Information Governance & Privacy Compliance Attorney

Information Governance & Privacy Compliance Attorney

Incisive. Inclusive. Invested. We're Axinn.

Experienced, tenacious, and always trial-ready, we are committed to understanding complex legal challenges that impact the future of our clients' businesses, globally.

Focusing on antitrust, intellectual property, and high-stakes litigation, our extensive teams in the U.S. possess deep knowledge and client-side experience across a range of sectors, including technology, healthcare, life sciences, and consumer products.

At Axinn, inclusivity is central to who we are. We have a purpose that goes beyond profit, which includes fostering a fair, welcoming workplace and supporting the communities where we live and work. We actively recognize talent and promote opportunities for all team members. By embracing the unique experiences and perspectives of our people, we fuel creativity and deliver results for our clients.

The Information Governance & Privacy Compliance Attorney will oversee the Firm's information governance compliance, including but not limited to client data management, data retention, privacy compliance, legal hold governance, defensible data disposition, and information lifecycle management. This position will also be responsible for advising the Firm, in collaboration with our Information Technology (IT) and Innovation teams, on security compliance, especially with emerging technologies.

This position reports to the Associate General Counsel, with close collaboration across IT, Litigation Support, Innovation, and others in administrative leadership. The Attorney will help establish and maintain practical Firm-wide strategy, policies and procedures governing the creation, use, retention, preservation, protection, and disposition of Firm and client data.

The Attorney will not be responsible for day-to-day IT administration or security operations but will coordinate closely with those teams to help ensure that Firm policies are practical, consistently applied, and aligned with applicable legal, regulatory, ethical, client, and business obligations. The role requires sound judgment and a strategic approach to information governance and privacy, balancing the Firm's operational needs, client expectations, and commercial objectives.

• Lead the development and oversight of the Firm's information governance framework, and ensure access, retention, preservation, privacy, and disposition requirements are operationally feasible and consistently implemented.
• Draft and implement policies and procedures related to information governance, security, privacy and data handling throughout the firm, and organize and conduct trainings to ensure understanding of and compliance with policies.
• Partner with IT, Security, Litigation Support, Innovation, and other stakeholders to ensure the Firm maintains the highest standards of professional responsibility for the protection and management of confidential, privileged, personal, and sensitive information.
• Manage procedures for implementing client-specific data handling requests.
• Provide legal counsel to the Firm on privacy, security, and data transfer regulations, in the U.S. and internationally.
• Participate in the review of and provide guidance on the data management and security considerations of new systems, cloud platforms, AI tools, vendors, and data workflows where privacy, confidentiality, security, or data governance obligations are implicated, helping enable responsible adoption of technology and business initiatives.
• Monitor and advise on evolving legal, regulatory, client, and industry best practices related to privacy, AI tools and related data workflows, and information governance, and help translate those requirements into practical operational guidance and training for Firm personnel.
• Assist with negotiation and completion of client security questionnaires, audits, outside counsel guidelines, and other governance-related client requirements.
• Support internal and vendor/third-party data risk review, audits, remediation tracking, and related compliance initiatives, with an emphasis on risk prioritization and practical implementation.
• Develop, implement, and maintain governance processes and centralized repositories for information governance, privacy, security, and related policies, procedures, standards, guidance, decisions, exceptions, and historical actions, ensuring such materials are appropriately documented, accessible, and maintained to support consistency, accountability, operational efficiency, and institutional knowledge.

• J.D., licensed to practice in New York, D.C., Connecticut, or California.
• 5+ years' experience preferred, advising on security, privacy, and data governance.
• Significant experience in information governance, privacy compliance, security advising, records management, risk management, or related functions.
• Experience working in a law firm, corporate legal department, professional services…