Information Governance Regulatory and Privacy Manager Position Available In Suffolk, Massachusetts

Information Governance Regulatory and Privacy Manager Cooley LLP life insurance, parental leave, paid time off, paid holidays United States, Massachusetts, Boston Jun 10, 2025
Information Governance Regulatory and Privacy Manager Cooley is seeking an Information Governance Regulatory and Privacy Managerto join the IS Information Governance team.

Position summary:

Cooley Technology embraces a culture of customer service excellence, and all members of the department are expected to move this agenda forward. To that end, the Information Governance Regulatory and Privacy Manager is expected to recognize that the Cooley Information Governance and Privacy department is a service organization first and foremost and will be evaluated on this requirement equal in importance to the technical or operational responsibilities outlined in this document. The Information Governance Regulatory and Privacy Manager is responsible for managing information risk and ensuring compliance with security and privacy regulation requirements through the firm’s governance risk and compliance program. This includes responsibility for vendor security assessment, analysis of client security obligations, cyber security audits, data mapping, privacy regulation compliance etc. The IG Regulatory and Privacy Manager is responsible for managing the IG Regulatory and Privacy business professionals and promoting compliance and awareness of firm policies and procedures specific to governance, risk and compliance and to records and information management. Specific duties and responsibilities include, but are not limited to, the following: Position responsibilities: Develop goals and objectives for IG Regulatory and Privacy team in conjunction with IG strategic planning
Develop preliminary annual operating budgets and monitor monthly expenditures
Apply industry principles and theories of data protection, privacy and business confidentiality to the records and information management process in coordination with IS Security
Evaluate headcount resource requirements and provide recommendations to maximize capacity and staffing ratio efficiencies
Manage direct report workflow, as required
Audit and track the firm’s responsibilities against Outside Counsel Guideline agreements
Manage vendor security assessment process
Develop and implement IG Regulatory and Privacy training programs for end users
Develop and maintain documentation of IG Regulatory and Privacy operations procedures
Understand all aspects of the firm’s IG Policy and be able to articulate relative obligations to Firm stakeholders
Negotiate and recommend vendor contracts for IG Regulatory and Privacy functions. Manage vendor relationships and analyze vendor relations specific to performance, contract compliance, and quality/accuracy controls to ensure business partner compliance with contract terms
Identify projects and coordinate resources to ensure successful completion of projects and achieve organizational goals and objectives
Conduct both internal and external audits to ensure compliance with all industry-mandate regulations
Identify, develop, and maintain relationships to maximize support and accomplish organizational goals
Manage operational information governance and privacy activities and the security team to enhance the firm’s information governance programs in line with

ISO 27001, ISO

27701, GDPR, CCPA and all applicable privacy regulations
Maintain the firm’s ISO certifications
Assess and track the firm’s compliance to existing and future global regulations in privacy and security
Monitor, research, and communicate AI, privacy, and information management regulatory standards and procedures to ensure the global organization remains aligned with regulations and handles risk accordingly
Stay abreast of global AI and privacy developments and best practices and recommends strategies and program designs accordingly
Manages Data Subject Access Requests
Oversee a network of operational teams and vendors to maintain the information life cycle of the company’s assets and be actively informed and engaged in daily information governance and privacy operations
Implement and maintain controls and monitoring that ensure the confidentiality, integrity and availability of firm and client information
Under guidance of the Director of Information Governance and Data Privacy, assist in the procurement and implementation of technology to support information governance and privacy
Remain current in emerging technologies and trends to manage information assets; recommend appropriate changes to improve records functions
Manage compliance labels and polices in Microsoft

O365/M365

Oversee the installation, configuration and maintenance of IG systems and tools in accordance with firm needs, standards, and regulations
Serve as direct supervisor and mentor to direct reports
Provide day-to-day supervision of direct reports, ensure compliance with assigned work hours and monitor for compliance with all firm and department policies. Manage staffing coverage, review and process time logs/time off requests
Support business professional development and continued educational opportunities
In collaboration with immediate supervisor and CN HR, participate in hiring, performance appraisals, counseling, termination and other employee lifecycle events
Provide mentorship as well as day-to-day supervision of direct reports, ensure compliance with assigned work hours and monitor for compliance with all firm and department policies
All other duties as assigned or required Skills and experience:

Required:

After orientation at Cooley LLP, exhibit proficiency in the Microsoft Office suite, iManage and other firm applications
Ability to work extended and/or weekend hours, as required
Ability to travel, as required
5+ years directly applicable experience in the field (e.g., experience working in Records & Information Management as well as experience with one or more RIM enterprise technology solutions used for the management of both physical and electronic information, e.g., iManage Govern, HP WRM, ARM, FileSurf, LegalKey) to include 3+ years’ experience in governance, risk and compliance (GRC) processes, solutions, information security and auditing
Experience with WorkSite
Strong technical skills relevant to IG management and document management systems (RMS/DMS), including data mapping; data conversion; document properties and metadata management (classification, coding and security); data protection, privacy and business confidentiality; and bar code technology and hardware

Preferred:

Bachelor’s degree preferably in Information Systems, Library Science, Records, Information Technology, Cyber Security, Data Analytics, or associated discipline
Strong project management skills
Practical experience in information security and well-rounded knowledge of information technology
Experience evaluating the security posture of vendors and system architecture
Experience coordinating the implementation of new technologies
Experience working in a law firm or professional services organization
Strong understanding of GARP (Generally Accepted Recordkeeping Principles)
Certified Records Manager (CRM) credentials and/or Information Governance Professional (IGP) credentials
IAPP Certifications including CIPP/US and/or CIPP/E
Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP)
Experience leading teams and processes surrounding data life cycle management.

More specifically:

Varonis

O365/M365

GSuite
NTFS permissions
Govern
DLP systems (Forcepoint, CyberHaven)
Box
File copy/migration tools
MS Teams configuration
Supervisory experience

Competencies:

Excellent verbal and written communication skills
Exceptional customer services and interpersonal skills
Strong organizational skills
Ability to work effectively with all personnel
Ability to analyze and solve problems
Demonstrated team player
Attention to detail
Professional demeanor and ability to work with others
Reliable and cooperative manner and ability to work well under pressure
Ability to keep current with new developments, master new technologies, and adapt to change
Comfortable working in a fast-paced environment where priorities change frequently
Ability to exercise initiative and independent judgment
Able to manage multiple offices in multiple locations Cooley offers a competitive compensation and excellent benefits package and is committed to fair and equitable employment practices. EOE. The expected annual pay range for this position with a full-time schedule is $115,000 – $170,000. Please note that final offer amount will be dependent on geographic location, applicable experience and skillset of the candidate. Senior level candidates may be considered for this position and would be eligible for a higher salary range based on experience. We offer a full range of elective benefits including medical, health savings account (with applicable medical plan), dental, vision, health and/or dependent care flexible spending accounts, pre-tax commuter benefits, life insurance, AD&D, long-term care coverage, backup care for children and/or adults and other parental support benefits. In addition to elective benefit options, benefited employees receive firm-paid life insurance, AD&D, LTD, short term medical benefits as well as 21 days of Paid Time Off (“PTO”) and 10 paid holidays each year. We provide generous parental leave and fertility benefits. employees will attend a detailed benefit orientation to learn more about our many benefits and resources.