Data Governance Lead / Data Custodian - GRC, Data Governance Strategy, Data Discovery, Target Operating Model, Data Privacy & Process As-Is/To-Be Models; Data Governance Tooling (Virtusa, Collibra, Atlan etc), Document Management Systems; Regulatory Requirements; Unstructured Data. Permanent, London/Remote Hybrid (3 days in Office). c£80k (Upwardly Negotiable on relevant experience) +Bonus +Benefits
Data Governance Lead / Data Custodian sought by global Law Firm. You will work closely with the CISO and broader InfoSec / Compliance teams to assess the data landscape of the firm and then lead and advise, from a strategic perspective, on data governance and data risk management.
Working with multiple, global, clients within a broad range of industries the law firm handles large quantities of unstructured data (Word Documents, PDFs, Email) and requires a Data Governance Lead / Data Custodian to undertake a significant discovery piece relating to where this data sits, what constitutes the authoritative version of a document and who has access to the data at any given time.
The Data Governance Lead / Data Custodian will then need to understand the regulatory and compliance frameworks which apply to this data management (ISO, SRA, Cyber Essentials etc) as well as the technical configurations employed within the business. In order to do this, the successful candidate will need to assess processes and tooling - and get buy in from all senior level stakeholders - prior to implementing said processes and tooling and undertaking this discovery piece themselves. You may wish to implement data governance tooling such as Virtusa, Collibra, Atlan etc to work alongside MS Purview but this will form part of your discussions and consultancy. This is an independent contributors role within the wider InfoSec GRC team.
Alongside the discovery piece the Data Governance Lead / Data Custodian will devise and recommend a Data Governance Strategy and develop the Target Operating Model to be deployed firm-wide. You will need to negotiate, advise and consult with senior level management from the CISO to the CIO and all heads of business departments including Compliance Lawyers; by doing do you will work to guide the firm to a more robust data governance position which is ready to adopt Generative AI utilising LLM/NLP models reducing unintended consequences of inappropriate access by internal business users. Ultimately, you will be the owner of the data risk register and will be responsible for setting policy around data management, data access, user access control, data retention and data privacy.
This is a specialist role within GRC and would suit someone who has worked in a senior or lead Data Governance / Data Custodian / InfoSec Officer type role. You will have worked with unstructured data (i.e. not just databases, systems and spreadsheets) and be aware of the inherent risks associated with this type of data stored in file server environments and document management systems. You will be able to confidently consult with senior level management and have an excellent understanding of applicable data governance techniques and tooling including MS Purview and Virtusa/Collibra etc.
You may have been working in a Law Firm, Data Governance / InfoSec Consultancy or big 4/5 consultancy firm (PwC, KPMG, Deloitte, EY, McKinsey & Company etc) and can demonstrate similar, relevant experience working with unstructured data relating to numerous clients/business as opposed to one type of data, one client/business. Unique opportunity within global law firm environment.