Jobs · Management

Governance, Risk, and Compliance Engineer

Baker Botts · Washington, DC · 2 wk ago
RemoteRemoteManagement$128k–$140k/yrFull-time

About the role

Baker Botts L.L.P. is seeking a highly skilled Governance, Risk, and Compliance (GRC) Engineer with expertise in Microsoft Purview.

Responsibilities

  • Implement, configure, and maintain Microsoft Purview components including Data Map, Unified Catalog, Information Protection, and Compliance Manager.
  • Design and execute legal hold strategies using Purview’s eDiscovery and retention capabilities.
  • Develop and enforce data governance policies and procedures.
  • Conduct regular audits and assessments of data practices and compliance posture.
  • Generate reports and insights using Power BI and Purview dashboards.
  • Implement information protection strategies to safeguard sensitive data across Microsoft 365 and Azure environments.
  • Configure and enforce Data Loss Prevention (DLP) policies to prevent unauthorized data sharing and leakage.
  • Establish and manage data retention policies to ensure regulatory adherence.
  • Monitor and manage insider threats and respond to security alerts and incidents.
  • Develop and implement data classification and labeling strategies.
  • Continuously assess and improve the security posture of collaboration environments.
  • Experience with IAM strategies for Microsoft 365 collaboration services.
  • Familiarity with Entra ID (formerly Azure AD), including service principals, managed identities, and federation.
  • Enforce access controls and identity governance policies.
  • Collaborate with legal, IT, and governance teams to align security and compliance goals.
  • Work with workload administrators and business application owners to implement necessary controls.
  • Provide training and support to staff on data governance and security best practices.
  • Maintain detailed documentation of security policies, procedures, and incident responses.

Qualifications

  • Bachelor’s degree in Information Technology, Computer Science, Law, or a related field required.
  • 5–8 years of experience managing and securing Microsoft 365 environments.
  • Proven expertise with Microsoft Purview, Entra ID, Exchange Online, SharePoint Online, and Exchange On-Premises.
  • Strong understanding of legal hold, privacy regulations, and compliance standards.
  • Experience with Azure Information Protection and data-at-rest encryption (e.g., Thales HSMs).
  • Proficiency in PowerShell for automation and management tasks.
  • Familiarity with identity federation and business continuity planning.

Preferred Certifications

  • Microsoft 365 Certified: Fundamentals
  • Microsoft 365 Certified: Administrator Expert
  • Microsoft 365 Certified: Information Security Administrator Associate
  • Certified Information Privacy Professional (CIPP)
  • Certified Information Governance Professional (IGP)

Similar jobs