Job Description:

SummaryThe New York office of an elite Global Law Firm is looking to hire an experienced Information Governance Analyst to join the Electronic Information Governance Department. The Information Governance Analyst provides day to day services in support of Firm and client needs, assuring electronic information is secured and monitored, and IS compliance objectives are met. The Information Governance Analyst will report to the Electronic Information Governance Director and work closely with lawyers and business professionals throughout the firm.Find out more about this role by reading the information below, then apply to be considered.ResponsibilitiesProvide services relating to governance and assurance for handling of the Firm's electronic information, including:Review of client guidelines ("outside counsel guidelines") as they relate to information security and management, and coordinate with various teams to ensure compliance with requirementsReview and assessment of third parties with privileged access to Firm and client informationReview and assessment of new products/workflows from an information governance perspective, with associated recommendations to maximize security and compliance with Firm practicesResponding to information security assessments requested by clients, and support of client audits of Firm systemsSupport of the Firm's continued ISO 27001 and 27701 certification via collection of evidence, participation in relevant audits, and other supporting processesAssistance with Firm data privacy initiatives, including upkeep of Firm data maps, DPIA, data subject requests, etc.Assess handling of matter-specific information within the Firm, including:Periodic reviews of business units that administer logical access controlsPeriodic reviews of privileged access groupsReview and monitor sensitive data flows to ensure requirements are legitimateMonitoring and management of Firm data loss prevention ("DLP") technologies, with investigation as appropriateImplementation of legal holds and management of legal hold systems, processes, and dataCoordination of data collection from internal systems in support of internal groupsCoordination of data transfers for incoming and outgoing attorneysAssist with other information governance and compliance needs for the Firm and clients as neededRequirementsExpertise in the principles and best practices of information governance and assuranceExperience responding to internal and external client IT auditsExperience with M365 including Purview eDiscovery, Purview Information Protection, and associated best practicesBroad knowledge of compliance tools, processes and GRC field in generalExperience with writing policies and proceduresKnowledge of relevant laws and best practices relating to data privacy and information assuranceAble to handle multiple projects and priorities simultaneously with professionalism, client service orientation, attention to detail, and sense of urgencySuperior writing and verbal communication skillsSuperior analytical and problem-solving abilitiesAbility to independently apply aforementioned skills to issues and initiativesBachelor's degree requiredAt least 6 years direct experience working in information governance and experience in a mature, high-performing professional organizationInformation assurance, compliance, and M365 certifications preferred. Examples include CISA, CISSP, CISM, CGEIT, etc.Work RequirementsOn site during normal working hours (hybrid work environment)Availability when necessary outside of normal working hours as required to complete high priority work