Job Type: Full Time

Job Category: IT

Job Description

Role - Data Governance & Security Specialist 

Location – Remote
FTE Only

Role Overview

We are looking for an experienced Data Governance & Security Specialist to take ownership of data lifecycle management, regulatory compliance, and secure collaboration across the firm. This role blends governance strategy with hands-on technical leadership, ensuring information assets are well-protected, properly classified, and responsibly used across cloud and on-premise environments.

Core Responsibilities

• Governance Framework: Establish and maintain firm-wide standards, processes, and policies for managing data from creation to disposal, utilizing tools such as Microsoft Purview, Data Lifecycle Management, Data Loss Prevention, iManage Threat Manager, and Varonis.
• Data Classification & Retention: Define retention schedules and classification rules, deploying technical controls that align with both regulatory requirements and business needs.
• Privacy & Security Oversight: Evaluate safeguards across platforms to prevent unauthorized access, misuse, or disclosure of sensitive information.
• Awareness & Training: Educate and guide employees on responsibilities for safeguarding firm data, reinforcing governance best practices.
• Cross-Functional Collaboration: Work with legal teams, business units, and IT to design secure and compliant data-sharing models.
• Alignment with Risk & Compliance: Partner with Information Governance, General Counsel, Security Architecture, and GRC teams to ensure governance strategies align with compliance objectives, risk tracking, and firm directives.
• Cloud Governance Leadership: Drive secure design patterns, reporting, and alerting strategies across Microsoft 365 and other enterprise cloud environments.

Skills & Competencies

• Proven ability to manage projects and mitigate risks tied to technology initiatives.
• Deep technical knowledge of security technologies, cloud platforms, and governance models.
• Familiarity with industry standards and frameworks such as NIST, CSF, and ISO.
• Strong grasp of the current and emerging cyber threat environment.
• Expertise in governance, risk, and compliance (GRC) programs.
• Strong problem-solving, analytical, and stakeholder engagement skills.

Qualifications

• Bachelor’s degree in Computer Science, Information Security, Information Systems, or related discipline (preferred).
• 7+ years of combined experience in IT, cybersecurity, and risk management.
• Certifications such as CISA, CISM, CISSP, CRISC, or GSEC are strongly valued.
• Advanced hands-on experience with Microsoft Purview and related data governance tools.
• Understanding of risk management frameworks, enterprise security tools, and professional services environments.
• Skilled with Microsoft Office tools (Outlook, Excel, Word, PowerPoint, Visio).

Key Requirements (Highlighted)

• Project management and risk oversight in technical initiatives.
• Advanced knowledge of cloud platforms, governance tools, and security technologies.
• Experience with regulatory standards and frameworks (ISO, NIST, CSF).
• 7+ years of IT/security/risk management background.
• Relevant certifications (CISA, CISM, GSEC, CISSP, CRISC).
• Hands-on Microsoft Purview expertise.
• Knowledge of law firm operations or professional services environment.

Required Skills