Senior Manager: Information Governance Compliance

Overview

Mayer Brown is an international law firm positioned to represent the world's major corporations, funds, and financial institutions in their most important and complex transactions and disputes. We are recognized by our clients as strategic partners with deep commercial instincts and a commitment to creatively anticipating their needs and delivering excellence in everything we do.

We are a collegial, collaborative firm where highly motivated individuals with an unwavering commitment to excellence receive the opportunity, support, and development they need to grow, thrive, and realize their greatest potential all while supporting the Firm's client service principles of excellence, strategic partnership, commercial instinct, integrated strengths, innovation, and collaboration across our international firm.

If you enjoy working with team members whose defining characteristics are exceptional client service, initiative, professionalism, responsiveness, and adaptability, you may be the person we are seeking to join our Information Governance department in our New York, Chicago, or Washington, D.C. office, as an Senior Manager: Information Governance Compliance.

The Senior Manager: Information Governance Compliance is responsible for ensuring the firm's Information Governance (IG) policies are operationalized, monitored, and enforced in a consistent, measurable, and defensible manner. This includes alignment with applicable regulatory requirements, data protection laws, and professional ethics obligations related to the handling of firm and client information. This role will lead the development of compliance frameworks, controls, and reporting across key IG domains, including data retention, legal holds, client requirements, access controls, and AI governance.


Reporting to the Director: Global Information Governance, the Senior Manager will be responsible for identifying and remediating gaps in compliance through ongoing assessment and continuous improvement initiatives. The position serves as a central point of coordination across IG, Legal Risk Management (LRM), Information Technology (IT), and business stakeholders to translate policy into practice and strengthen the firm's overall risk and compliance posture. This role is empowered to escalate compliance concerns to senior leadership and to recommend corrective action to ensure the firm's policies are consistently upheld.

Responsibilities

Essential Functions:

Policy Operationalization & Control Frameworks

• Translate IG policies (e.g., retention, data classification, legal holds, AI governance) into clear, actionable procedures and workflows
• Define and document compliance standards, controls, and decision frameworks
• Partner with IT to align policy requirements with system capabilities (e.g., Microsoft Purview, iManage)
• Identify and remediate gaps between policy requirements and current-state practices

Compliance Monitoring & Assurance

• Design and implement ongoing monitoring processes to assess adherence to IG policies
• Develop and maintain dashboards and reporting to provide visibility into compliance across systems and user groups
• Conduct periodic control testing and compliance reviews
• Identify trends, risks, and areas of non-compliance and drive remediation efforts

Legal Holds Governance & Oversight

• Establish and maintain the governance framework for legal holds, including roles, responsibilities, and workflows
• Partner with LRM to ensure legal holds are consistently implemented and managed across systems
• Monitor compliance with legal hold requirements, including timely application and release
• Support audit readiness and defensibility related to legal hold processes

Client Requirements & Outside Counsel Guidelines (OCGs) Compliance

• Develop and manage a structured approach to reviewing and operationalizing client OCGs
• Translate client-specific requirements (e.g., retention, notification, destruction, AI usage, data handling) into enforceable policies and workflows
• Define and oversee processes for client notification requirements related to data destruction, where applicable
• Maintain visibility into client-driven restrictions and ensure alignment across IG processes

AI & Data Governance Compliance

• Support the development and operationalization of the Firm's AI governance framework, including policies, controls, and oversight mechanisms
• Define and implement guidance for appropriate data use within AI tools, aligned with client requirements and firm policy
• Partner with stakeholders to align data classification, labeling, and access controls with AI governance requirements
• Establish monitoring and reporting to assess adherence to AI-related policies and identify emerging risks

Access Controls & Entitlement Reviews

• Establish frameworks for periodic access and entitlement reviews across key systems and repositories
• Ensure alignment between access controls, data classification, and client restrictions
• Oversee execution of access reviews in partnership with IT and Information Security
• Monitor and report on access-related risks and compliance gaps

Training & Awareness

• Develop and implement a targeted, compliance-focused training program aligned to key risk areas
• Create role-based guidance for lawyers and business services professionals
• Support training initiatives related to retention, data handling, AI usage, and client requirements
• Measure effectiveness of training and adjust approach based on observed behaviors and risk

Governance, Reporting & Metrics

• Define and track key performance indicators (KPIs) for IG compliance
• Deliver concise, risk-based reporting to senior leadership
• Support governance forums and stakeholder discussions with structured insights and recommendations
• Establish and manage processes for policy exceptions, including documentation and risk assessment

