Data Governance & Security Specialist

Role : Data Governance & Security Specialist

They are open to candidates being local to any of their US offices, including Atlanta, Boston, LA, Chicago, Dallas, Houston, NYC, Orange County, Palo Alto, San Diego, SF, and Washington DC (strong preference for highlighted ones). This is remote, but it can change, so candidates must be in reasonable commuting distance.


Role Overview


We are looking for an experienced Data Governance & Security Specialist to take ownership of data lifecycle management, regulatory compliance, and secure collaboration across the firm. This role blends governance strategy with hands-on technical leadership, ensuring information assets are well-protected, properly classified, and responsibly used across cloud and on-premise environments.

Core Responsibilities

• Governance Framework : Establish and maintain firm-wide standards, processes, and policies for managing data from creation to disposal, utilizing tools such as Microsoft Purview, Data Lifecycle Management, Data Loss Prevention, iManage Threat Manager, and Varonis.
• Data Classification & Retention : Define retention schedules and classification rules, deploying technical controls that align with both regulatory requirements and business needs.
• Privacy & Security Oversight : Evaluate safeguards across platforms to prevent unauthorized access, misuse, or disclosure of sensitive information.
• Awareness & Training : Educate and guide employees on responsibilities for safeguarding firm data, reinforcing governance best practices.
• Cross-Functional Collaboration : Work with legal teams, business units, and IT to design secure and compliant data-sharing models.
• Alignment with Risk & Compliance : Partner with Information Governance, General Counsel, Security Architecture, and GRC teams to ensure governance strategies align with compliance objectives, risk tracking, and firm directives.
• Cloud Governance Leadership : Drive secure design patterns, reporting, and alerting strategies across Microsoft 365 and other enterprise cloud environments.

Skills & Competencies

• Proven ability to manage projects and mitigate risks tied to technology initiatives.
• Deep technical knowledge of security technologies, cloud platforms, and governance models.
• Familiarity with industry standards and frameworks such as NIST, CSF, and ISO.
• Strong grasp of the current and emerging cyber threat environment.
• Expertise in governance, risk, and compliance (GRC) programs.
• Strong problem-solving, analytical, and stakeholder engagement skills.

Qualifications

• Bachelor's degree in Computer Science, Information Security, Information Systems, or related discipline (preferred).
• 7+ years of combined experience in IT, cybersecurity, and risk management.
• Certifications such as CISA, CISM, CISSP, CRISC, or GSEC are strongly valued.
• Advanced hands-on experience with Microsoft Purview and related data governance tools.
• Understanding of risk management frameworks, enterprise security tools, and professional services environments.
• Skilled with Microsoft Office tools (Outlook, Excel, Word, PowerPoint, Visio).

Key Requirements (Highlighted)

• Project management and risk oversight in technical initiatives.
• Advanced knowledge of cloud platforms, governance tools, and security technologies.
• Experience with regulatory standards and frameworks (ISO, NIST, CSF).
• 7+ years of IT/security/risk management background.
• Relevant certifications (CISA, CISM, GSEC, CISSP, CRISC).
• Hands-on Microsoft Purview expertise.
• Knowledge of law firm operations or professional services environment.

Role Details

• Job Type : Full-time
• Level : Mid-Senior
• Experience : 7-10 years
• Education : Bachelor's degree minimum
• Travel : Not required
• Management : Not a people management role
• Visa Sponsorship : Not available
• Security Clearance : Not required

Compensation & Benefits

• Bonus Eligibility : Yes
• Commission : No
• Overtime Pay : Not applicable
• Benefits : Comprehensive package provided
• Relocation Assistance : Not offered
• Interview Travel : Not reimbursed