Manager, Cloud Governance

Paul Hastings is a leading international law firm that provides innovative legal solutions to many of the world's top financial institutions and Fortune Global 500 companies. With a strong presence throughout the U.S., Asia, Europe, Latin America, and the Middle East, we have the global reach and extensive capabilities to provide personalized service wherever our clients’ needs take us. As one of the world’s leading law firms, we seek dynamic individuals who share our commitment to service, innovation, and professional growth.

We have an opening for a Manager, Cloud Governance.

The Manager, Cloud Governance plays an essential role in overseeing the firm’s data management practices, ensuring that data across the firm’s solutions is available, and secure. This position involves developing and implementing data standards and policies that support the organization’s objectives, while also facilitating effective data sharing and protection. By coordinating with various departments, the Manager, Cloud Governance ensures that data protection practices align with regulatory requirements and business strategies, ultimately enhancing the security processes and operational efficiency of the firm’s data.

In this capacity, the Manager, Cloud Governance will:

• Develop and implement a data governance framework: As a Manager, Cloud Governance, you will be responsible for creating and implementing a data governance framework that outlines the policies, procedures, and standards for managing the organization’s data assets from intake to disposal, using data governance tools such as of Microsoft Purview Information Protection, Data Lifecycle Management and Data Loss Prevention , iManager Threat manager, Varonis etc.;
• Designing the implementation of data retention policies and supporting technical controls: You will review the supporting policies and procedures regarding data retention that define how long data should be kept and how it should be disposed of and designing the implementation of technical controls to enforce the relevant policies and procedures;
• Designing the implementation of data classification policies and supporting technical controls: You will review the supporting policies and procedures regarding data classification that define how data should be classified based on its sensitivity, criticality, and regulatory requirements and designing the implementation of technical controls to enforce the relevant policies and procedures;
• Review data security and privacy controls: You will be responsible for review data security and privacy controls on relevant solutions to ensure that the data governance technologies, policies and procedures protect the firms data from unauthorized access, use, or disclosure;
• Provide training on data governance best practices: You will provide training on data governance best practices to ensure that employees understand their roles and responsibilities in managing data.
  
  

The Manager, Cloud Governance will also be responsible for the following:

• Working with various business stakeholders to understand their data access and sharing requirements and influence the design of secure and compliant solutions;
• Partnering with Information Governance Team to ensure the directives of the Office of the General Counsel are executed;
• Designing the implementation of Microsoft Purview Information Protection, Data Lifecycle Management and Data Loss Prevention;
• Designing reporting and alerting capabilities in different solutions to support a robust data governance function;
• Providing data governance thought leadership for the O365 implementation and other cloud platforms;
• Working with Security Architecture team to develop data governance impactful secure design patterns; and
• Working with the Governance Risk and Compliance team to ensure that newly identified risks are properly entered into the risk register as needed and assist the GRC team with updates on technical risk mitigation plans.
  
  

Proficiencies:

• Strong project management skills and understanding of the technology and operational risks as related to technology solutions;
• Ability to develop and maintain a solid working relationships across the departments;
• High-level technical understanding of security applications, platforms and architectures;
• Advanced awareness of current information security standards and developments (CSF, NIST, ISO), as well as the emerging cyber threat landscape;
• Strong understanding of Cloud and data governance from a technology perspective;
• Excellent analytical and problem-solving skills, inquisitive nature and comfort challenging current practices; and
• Understanding of governance, risk and compliance (GRC) practices and technologies across governance, process and technical domains.
  
  

Qualifications:

• Bachelor degree in Information Security, Information Assurance, Computer Science, Information Systems preferred;
• At least 7 years of combined information technology, information security and risk management experience;
• CISA, CISM, GSEC, CISSP, CRISC or other security-related certification preferred;
• Advanced understanding of Microsoft Purview and other data governance tools and methodologies;
• Strong understanding of risk management concepts, frameworks, and methodologies;
• Strong understanding of information security concepts and technologies;
• Fundamental knowledge of the operation of law practices; and
• Advanced knowledge of MS Outlook, Word, Excel, Visio, and PowerPoint.
  
  

Employees will be provided with an excellent career opportunity in a collaborative environment, in addition to a generous total compensation package with the opportunity to earn bonuses based on individual contribution and firm profitability.

The salary wage range that we expect to pay for this position is a minimum of $123,000 and a maximum of $159,500 annually. The actual pay wage may vary based on experience or other relevant factors.

The actual salary offered will depend on a variety of factors, including without limitation, the qualifications of the individual applicant for the position, years of relevant experience, level of education attained, certifications or other professional licenses held, and if applicable, the location in which the applicant lives and/or from which they will be performing the job. This role is exempt meaning it is not overtime pay eligible.

Eligible employees can participate in the Firm’s comprehensive benefits program, which include the following:

• Medical, Dental, Vision, Life/AD&D, Long Term Care, and Short- and Long-Term Disability
• Flexible Spending Account and Health Savings Account
• Healthcare Concierge and Advocacy
• Lifestyle Spending Account
• Voluntary 401(k) Plan and Profit Sharing
• 10 Paid Holidays per year and a generous PTO Program
• Family Support including Paid Parental Leave, Fertility Benefits, Breast Milk Shipping, Back-up Child Care, Elder Care, and Tutoring
• Wellbeing programs (Employee Assistance Program, Relationship Support, Mental Health and Well-Being Events)
• Retirement Plan Consulting
• Anniversary Bonus Program
• Professional Development Programs
• Transportation and Commuter Benefits
• International Travel Insurance
• Auto/Home/Pet Insurance
• Prepaid Legal Insurance
• Employee Discounts
• And More!
  
  

The Firm has a range of inclusion initiatives including our Paul Hastings Affinity Networks (PHANs), Women’s Initiative, and PH Balanced. These initiatives, which are voluntary and open to all, provide a firmwide forum to share experiences, as well as an opportunity to participate in a supportive network with common interests.

Paul Hastings is an equal opportunity employer.