Information Governance Analyst Compliance & Assurance
New York, NY
Compliance and Assurance, IG, GDPR, IT Audit, CISA, ISO, PAM, 3rd Party Risk, Vendor Management
Full Time, Full-Time / DH
120k – 140k Salary
Telecommuting not available Travel not required
Information Governance Analyst Compliance and Assurance Job Description
Please review requirements before applying:
- Direct employment, full-time, competitive base salary + performance bonus
- Midtown, NYC
- 4+ years of governance or compliance/assurance experience
- Bachelor’s Degree
- Financial Services domain experience highly preferred
- High attention to detail, proactive, strategic thinker
- Experience with data maps, data transfers, reviewing/monitoring data, etc.
- Experience with compliance laws, regulations, GDPR, etc.
Why is this role open?
- Expansion of the team; new headcount
- Information Governance Analyst – Compliance & Assurance
- The Information Governance Analyst provides day-to-day services in support of the Firm and client needs relating to assuring electronic information is secured and monitored.
- The electronic information governance team is responsible for assessing and monitoring groups and processes that administer access, transfer electronic information and review privileges in the environment.
- The key operational responsibilities focus around assuring secure processes are in place at the firm and critical third parties around electronic information management.
- Relevant processes include: reviews of client information storage and access management, privileged access reviews, legal hold management, inventorying data processes and workflows for Information Systems operations as it relates to compliance with client and regulatory requirements.
- Directly provide services relating to governance and assurance for handling of the Firm’s electronic information, including
- Assessing handling of matter-specific information within various areas of the firm
- Periodic reviews of business units that administer access management
- Periodic reviews of privileged access groups
- Periodic reviews and assessment of third parties with privileged access to firm and client information
- Ownership and upkeep of “data maps” i.e. workflows within the firm that handle personal information
- Review and monitor sensitive data flows to ensure requirements are legitimate
- Review Outside Client Guidelines as it relates to requirements for information security, information management and coordinate with various teams to ensure compliance
- Legal hold management; Responsible for implementation of legal holds and managing all related legal hold and archiving systems, processes and data.
- Management of attorney move data transfers.
- Assist in information governance and compliance needs for the firm and clients as needed.
- Bachelor’s degree required.
- At least 4 years direct experience working in information governance or information assurance/compliance, and at least 5 years of experience in a legal or professional services environment.
- Information assurance/compliance certification preferred.
- Expertise in the principles and best practices of information governance and assurance.
- Broad knowledge of compliance tools and processes
- Experience with writing policies and procedures
- Knowledge of relevant laws and best practices relating to information assurance.
- Experience responding to internal and external client IT audits.
- Able to handle multiple projects and priorities simultaneously with professionalism, client service orientation, attention to detail, and sense of urgency.
- Superior analytical and problem-solving abilities.
Michelle writes about cyber security as well as how to protect your data online. She has worked in internet technology for over 20 years Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. She published a guide to Cyber Security for Business Travelers