IT Data Privacy Analyst |

Full Time
United States
Posted 2 months ago

Company Description

CREATIVITY IS OUR SUPERPOWER. It’s our heritage and it’s also our future. Because we don’t just make toys. We create innovative products and experiences that inspire, entertain and develop children through play. Mattel is at its best when every member of our team feels respected, included, and heard—when everyone can show up as themselves and do their best work every day. We value and share an infinite range of ideas and voices that evolve and broaden our perspectives with a reach that extends into all our brands, partners, and suppliers.

Job Description

The Opportunity: 

Open to remote

Reporting to Director, Data Privacy within Mattel’s Global Technology Office – Information Security group, this role will serve as the Sr. Privacy Analyst  for the GTO Privacy Office, and thus requires extensive understanding and interest in data privacy & protection, IT security, and the technical knowledge of systems and analytical understanding of data and data flows to ensure its protection.

Modern privacy laws and regulations require IT systems, networks, and applications to implement privacy by design and by default.  This role will partner with security architects, system and network engineers, application and database administrators, project managers, and business stakeholders to build data protection and information security measures into new and existing data processing environments to meet these obligations.

What Your Impact Will Be: 

  • Conducts extensive assessments of all projects & new vendors onboarded for privacy compliance and data protection measures, identifying gaps/risks and providing remediation guidelines
  • Reviews existing projects/processing activities and vendors to ensure continued privacy compliance and surety of previously implemented data protection measures, identifying gaps/risks and providing remediation guidelines
  • Leads an information audit (data inventory) to identify the personal data held by the company and its locations, and designs and implements the processes and procedures to keep the inventory and personal data architecture current
  • Documents business processes involving personal data through data flow analysis, identifies areas of risk, and creates improvement plans
  • Leads the design, development, and implementation of a Data Protection Impact Assessment (DPIA) process, with a focus on the portion of the process that identifies technological measures to address risks to the rights and freedoms of data subjects, including safeguards, security measures, and mechanisms to ensure the protection of personal data.
  • Provides subject matter expertise and guidance to software architects, system and network engineers, application and database administrators, project managers, and business stakeholders about the privacy requirements of current and new laws and regulations, and its impact to the company’s technology stack and environment
  • Develops and keeps up to date internal data handling guidelines and external data privacy standards, and helps contribute to the development & update of Corporate Policies involving data privacy and protection
  • Contributes to the development and delivery of initial and ongoing training on technology-related privacy topics to IT personnel.
  • Participates in the investigation of and response to privacy complaints and privacy related incidents.
  • Maintains current knowledge of applicable state, federal, and international privacy and data protection laws and regulations.
  • Collaborates with the Director, Data Privacy to design, build, and implement all aspects of the privacy and protection risk management system, including privacy questionnaire development, risk framework/risk scoring, and KPIs for program effectiveness


What We’re Looking For: 

  • Bachelor’s degree preferred or equivalent experience
  • 5+ years of Data Privacy experience
  • Privacy & Privacy technology or equivalent Security certifications, including but not limited to IAPP CIPP/US or CIPP/EU, CIPT, or CompTIA Security+
  • Prior employment in a privacy- or information security-related role with experience in risk assessment, control selection, and control implementation.
  • Working knowledge of data protection laws and practices (including GDPR, CCPA) that aligns with data processing operations and level of data protection required for the personal data processed by data controllers and data processors.
  • Possesses knowledge of information technology (IT) systems and applications, and an understanding of how data, particularly PII, flows from system to system
  • Strong Microsoft Visio, LucidChart or equivalent diagramming software. Will need to document and maintain data flows and personal data architecture
  • Extremely strong Microsoft Excel skills. Will need to inventory data and classify data types for protection and retention purposes.
  • Proficiency in other Microsoft Office365 applications—Teams, SharePoint, OneDrive, OneNote, Visio is essential for communication and project tasks
  • Team motivated, and extremely responsive to on-the-fly demands, but with the ability to operate autonomously when needed
  • Self-directed and detail-oriented, with excellent problem-solving skills and a record of solving complex problems.
  •  Ability to see a project through from start to finish, including analysis, design, planning, testing, and implementation.
  • Good written and oral communication skills, including the ability to explain complex technical issues to non-technical individuals.
  • Exhibits diplomatic skills than can foster collaborative relationships across Mattel in order to deliver results
  • High ethical standards, operating with integrity and professionalism
  • Availability and willingness to work hours as needed to meet critical deadlines & strong commitment to client service excellence and teamwork


  • Additional, operations-based Privacy certifications, including IAPP CIPM or equivalent
  • Working knowledge of COPPA, and the specific area of children’s privacy
  • Working knowledge of cookies, pixels, and other tracking technology, and an understanding of how to ensure they abide by appropriate privacy regulations
  • Strong technical understanding of encryption, pseudonymization, anonymization, and tokenization algorithms, technologies, and methods.
  • Excellent documentation skills and the willingness to use them.
  • Knowledge of cloud platforms (Amazon AWS, Microsoft Azure) and the capabilities of their specific products and services.

Additional Information

Don’t meet every single requirement? At Mattel we are dedicated to building a diverse and inclusive workplace, so if you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right candidate for this or other roles.

What It’s Like to Work Here:

We are a purpose driven company aiming to empower the next generation to explore the wonder of childhood and reach their full potential. We live up to our purpose employing the following behaviors:

  • We collaborate: Being a part of Mattel means being part of one team with shared values and common goals. Every person counts and working closely together always brings better results. Partnership is our process and our collective capabilities is our superpower.
  • We innovate: At Mattel we always aim to find new and better ways to create innovative products and experiences. No matter where you work in the organization, you can always make a difference and have real impact. We welcome new ideas and value new initiatives that challenge conventional thinking.
  • We execute: We are a performance driven company. We strive for excellence and are focused on pursuing best in class outcomes. We believe in accountability and ownership and know that our people are at their best when they are empowered to create and deliver results.

Our Approach to Hybrid Work

We embrace a hybrid work model to empower a culture of growth, optimism, and wellbeing, where everyone can deliver on our shared purpose and realize their full potential. Combining purposeful in-person collaboration with tech-enabled hybrid work, our focus is to provide flexibility while enabling collaboration for moments that matter.

Who We Are:

Mattel is a leading global toy company and owner of one of the strongest catalogs of children’s and family entertainment franchises in the world. We create innovative products and experiences that inspire, entertain and develop children through play. We engage consumers through our portfolio of iconic brands, including Barbie, Hot Wheels, Fisher-Price, American Girl, Thomas & Friends, UNO and MEGA, as well as other popular intellectual properties that we own or license in partnership with global entertainment companies. Our offerings include film and television content, gaming, music and live events. We operate in 35 locations and our products are available in more than 150 countries in collaboration with the world’s leading retail and ecommerce companies. Since its founding in 1945, Mattel is proud to be a trusted partner in empowering children to explore the wonder of childhood and reach their full potential.

Mattel is recognized for the second year in a row as a Great Place to Work™ and as one of Fast Company’s Best Workplaces for Innovators in 2022.

Visit us at and

Mattel is an Affirmative Action/Equal Opportunity Employer where we want you to bring your authentic self to work every day. We welcome all job seekers including minorities, females, veterans, individuals with disabilities, and those of all sexual orientations and gender identities.

Source link

Job Features

Job Category

Remote Database Jobs

Apply Online