Manager of IT Governance, Risk, and Compliance

At Hasbro, our mission is to entertain and connect generations of fans through the wonder of storytelling and exhilaration of play. We’re looking for adventurous and curious people who want to explore, experiment, and innovate to come up with the best ideas. Our culture has inspired our diverse team of highly skilled, highly creative, and highly committed individuals for 100 years and we believe the best is yet to come. 
 

Hasbro is seeking a highly motivated and experienced individual to join our Global Information Security team as the Manager of IT Governance, Risk and Compliance (IT GRC)! In this role, you will have the unique opportunity to collaborate with various teams, including Internal and External Audit, IT Partners, and the CISO Leadership team. This leader is responsible for leading our IT SOX and PCI Compliance program, managing internal and external compliance and audit engagements, and cultivating relationships with audit and assessment partners.

The Manager of IT GRC, will play a crucial role in ensuring the flawless execution of our Security Awareness and Training program. They will be responsible for developing and delivering engaging security awareness content, campaigns, and events. The Manager will also measure compliance with industry standards and frameworks such as NIST, CIS, ISO27001, and Cloud Security Alliance. This is a critical role in helping us as we grow our security operations footprint!

This is a hybrid role based in our Pawtucket, RI office and requires the ability to work onsite 3 days per week.

A day in the life of a Manager, IT Governance Risk & Compliance:

• Manage the IT SOX and PCI Compliance program, including scoping, testing, remediation, and reporting.
• Lead internal and external compliance and audit engagements, including PCI, GDPR, CCPA, HIPAA, and other regulatory or contractual requirements.
• Foster strong partnerships with internal and external audit or assessment partners, facilitating audit activities and ensuring effective coordination and communication.
• Lead the Security Awareness and Training program, developing and delivering compelling security awareness content, campaigns, and events.
• Oversee the internal policy and standards program, including the development, maintenance, and communication of security policies, guidelines, and procedures.
• Measure compliance with implementation and alignment to industry frameworks, conducting gap analysis, risk assessment, and remediation planning.
• Lead the metrics and reporting effort to support security governance efforts.

What you'll bring:

• Bachelor's degree in Computer Science, Information Systems, or related field, or equivalent work experience.
• Minimum of 5 years of management experience in IT GRC or a related field.
• Demonstrated ability in leading IT SOX and PCI compliance programs or similar.
• Strong knowledge of IT Governance, Risk, and Compliance frameworks, standards, and continuous improvement methodologies.
• Solid understanding of IT audit methodologies, processes, and tools.
• Effective interpersonal and presentation abilities.
• Strong analytical, problem-solving, and decision-making abilities.
• Demonstrated leadership, teamwork, and collaboration skills.
• Relevant industry certifications such as CISA, CISSP, CRISC, or similar.

Compensation Range, Currency USD:

• Starting Pay Range: $122,400
• Pay Range End: $203,200

At Hasbro, we are committed to equality of opportunity in all aspects of employment. We make all employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, marital status, or any other legally protected status. We believe that a diverse and inclusive workforce drives innovation and creativity, and we actively promote a work environment that embraces diversity and fosters collaboration.

Hasbro is committed to equality of opportunity in all aspects of employment. We are committed to making all employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, marital status, or any other legally protected status.