Information Governance & Privacy Compliance Attorney

About The Position

Requirements

• J.D., licensed to practice in New York, D.C., Connecticut, or California.
• 5+ years’ experience preferred, advising on security, privacy, and data governance.
• Significant experience in information governance, privacy compliance, security advising, records management, risk management, or related functions.
• Experience working in a law firm, corporate legal department, professional services firm, or similar environment.
• Experience advising on the security of various AI and emerging technologies.
• Demonstrated ability to develop policies, procedures, workflows, and training materials.
• Ability to work cross-functionally with legal, IT, security, litigation support, and senior leadership teams.
• Strong judgment, discretion, and ability to handle confidential and sensitive information.
• Excellent written and verbal communication skills.
• Strong project management skills, including the ability to manage competing priorities and drive cross-functional initiatives to completion.
• Experience with privacy laws, client data security requirements, outside counsel guidelines, legal hold platforms, document management systems, and records retention systems.
• Familiarity with data governance considerations related to cloud platforms, collaboration tools, document management systems, AI tools, and third-party vendor platforms.

Nice To Haves

• Law firm experience is strongly preferred.
• CIPP/US or comparable privacy certification strongly preferred.
• CIPM, IGP, CRM, CRA, or related information governance, privacy, records management, or compliance certification a plus.

Responsibilities

• Lead the development and oversight of the Firm’s information governance framework, and ensure access, retention, preservation, privacy, and disposition requirements are operationally feasible and consistently implemented.
• Draft and implement policies and procedures related to information governance, security, privacy and data handling throughout the firm, and organize and conduct trainings to ensure understanding of and compliance with policies.
• Partner with IT, Security, Litigation Support, Innovation, and other stakeholders to ensure the Firm maintains the highest standards of professional responsibility for the protection and management of confidential, privileged, personal, and sensitive information.
• Manage procedures for implementing client-specific data handling requests.
• Provide legal counsel to the Firm on privacy, security, and data transfer regulations, in the U.S. and internationally.
• Participate in the review of and provide guidance on the data management and security considerations of new systems, cloud platforms, AI tools, vendors, and data workflows where privacy, confidentiality, security, or data governance obligations are implicated, helping enable responsible adoption of technology and business initiatives.
• Monitor and advise on evolving legal, regulatory, client, and industry best practices related to privacy, AI tools and related data workflows, and information governance, and help translate those requirements into practical operational guidance and training for Firm personnel.
• Assist with negotiation and completion of client security questionnaires, audits, outside counsel guidelines, and other governance-related client requirements.
• Support internal and vendor/third-party data risk review, audits, remediation tracking, and related compliance initiatives, with an emphasis on risk prioritization and practical implementation.
• Develop, implement, and maintain governance processes and centralized repositories for information governance, privacy, security, and related policies, procedures, standards, guidance, decisions, exceptions, and historical actions, ensuring such materials are appropriately documented, accessible, and maintained to support consistency, accountability, operational efficiency, and institutional knowledge.

Benefits

• Competitive starting pay and annual discretionary bonus and raise eligibility
• Generous paid time off benefits (vacation, personal days, holidays, and sick leave)
• Firm paid short and long-term disability, plus life and accident insurance
• 401(k) Profit Sharing Plan and Cash Balance Retirement Plan with generous employer contributions (please ask for further details re: eligibility requirements)
• Comprehensive medical, dental, and vision insurance options
• Flexible spending and health savings accounts (medical plan dependent)
• Firm paid comprehensive Employee Assistance Program (EAP)
• Student loan refinancing discounts
• Fitness/Gym dues reimbursement program
• Hybrid remote work schedules are available for most employees (per current policy, in-office presence is required at least 3-days per week and fully remote roles are not available)