Information Governance & Security Manager

The Bronx Defenders (BxD) is an innovative progressive public defense office in the South Bronx. We are seeking a passionate technology professional with a commitment to public defense to join the Information Technology (IT) Team as an Information Governance & Security Manager.

Founded in 1997 BxD is a public defender nonprofit that has developed a nationally recognized model of representation called holistic defense which provides people with teams of lawyers social workers and advocates to defend them zealously in court and address the underlying drivers and enmeshed penalties of legal system involvement.

Our office now has more than 400 staff members who defend nearly 20000 New Yorkers facing incarceration family separation eviction and deportation (among other devastating consequences) in criminal family civil and immigration proceedings each year.

We continue reimagining the role of public defense even further using community organizing and engagement legislative advocacy and impact litigation to partner with the communities we represent to bring about long-lasting systemic change. We also share our model and lessons learned on how to move to a holistic model of representation with current and future public defenders throughout the country.

Information Technology
Our Information Technology (IT) department is our first line of support in assisting our dedicated staff of attorneys advocates social workers and administrative professionals. Ultimately the work of our department helps to advance the needs of our clients and facilitate the process by which their legal teams support and advocate for them to reach their goals. As the leading office in providing holistic representation we stay abreast of innovative technological tools and resources that are used to support our staff and clients as they navigate the criminal family immigration and civil court onboarding new employees to strengthening cybersecurity and modernizing our digital tools the IT department is dedicated to creating an environment where technology empowers people minimizes friction and keeps our organization at the forefront of innovation in public defense.

The Information Governance & Security Manager ensures that organizational information (case files HR data client records financial systems) is managed securely compliantly and in alignment with regulatory requirements (CJIS HIPAA SHIELD). This role develops and enforces information governance policies manages risk assessments and audits and coordinates with the MSP and IT leadership to safeguard the integrity availability and confidentiality of organizational data.

Responsibilities

• Own and update organizational information governance policies (data retention access control encryption privacy)

• Coordinate audits and access reviews across systems (M365 LegalServer HRIS Finance)

• Review and respond to SOC/security alerts escalated from the MSP

• Lead development and testing of Business Continuity (BCP) Disaster Recovery (DRP) and Incident Response (IRP) plans

• Conduct quarterly data protection and compliance audits

• Partner with HR Legal and IT to enforce retention and preservation schedules

• Oversee data backup strategy (3-2-1 rule: cloud onsite offline)

• Provide reports on compliance posture and risk exposure to the IT Director and COO

• Stay current on changes to CJIS HIPAA SHIELD and ABA confidentiality standards

• Stay current with emerging technologies security practices and industry standards relevant to the role and provide recommendations for improvements

• Maintain awareness of ongoing IT initiatives organizational priorities and cross-departmental projects to ensure alignment with broader business goals

• Perform other related duties as assigned in response to organizational needs new compliance requirements or changes in technology

• 6 years in IT governance compliance or security roles

• Strong knowledge of NIST CSF ISO 27001 ITIL Security Mgmt

• Hands-on experience with M365 Security & Compliance Center Purview Intune

• Familiarity with audits penetration testing and risk assessments

• Ability to develop test and maintain BCP/DRP/IRP

• Excellent communication and report-writing skills for technical and non-technical audiences

• Experience collaborating with MSPs auditors and cross-functional teams

• Bachelors degree in Information Systems Computer Science Cybersecurity or related field

• Professional Certifications (strongly preferred): CISSPCISMCISA ISO 27001 Microsoft certified

The following qualifications are preferred but not :

• Experience in nonprofit academic or healthcare environment

• Experience with unionized employees

To cultivate the deep subject matter knowledge strong interpersonal relationships and collaborative approach that are critical to the positions success it is essential that the candidate be able to participate in-person and onsite in both internal and external meetings and events. This position has an onsite requirement of in-office 5 days per week.

Approximately 70% of The Bronx Defenders staff including attorneys and non-attorneys are represented by UAW Local 2325 - Association of Legal Aid Attorneys (AFL-CIO). This position is not within the bargaining unit.

Salary is commensurate with experience. The salary range for this position is $130000 to $150000 annually. Full-time employees are also eligible for a comprehensive benefits package including but not limited to medical dental and vision coverage; a 403(b) plan with employer contribution; and a generous vacation sick leave and parental leave policy

To apply please click APPLY TO THIS JOB ONLINE and upload your resume and cover letter in one document. Your resume will be used to determine your salary based on the number of years of directly relevant professional experience and should include all relevant professional experience. Applications without a written cover letter will not be considered.

The Bronx Defenders is an equal opportunity employer and is cultivating a workplace that embraces staff with a diversity of backgrounds identities and experiences. We acknowledge the ways in which systemic oppression and injustice can undermine access to professional opportunities and are committed to conducting hiring and promotion processes that are equitable and accessible to those commonly excluded from the workforce. We do not discriminate against and encourage applicants from marginalized communities to apply including those who identify as Black Indigenous people of color queer transgender gender non-conforming disabled neurodivergent and those directly impacted by criminal civil family and immigration legal systems. We value lived as well as professional experience and particularly welcome applications from the Bronx community that we work with.