Job Details

Associate Director - IG/Data Protection (LAW FIRM)

Chicago, IL, United States
  • Employment Type: Direct Hire
Our client, a preeminent Am Law firm, is building out its internal data privacy and protection team adding an Associate Director - IG/Data Protection. The Associate Director (AD), Information Governance (Data Protection) develops plans, sets goals, provides direction, and leads Risk Management projects. The AD will have demonstrated expertise in advising, building and managing data protection programs and teams that protect both firm and client data by identifying risks and gaps in current procedures and developing solutions and best practices. A successful candidate will be a roll-up-your-sleeve doer passionate about building industry leading data privacy and protection programs. IAPP certifications are strongly preferred. Send resumes to [email protected].

ESSENTIAL FUNCTIONS:
  • Leads the creation and maintenance of policies, standards, processes guidelines, and support documentation relating to data protection and internal collections
  • Develops and implements plans, strategies, and policies that support, align with, and improve organization’s posture as it relates to data protection, internal collections, and other risk-related functions and services
  • Ensures appropriate treatment of risks, and compliance and quality assurance of work product and services
  • Communicates directly with the Office of the General Counsel and other partners; states areas of concern, addresses questions, and/or resolves outstanding issues with internal and external parties
  • Serves as an IG subject matter expert and advisor to the document management system (DMS) team (IT), litigation support team (IT), email management team (IT), and security governance team
  • Evaluates, implements, and monitors data protection controls
  • Represents organization to clients and vendors on an as-needed basis
  • Manages exception request processes related to data protections and manages records including but not limited to user and management requests and approvals, and business justifications for approved exceptions
  • Designs, produces, and delivers training material to educate attorneys and other personnel on their risk management responsibilities, particularly as they relate to data protection and internal collections
  • Provides leadership and direction on the use of DMS monitoring and Data Loss Prevention (DLP) technologies, and e-discovery technologies for internal collections
  • Reviews data protection escalations through various channels to assess policy violations
  • Advises project teams and proposes solutions for complex and/or technical information governance and/or information technology issues
  • Works with administrative staff and legal practitioners to document business requirements, and automate data protection and internal collections processes
  • Communicates the IG vision and IG guiding principles in a variety of forums (1:1, administrative meetings, practice group meetings, partner meetings, etc.)
  • Drafts, reviews and/or presents proposals, project plans, status reports, metrics, and other information in a format and style appropriate for the intended audience
  • Advises attorneys and staff on operational and compliance responsibilities relating to data protection and internal collections
  • Coaches and mentors IG and other personnel on the improvement of their knowledge and skills related to data protection and internal collections
  • Serves as primary lead on Risk Management policies and procedures relating to data protection and internal collections
  • Creates and maintains written documentation of all processes associated with data protection and internal collections
QUALIFICATIONS:
  • Candidates with an educational background from a wide variety of disciplines including information technology, legal, compliance, information management, and/or records management will be considered; an advanced degree in information management, computer science or law is desired; an undergraduate degree from an accredited four-year institution is required
  • Significant experience in a subject matter expert role relating to Data Protection, DLP/Insider Threat Information Security, and/or e-Discovery, preferably in a law firm or corporate legal setting
  • Significant successful experience in leading and facilitating and project teams, preferably in a risk management, information security, or e-discovery work environment
  • Preference will be given to candidates with law firm or corporate experience
  • Executive presence required for productive partner and client collaboration
  • Proven track record in leading high visibility, high impact change management initiatives
  • Demonstrated ability to deliver clear, concise, and factually accurate written and oral communications appropriate for the intended audience
  • Advanced knowledge and understanding of data loss analysis, especially identification of threat events and anomaly detection
  • In-depth understanding of methods used to gather information from users, including attorneys and senior management, analyze large volumes of unstructured data, establish metrics and report results to management reporting, and work collaboratively with internal and external subject-matter experts, clients, and vendors
  • Prior Document Management System (DMS) experience in the legal industry, with an emphasis on DMS matter workspace and document security preferred
  • Working knowledge of iManage ThreatManager, Relativity, Brainspace, and/or Capax Archive Solution (CAS) experience preferred
  • Proficiency in Microsoft applications, (e.g., Word, Excel, PowerPoint, Teams, Visio)
  • Advanced knowledge of risk management principles, practices, and technologies

#LI-JB-1

Interested in this job? Get in touch.

(Accepted file formats are PDF, DOC, DOCX, TXT, RTF, ODT. File size maximum is 2 MB.)