Join our talent network

Director of Data Protection

Job ID: 7297

Updated: Sep 15, 2023

Location: Chicago, IL, United States

Category: Risk Management


About Kirkland & Ellis

At Kirkland & Ellis, we are united in our ambition and drive to move forward. We share core values that help us achieve excellence: collaboration, talent empowerment, service, inclusion, respect and gratitude. Our people are our greatest asset, and we invest in the brightest talent and encourage a diversity of perspectives and strengths to create dynamic teams that operate at the pinnacle of their field. Our talented professionals show up every day knowing they will engage in meaningful work, continuous learning and professional development.
As one of the world’s leading law firms, we serve a broad range of clients with market-leading practices in private equity, M&A and other complex corporate transactions; investment fund formation and management; restructurings; high-stakes litigation and trials; and government, regulatory and internal investigations. We handle the most complicated and sophisticated legal matters because we don’t just meet industry standards, we create them. We bring innovation and entrepreneurialism to every engagement and, as a result, have long-standing client relationships with leading global corporations and financial sponsors. With 6,500 employees (including 3,500+ lawyers) operating from 19 offices across the United States, Europe and Asia, we are one of the largest law firms in the world and a top financial performer.

Essential Job Functions

Kirkland positions Data Protection at the intersection of risk management, data and user analytics, data loss prevention, information classification, legal practice, and the business of law. This position is responsible for overseeing the Risk Management Data Protection team responsible for monitoring system activities and alerts; performing searches and internal collections of email, documents and/or files; incident investigation and response; data preservation and mandated destruction, emailbox access and secure file transfer compliance. The individual in this position serves as a sponsor, stakeholder, lead and/or contributor on initiatives to protect firm sensitive and client confidential data and fosters a high degree of collaboration with all firm personnel.

Essential Functions:

  • Serves as a data protection subject matter expert and advisor for Risk Management senior leadership and the Office of the General Counsel.
  • Taking a balanced approach, ensures appropriate treatment of risks, and compliance and quality assurance of work product and services.
  • Delivers executive-level summaries, findings and recommendations that effectively translate data protection threats from a technical perspective to a layperson’s understanding.
  • Develops and maintains plans, strategies, and policies that support, align with, and transform Kirkland’s posture as it relates to internal collections, data protection, and other risk-related functions and services.
  • Maintains ongoing awareness and assessment of data protection vulnerabilities and threats in general and specifically related to law firms.
  • Leads, evaluates, and supports processes necessary to maintain compliance with data protection policies and controls, and fosters a compliance compliance culture.
  • Liaises with legal teams, Security Governance, Technology Services, Human Resources and Legal Recruiting and Development leads to manage and deliver e-discovery and data protection solutions.
  • Creates new data protection policies and revises existing policies, standards, processes guidelines, and other support documentation relating to data protection.
  • Clearly conveys ownership, personal interest and enthusiasm for all aspects of data protection.
  • Reviews and approves exception requests to data protection controls and data collection charters.
  • Oversees the management of legal and administrative preservation notices, destruction orders, emailbox access, and ensures compliance with secure transfer of data policies.
  • Manages vendor relationship and system specifications for the design and implementation of data protection solutions.
  • Leads team of data protection professionals. Remains continually engaged in helping individual staff and teams meet their productivity and professional development goals.
  • Maintains complete and accurate records of data protection guidance, services, decisions and other work product.

Qualifications & Requirements

Education, Work Experience, Skills

  • Bachelor's degree from an accredited four-year institution required. Information Security/Cybersecurity, Juris Doctorate or other advanced degree preferred.
  • Prior success in leading strategic data protection initiatives at a global law firm, multi-national corporation or professional services firm.
  • Executive presence required for productive partner collaboration. Proven track record of performing with tact and diplomacy in personal interactions, particularly when working under tight deadlines.
  • Demonstrated ability to deliver clear, concise and factually accurate written and oral communications tailored to the intended recipients.
  • Proven experience with gathering and documenting information from users, including attorneys and senior firm management, analyzing large volumes of unstructured data, establishing metrics and management reporting.
  • High level of personal integrity, with the ability to professionally handle confidential matters with sound judgment and maturity.
  • 10+ years of experience serving in a subject matter expert role relating to data loss protection, data breach and other cyber incident investigation, incident response, and/or e-discovery.
  • 10+ years of experience in personnel management and team leadership.
  • 5+ years of Document Management System (DMS) experience in the legal industry preferred.
  • Proficiency in Microsoft applications, (e.g., Word, Excel, PowerPoint, Teams, Visio).
  • Demonstrated ability lead high visibility, high impact change management initiatives.
  • Advanced knowledge of risk management principles and practices.
  • Working knowledge of data encryption technologies.
  • Demonstrated understanding of data protection laws and regulations and practical, balanced application of knowledge in a law firm.

How to Apply

Thank you for your interest in Kirkland & Ellis LLP.  To complete an application and submit your resume, please click "Apply Now."

Equal Employment Opportunity

All employment decisions, including the recruiting, hiring, placement, training availability, promotion, compensation, evaluation, disciplinary actions, and termination of employment (if necessary) are made without regard to the employee’s race, color, creed, religion, sex, pregnancy or childbirth, personal appearance, family responsibilities, sexual orientation or preference, gender identity, political affiliation, source of income, place of residence, national or ethnic origin, ancestry, age, marital status, military veteran status, unfavorable discharge from military service, physical or mental disability, or on any other basis prohibited by applicable law.

Closing Statement

The job postings and recruiting mailbox are for candidates only. If you are a recruiter, search firm or employment agency, and do not have a signed contract with Kirkland & Ellis LLP ("K&E") and have not been asked specifically to submit candidates, you will not be compensated in any way for your referral of a candidate even if K&E hires the candidate. Direct contact with K&E employees in an attempt to present candidates is inappropriate and will be a factor in determining any future professional relationship with the Firm. #LI-Hybrid #LI-DR1