Join our talent network

Senior Data Protection Specialist

Job ID: 6144

Updated: Nov 10, 2021

Location: San Francisco, CA, United States

Category: Risk Management


About Kirkland & Ellis

Kirkland & Ellis LLP is a preeminent, full-service law firm with offices around the world and a staff as diverse as the practice areas we support. Our clients range from Fortune 100 companies to medium and small corporations, financial institutions, and private equity firms.  Known for our commitment to excellence, Kirkland strives to provide superior service to our clients as well as our fellow employees. From Information Technology to Human Resources, Paralegal Services to Business Development, Kirkland offers non-attorney professionals challenging careers in a variety of functional areas. Whether starting or growing your career, Kirkland can offer a performance-driven culture filled with bright and innovative teams of co-workers.

Essential Job Functions

The Sr. Data Protection Specialist plays a critical role in implementing and managing processes and solutions that protect our firm and client data. This role will plan, execute, and/or support one or more projects and services relating to data protection. Leads or serves as a subject matter expert on project teams, performs data analysis and fact finding assignments, documents results, makes recommendations regarding legacy data, and makes oral presentations and written recommendations relating to data protection to partners and senior Risk Management leadership.

This role has primary responsibility for implementing information technologies and working practices relating to the protection of client and firm administrative data and records. Work performed by this individual results in the measurable reduction of costs and/or minimizes risks relating to data protection and data access controls. The individual in this senior position advises attorneys, paralegals and other legal staff and administrative personnel on data protection related controls and processes and delivers white glove service to all Kirkland personnel, clients, and/or vendors.

In addition to serving in an advisory capacity, the Sr. Data Protection Specialist assists senior management and attorneys by identifying and containing risks relating to data and information management, and fostering a compliance culture throughout the firm. The individual maintains awareness of major changes affecting legal and business data protection, and develops material to educate senior management and partners so they may better adhere to Firm policies, provide legal services and meet their ethical obligations to their clients.

Data Protection

  • Assists with the development of data protection, data privacy, and compliance policies and procedures.
  • Defines and builds metrics and reporting to enhance understanding of data protection program development and maturity.
  • Coordinates management responses to partner requests and other internal and external requests for information relating to data monitoring, data access controls and data protection.
  • Documents workflows for processes relating to data protection controls.
  • Coordinates and executes periodic user data protection monitoring and reviews across multiple data repositories and departments.
  • Analyzes and makes recommendations relating to all aspects of client-requested or data protection and access controls needed to protect the intellectual capital of the firm.
  • Works with Risk Management leadership in the development and enhancement of processes to ensure compliance with all applicable data protection requirements.
  • Assists senior management and attorneys in identifying and containing risks relating to data protection, and fostering a compliance culture.
  • Assists in the coordination of management responses to partner requests and other internal and external requests for data monitoring and data access controls.
  • Ensures proper data protection controls are in place for client and firm data.
  • Reviews and responds to alerts involving email, web, and other channels to review policy compliance.
  • Leads investigations relating to compliance with data handling policies.
  • Ensures all investigations comply with Firm policies, client requirements, and applicable regulatory frameworks.
  • Determines data classification of sensitive documents flagged by data protection tools and alerts.
  • Identifies risks and exposures, determines the causes of data handling issues and implement changes to prevent future incidents and improve security.
  • Performs data analysis, internal threat intelligence, data usage investigations, and/or threat hunting.
  • Provides training, informational, and educational materials on data protection to Firm personnel.

Qualifications & Requirements

Qualified candidates must have a four-year degree relating to information technology, law, compliance, business administration, and/or information management, and a minimum of five years of professional experience. Candidates who have achieved Certified Data Privacy Solutions Engineer (CDPSE), GIAC Certified Incident Handler (GCIH), Certified Information Governance Professional (IGP), or Certified Information Privacy Professional (CIPP) are preferred.

This position requires a self-motivated, creative, and detail-oriented individual with a strong knowledge of data protection processes and technologies. Must be capable of independently authoring and presenting technical and business information in a variety of formats, and explaining complex and/or technical topics relating to data protection to those who have no prior knowledge of Firm systems, policies and procedures. Strong strategic, interpersonal, communication, and critical thinking skills are required.

Advanced aptitude and interest in information technologies, change management and project management is required, and intermediate proficiency in Microsoft’s software suite is required. Prior experience using and/or administering iManage WorkSite is a plus. Must have experience with Data Loss Prevention tools and incident handling, user activity investigation, and/or threat hunting.

How to Apply

Thank you for your interest in Kirkland & Ellis LLP.  To complete an application and submit your resume, please click "Apply Now."

Equal Employment Opportunity

All employment decisions, including the recruiting, hiring, placement, training availability, promotion, compensation, evaluation, disciplinary actions, and termination of employment (if necessary) are made without regard to the employee’s race, color, creed, religion, sex, pregnancy or childbirth, personal appearance, family responsibilities, sexual orientation or preference, gender identity, political affiliation, source of income, place of residence, national or ethnic origin, ancestry, age, marital status, military veteran status, unfavorable discharge from military service, physical or mental disability, or on any other basis prohibited by applicable law.

Closing Statement

The job postings and recruiting mailbox are for candidates only. If you are a recruiter, search firm or employment agency, and do not have a signed contract with Kirkland & Ellis LLP ("K&E") and have not been asked specifically to submit candidates, you will not be compensated in any way for your referral of a candidate even if K&E hires the candidate. Direct contact with K&E employees in an attempt to present candidates is inappropriate and will be a factor in determining any future professional relationship with the Firm.