CREATIVITY IS OUR SUPERPOWER. It’s our heritage and it’s also our future. Because we don’t just make toys. We create innovative products and experiences that inspire fans, entertain audiences and develop children through play. Mattel is at its best when every member of our team feels respected, included, and heard—when everyone can show up as themselves and do their best work every day. We value and share an infinite range of ideas and voices that evolve and broaden our perspectives with a reach that extends into all our brands, partners, and suppliers.
Security Assessments is responsible for leading and delivering day-to-day security assessment and architecture review activities across applications, cloud platforms, infrastructure, and third-party integrations. This role combines hands-on technical execution with technical leadership, ensuring security risks are consistently identified, assessed, prioritized, and addressed in alignment with business objectives and regulatory requirements.
The Security Architect provides technical leadership and guidance while partnering closely with Security Operations, Cloud, Engineering, Product, and Vendor Management teams to drive remediation accountability and secure-by-design outcomes. Operating within a global delivery model, this role serves as a key execution and escalation point to ensure consistency, scalability, and resilience of Mattel’s security assessment and architecture program.
In addition to operational ownership, this role contributes to security architecture strategy, standards development, automation, and metrics to ensure assessment capability evolves alongside emerging threats, technologies, and compliance expectations.
Roles and Responsibilities
Provide direct technical leadership and day-to-day oversight of security assessment and architecture review activities.
Own and manage security assessments across applications, cloud platforms, infrastructure, SaaS/PaaS solutions, and third-party vendors.
Serve as a key execution partner and escalation point for security assessment initiatives, ensuring alignment with enterprise security strategy and priorities.
Perform and oversee security risk analyses, threat modeling, and architecture reviews for new and existing solutions.
Translate assessment findings into actionable risk intelligence and remediation recommendations aligned to business impact.
Partner with engineering, cloud, product, and vendor teams to communicate findings, recommend controls, and influence risk reduction decisions.
Support vendor security due diligence activities, including questionnaires, evidence reviews, risk scoring, and remediation tracking.
Evaluate security considerations for solutions leveraging automation, AI-enabled capabilities, and emerging technologies.
Develop, maintain, and continuously improve security standards, patterns, reference architectures, runbooks, and assessment playbooks.
Leverage security tooling and automation to improve assessment consistency, efficiency, and scalability.
Interpret vulnerability and configuration findings and advise on remediation and compensating controls.
Define, track, and report security assessment metrics (KPIs and KRIs) to communicate risk posture and trends.
Monitor emerging threats, regulatory changes, and technology trends, incorporating lessons learned into improved controls and practices.
Mentor and guide junior architects and analysts, strengthening technical depth and assessment maturity.
Provide advanced escalation support for complex security risks and architectural challenges.
Work hours may vary, and the position requires regular overlap with U.S.-based teams.
Additional duties may be assigned as necessary to meet the ongoing needs of the organization.
Skills and Qualifications
Required:
9+ years of experience in information security, security architecture, or security engineering roles.
Proven experience acting as a technical lead or senior individual contributor within security assessment or architecture functions.
Strong understanding of security architecture principles across applications, infrastructure, cloud, and integrations.
Hands-on experience conducting application, cloud, and third-party/vendor security assessments.
Deep knowledge of cloud security concepts including IAM, networking, encryption, containers, serverless, and data protection.
Experience with secure SDLC practices, CI/CD pipelines, application security testing, OWASP and code management.
Familiarity with security and compliance frameworks such as NIST, PCI, and industry best practices.
Working knowledge of network security, web application security, and modern authentication technologies.
Experience using industry-standard security scanning and assessment tools.
Ability to contextualize technical findings into business risk and remediation guidance.
Strong analytical, leadership, and stakeholder communication skills.
Preferred:
Bachelor’s degree in computer science, Cybersecurity, Engineering, or equivalent experience.
Experience with formal vendor risk management programs or assessment platforms.
Basic scripting or automation experience (e.g., Python) to support assessment workflows.
Experience working with globally distributed teams.
Security certifications such as CISSP, CCSP, or CISM.
Shift Timing:
Work hours may vary, and the position may require availability during off-business hours as dictated by project needs, system changes, or security events.
What We’re Looking For:
Don’t meet every single requirement? At Mattel, we are dedicated to an inclusive workplace and a culture of belonging. If you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we still encourage you to apply. You may be just the right candidate for this or other roles.
How We Work:
We are a purpose driven company aiming to empower generations to explore the wonder of childhood and reach their full potential. We live up to our purpose employing the following behaviors:
Our Approach to Flexible Work:
We embrace a flexible work model designed to empower a culture of growth, optimism, and wellbeing, where every employee can reach their full potential. Combining purposeful in-person collaboration with flexibility, our focus is to optimize performance and drive connection for moments that matter.
Who We Are:
Mattel is a leading global toy and family entertainment company and owner of one of the most iconic brand portfolios in the world. We engage consumers and fans through our franchise brands, including Barbie, Hot Wheels, Fisher-Price, American Girl, Thomas & Friends, UNO, Masters of the Universe, Matchbox, Monster High, MEGA and Polly Pocket, as well as other popular properties that we own or license in partnership with global entertainment companies. Our offerings include toys, content, consumer products, digital and live experiences. Our products are sold in collaboration with the world’s leading retail and ecommerce companies. Since its founding in 1945, Mattel is proud to be a trusted partner in empowering generations to explore the wonder of childhood and reach their full potential.
Mattel’s award-winning workplace culture has been recognized by Forbes, Fast Company, Newsweek, Great Place to Work, TIME, and more.
Visit us at https://jobs.mattel.com/ and www.instagram.com/MattelCareers.
Mattel is an Equal Opportunity Employer where we want you to bring your authentic self to work every day. We welcome all job seekers, and all applicants will receive consideration for employment.
Videos to watch:
The Culture at Mattel
Corporate Philanthropy