General Duties

• Perform other duties as assigned or required to meet firm goals and objectives

Qualifications

Education/Training/Certifications:

• Bachelor's degree in a related field required
• 8+ years of experience required in IG, Risk, Compliance, or a related field
• Relevant certifications preferred, such as IGP (Information Governance Professional), CIP (Certified Information Professional), CIPP (Certified Information Privacy Professional), or CRISC (Certified in Risk and Information Systems Controls)

Professional Experience:

• Experience within a law firm, legal department, or professional services environment strongly preferred
• Demonstrated experience implementing and monitoring compliance programs
• Strong understanding of data privacy, regulatory requirements, and client confidentiality obligations
• Experience supporting audits, regulatory inquiries, or client compliance reviews
• Ability to translate policy into practical, operational workflows
• Experience managing or supporting legal hold programs, including governance frameworks and defensibility requirements
• Experience developing or supporting AI governance frameworks, polices, or controls preferred
• Demonstrated ability to lead cross-functional initiatives and influence stakeholders without direct reporting authority
• Experience interpreting and operationalizing client requirements or OCGs preferred
• Experience developing compliance metrics, dashboards, or executive-level reporting

Technical Skills:

• Proficiency in Microsoft Office and M365 applications including Teams, Copilot, SharePoint, and OneDrive
• Familiarity with IG related technologies (e.g., Microsoft Purview, iManage, Intapp, LegalKEY, iCompli) and other enterprise data platforms
• Familiarity with data analytics or reporting tools (e.g., Power BI or similar platforms) preferred

Performance Traits:

• Ability to influence stakeholders across functions without direct authority, building consensus and driving accountability through collaboration
• Sound judgment and the ability to navigate ambiguity, particularly in emerging areas such as AI governance
• Strong strategic thinking, analytical, and problem-solving skills, with the ability to connect operational details to broader risk and compliance objectives
• Executive-level communication and reporting capability, including the ability to distill complex compliance topics into clear, actionable insights for senior leadership
• Takes initiative and operates independently, proactively identifying risks, gaps, and opportunities for improvement
• Anticipates stakeholder needs and exercises independent judgment to deliver solutions aligned with firm and client expectations
• Strong written and verbal communication skills, with the ability to communicate effectively and professionally across all levels of the Firm
• Maintains strict confidentiality and exercises discretion in handling sensitive firm and client information
• Strong attention to detail, organizational skills, and the ability to manage multiple priorities and workstreams simultaneously
• Ability to work under pressure and meet deadlines in an environment with shifting priorities

Management Accountabilities:

• Manages processes for direct reports in regards to performance appraisals, annual compensation, goal setting and performance counselling
• Demonstrated leadership and supervisory experience
• Operational budget analysis and recommendations
• Conducts analysis of staffing levels and participation in the recruitment process
• Able to determine and implement change processes to improve workflow efficiencies
• Process and service-oriented with strong leadership and project management skills
• Able to set priorities and delegate in an efficient manner

Physical Requirements:

• May require travel to other offices as needed

The typical pay scale for this position in New York is between $188,000 and $249,000, in Chicago between $171,000 and $227,000, and in Washington, D.C. between $184,00 and $243,000, although the actual wage or salary could be lower or higher if the candidate's education, experience, skills and internal pay alignment are different from those specified.


This description is not exhaustive, and the Firm may modify it at any time at its sole discretion; nothing herein creates an employment contract or alters the at-will nature of employment.

We offer competitive compensation and comprehensive benefits, including medical/dental/vision/life/and AD&D insurance, 401(k) savings plan, back-up childcare and eldercare, generous paid time off (PTO), as well as opportunities for professional development and growth.

We are committed to providing equal opportunity and reasonable accommodations to applicants and employees with disabilities and disabled veterans. To request an accommodation related to the application process or interview, please email View email address on click.appcast.io. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.

Mayer Brown works with select external search firms that have been vetted against our standards. Firms without a contract or agreement with Mayer Brown are not authorized to represent that they are working with the Firm, nor are they entitled to placement fees. Mayer Brown does not accept unsolicited CVs from external recruiters. Submission of an unsolicited CV to Mayer Brown or any of its Partners or employees will not establish any right of priority for the submitting agency.

#LI-HYBRID #LI-PT1