Provide global leadership and oversight to the business continuity function, activities and performance for the Security team, establishing strong working relationships with business leaders and locations. Works closely with the business, the Security incident response team and the Infrastructure & operations disaster recovery team to oversee and manage the processes and procedures to design, implement and maintain an effective Business Continuity (BC) program within Mattel. Ensures Mattel is prepared to respond and recover from man-made or natural disasters.
- Facilitate & drive SOX/SOC1 audit engagement, data/artifact collection, exception remediation and monitoring. (LARISSA DID THIS)
- Work with the PCI Compliance Manager on audit engagement, data/artifact collection, exception remediation and monitoring. (LARISSA DID THIS)
- Collaborate with different departments in the analysis, response, and document packages of RFPs and security questionnaires as required by clients of Mattel business units.
- Assess and monitor security processes and controls to assure compliance with applicable security frameworks, regulatory, and client requirements.
- Key contributor to the design, implementation, and optimization the GRC application or solutions.
- Contributes to maintenance and update of library of information security control standards and procedures based on Information Security policies and procedures and industry best practices.
- Maintain awareness of changes or updates on security control frameworks, compliance laws and statute and identify the impact to the business and its security posture.
- Compiles management reports, summary analysis, and detailed presentations to describe risk, controls, and maturity assessments.
- Conduct or participate in the cross training sessions with the Security & Privacy team in the management and configuration of security tools and technical controls.
- Troubleshooting and resolving security related GRC and technical issues effectively and efficiently.
- Prioritizing, evaluating, resolving and escalating calls or tasks as required.
- Providing appropriately detailed and timely follow-up support with customers (internal and external)
- Providing updates, status, and completion information to the CISO through voice mail, e-mail, or in-person communication.
- Serves as the primary point of contact for all Mattel business continuity coordinators within all Mattel divisions
- Responsible for developing the corporate Business Continuity (BC) program, to include short and long-term objectives
- Ensures Business Impact Analysis (BIA) are conducted for all Mattel departments by guiding each division’s risk and business impact analyses
- Implements departmental policies and procedures to facilitate an effective Business Continuity program
- Ensures and assists Mattel departmental and airport coordinators in developing their individual Business Continuity Plans (BCP)
- Develops pandemic, natural and manmade disaster emergency response plans in conjunction with Mattel’s Global Technology Organization.
- Develops and facilitates Mattel training methodology to the plan owners within all Mattel divisions
- Coordinates with local and national CDC offices as necessary to ensure Mattel is prepared to respond to public health issues affecting employees and Mattel affiliates.
- Acts in coordination with Director of global security to lead activities when EOC activated for exercises or actual event
- Coordination and liaison with government and local disaster emergency management groups (FEMA, HEMA, ARC, etc.)
- Works collaboratively with stakeholder disaster recovery teams and emergency response Teams to ensure business resumption strategies, goals and initiatives are aligned
- Develops business continuity resources and checklists to be used at Mattel locations and incorporated into their accident/incident emergency response plan
- Develops processes and checklists for business continuity
- Ensure departmental budget proposals allocate adequately for business continuity
- Meets regularly with departmental business continuity coordinators
Qualification & Experience:
- College Degree in Computer Science or related field with minimum of 2 years in IT security, risk management, compliance, and audit.
- 5+ years experience of GRC implementation, processes, and practices including IT audit advisory experience working at a public accounting/consulting firm or within a public company’s IT compliance or information security divisions.
- Experience working with and implementing GRC tools and processes.
- Experience building and developing successful risk management programs.
- Extensive knowledge and experience in security and compliance frameworks such as NIST, ISO, SOX, GDPR, COPPA, CCPA
- Experience leading regulatory compliance, such as SOX, GxP.
- Experience in facilitating and performing third-party vendor risk assessments with the ability to provide guidance on secure design and operation.
- Advanced understanding of information security concepts including- cloud security and compliance, encryption, access controls, intrusion detection and prevention, disaster recovery, network security, security operations, security architect.
- Experience working in a global enterprise environment.
- Nice to have- a CBCP (Certificate Business Continuity Planning) or CFCP (Certified Functional Continuity Professional)
- Nice to have- work experience in emergency response services, disaster planning/management highly desirable
Vacancy Type: Full Time
Job Location: El Segundo, CA, US
Application Deadline: N/A