Governance, Risk, and Compliance Engineer
About The Position
Baker Botts L.L.P. is seeking a highly skilled Governance, Risk, and Compliance (GRC) Engineer with expertise in Microsoft Purview to provide technical leadership and subject-matter expertise for the firm’s data governance, security, and compliance initiatives. This role will be responsible for designing, implementing, and managing Microsoft Purview solutions and Microsoft 365 security services to ensure data governance, security, and compliance initiatives. This role serves as a trusted advisor to the Office of General Counsel, eDiscovery, IT, and Information Governance stakeholders to protect sensitive data, mitigate risks, and support legal hold and eDiscovery processes. This is a Firmwide, full-time, exempt, remote position resident in our Austin, Dallas, Houston, New York, or Washington DC office with excellent benefits.
Requirements
- Bachelor’s degree in Information Technology, Computer Science, Law, or a related field required.
- 5–8 years of experience managing and securing Microsoft 365 environments.
- Proven expertise with Microsoft Purview, Entra ID, Exchange Online, SharePoint Online, and Exchange On-Premises.
- Strong understanding of legal hold, privacy regulations, and compliance standards.
- Experience with Azure Information Protection and data-at-rest encryption (e.g., Thales HSMs).
- Proficiency in PowerShell for automation and management tasks.
- Familiarity with identity federation and business continuity planning.
Nice To Haves
- Microsoft 365 Certified: Fundamentals
- Microsoft 365 Certified: Administrator Expert
- Microsoft 365 Certified: Information Security Administrator Associate
- Certified Information Privacy Professional (CIPP)
- Certified Information Governance Professional (IGP)
Responsibilities
- Implement, configure, and maintain Microsoft Purview components including Data Map, Unified Catalog, Information Protection, and Compliance Manager.
- Design and execute legal hold strategies using Purview’s eDiscovery and retention capabilities.
- Develop and enforce data governance policies and procedures.
- Conduct regular audits and assessments of data practices and compliance posture.
- Generate reports and insights using Power BI and Purview dashboards.
- Implement information protection strategies to safeguard sensitive data across Microsoft 365 and Azure environments.
- Configure and enforce Data Loss Prevention (DLP) policies to prevent unauthorized data sharing and leakage.
- Establish and manage data retention policies to ensure regulatory adherence.
- Monitor and manage insider threats and respond to security alerts and incidents.
- Develop and implement data classification and labeling strategies.
- Continuously assess and improve the security posture of collaboration environments.
- Experience with IAM strategies for Microsoft 365 collaboration services.
- Familiarity with Entra ID (formerly Azure AD), including service principals, managed identities, and federation.
- Enforce access controls and identity governance policies.
- Collaborate with legal, IT, and governance teams to align security and compliance goals.
- Work with workload administrators and business application owners to implement necessary controls.
- Provide training and support to staff on data governance and security best practices.
- Maintain detailed documentation of security policies, procedures, and incident responses.
Benefits
- The firm offers a comprehensive benefits program designed to support and enhance the overall wellbeing of its employees and their families.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Number of Employees
501-1,000 employees
