls, including their intent, requirements, and how to satisfy them through well-documented artifacts, deliverables, and audit-ready narratives.
• Develop, review, and maintain audit evidence, control documentation, and standardized responses that clearly and accurately demonstrate compliance.
• Review policies, standards, procedures, and SOPs to identify gaps, inconsistencies, or areas of non-alignment with control requirements.
• Partner with technical and business teams to guide remediation efforts, clarify expectations, and help close identified gaps.
• Actively drive accountability across teams, following up on open actions and ensuring requirements are met within defined timelines.
• Track audit, governance, and compliance activities using tools such as AuditBoard (or similar platforms), maintaining clear status, ownership, and documentation.
• Provide program and audit status updates to leadership, including progress, risks, blockers, and key decisions.
• Prepare and deliver clear, concise presentations for leadership and stakeholders summarizing audit readiness, findings, and remediation progress.
• Support interactions with external auditors, including coordinating requests, clarifying responses, and ensuring timely delivery of evidence.

Preferred Qualifications

• Bachelor’s degree in Cybersecurity, IT Management, CS, Privacy & Ethics or a related field.
• 3-4 years of experience in cybersecurity governance, risk, compliance, or audit support.
• Working knowledge of cybersecurity frameworks and regulations such as NIST CSF 2.0, SOX, CCPA, PII, HSP, or similar standards.
• Strong understanding of security controls, including how controls are designed, implemented, and evidenced.
• Experience creating or managing audit artifacts, compliance documentation, and control narratives.
• Familiarity with governance and audit management tools such as AuditBoard (or comparable platforms).
• Excellent written and verbal communication skills, with the ability to explain complex requirements clearly and confidently.
• Strong organizational and project management skills, with the ability to manage multiple workstreams simultaneously.
• Proven ability to influence and drive cross-functional teams to meet compliance and audit requirements.

Preferred Skills

• Experience working directly with external auditors.
• Exposure to privacy-related compliance efforts involving PII and data protection requirements.
• Experience presenting audit or compliance status to senior leadership.

What We’re Looking For

Demonstrated a growth mindset by staying curious and continuously learning, embracing challenges, and improving themselves.

Don’t meet every single requirement? At Mattel, we are dedicated to an inclusive workplace and a culture of belonging. If you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we still encourage you to apply. You may be just the right candidate for this or other roles.

How We Work

We are a purpose driven company aiming to empower generations to explore the wonder of childhood and reach their full potential. We live up to our purpose employing the following behaviors:

We collaborate: Being a part of Mattel means being part of one team with shared values and common goals. Every person counts and working closely together always brings better results. Partnership is our process and our collective capabilities is our superpower.
We innovate: At Mattel we always aim to find new and better ways to create innovative products and experiences. No matter where you work in the organization, you can always make a difference and have real impact. We welcome new ideas and value new initiatives that challenge conventional thinking.
We execute: We are a performance-driven company. We strive for excellence and are focused on pursuing best-in-class outcomes. We believe in accountability and ownership and know that our people are at their best when they are empowered to create and deliver results.

Our Approach to Flexible Work:

We embrace a flexible work model designed to empower a culture of growth, optimism, and wellbeing, where every employee can reach their full potential. Combining purposeful in-person collaboration with flexibility, our focus is to optimize performance and drive connection for moments that matter.

Who We Are

Mattel is a leading global toy and family entertainment company and owner of one of the most iconic brand portfolios in the world. We engage consumers and fans through our franchise brands, including Barbie, Hot Wheels, Fisher-Price, American Girl, Thomas & Friends, UNO, Masters of the Universe, Matchbox, Monster High, MEGA and Polly Pocket, as well as other popular properties that we own or license in partnership with global entertainment companies. Our offerings include toys, content, consumer products, digital and live experiences. Our products are sold in collaboration with the world’s leading retail and ecommerce companies. Since its founding in 1945, Mattel is proud to be a trusted partner in empowering generations to explore the wonder of childhood and reach their full potential.

Mattel’s award-winning workplace culture has been recognized by Forbes, Fast Company, Newsweek, Great Place to Work, TIME, and more.

Visit us at https //jobs.mattel.com/ and www.instagram.com/MattelCareers .

Mattel is an Equal Opportunity Employer where we want you to bring your authentic self to work every day. We welcome all job seekers, and all applicants will receive consideration for employment.

Videos to watch
The Culture at Mattel
Corporate Philanthropy

Key skills/competency

• Cybersecurity Governance
• Audits and Compliance
• NIST CSF
• SOX ITGC
• CCPA/CPRA
• Security Controls
• Audit Evidence
• Risk Management
• Project Management
• Cross-functional Collaboration