The Governance, Risk, and Compliance (GRC) Engineer is responsible for leading data governance, security, and compliance initiatives within a law firm’s Microsoft 365 environment. This role focuses on designing, implementing, and managing Microsoft Purview solutions to protect sensitive data, ensure regulatory compliance, and support legal hold and eDiscovery processes. Key responsibilities include configuring Purview components, developing data governance policies, enforcing data loss prevention and retention strategies, and monitoring security risks such as insider threats. The engineer also conducts audits, generates compliance reports, and collaborates closely with legal, IT, and information governance teams to align security practices with business and regulatory requirements. Additional duties include implementing identity and access controls, supporting incident response, and providing training and documentation on best practices.

Candidates must have a bachelor’s degree in a relevant field and 5–8 years of experience managing Microsoft 365 environments. Strong expertise in Microsoft Purview, Entra ID, Exchange, SharePoint, and security tools is required, along with proficiency in PowerShell and knowledge of compliance frameworks, privacy regulations, and eDiscovery. Relevant certifications are preferred. The role requires strong analytical, communication, and problem-solving skills in a fast-paced environment.

This is a full-time remote position with occasional travel. Salary ranges from $128,000–$140,000 in New York and $120,000–$135,000 in Washington, DC and Dallas, TX.