Information Governance & Security Manager

The Bronx Defenders (BxD) is an innovative, progressive public defense office in the South Bronx. We are seeking a passionate technology professional with a commitment to public defense to join the Information Technology (IT) Team as an Information Governance & Security Manager.

Founded in 1997, BxD is a public defender nonprofit that has developed a nationally recognized model of representation called holistic defense, which provides people with teams of lawyers, social workers, and advocates to defend them zealously in court and address the underlying drivers and enmeshed penalties of legal system involvement.

Our office now has more than 400 staff members who defend nearly 20,000 New Yorkers facing incarceration, family separation, eviction, and deportation (among other devastating consequences) in criminal, family, civil, and immigration proceedings each year.

We continue reimagining the role of public defense even further, using community organizing and engagement, legislative advocacy, and impact litigation to partner with the communities we represent to bring about long-lasting systemic change. We also share our model and lessons learned on how to move to a holistic model of representation with current and future public defenders throughout the country.

Overview

The Information Governance & Security Manager ensures that organizational information (case files, HR data, client records, financial systems) is managed securely, compliantly, and in alignment with regulatory requirements (CJIS, HIPAA, SHIELD). This role develops and enforces information governance policies, manages risk assessments and audits, and coordinates with the MSP and IT leadership to safeguard the integrity, availability, and confidentiality of organizational data.

Responsibilities

• Own and update organizational information governance policies (data retention, access control, encryption, privacy).
• Coordinate audits and access reviews across systems (M365, LegalServer, HRIS, Finance).
• Review and respond to SOC/security alerts escalated from the MSP.
• Lead development and testing of Business Continuity (BCP), Disaster Recovery (DRP), and Incident Response (IRP) plans.
• Conduct quarterly data protection and compliance audits.
• Partner with HR, Legal, and IT to enforce retention and preservation schedules.
• Oversee data backup strategy (3-2-1 rule: cloud, onsite, offline).
• Provide reports on compliance posture and risk exposure to the IT Director and COO.
• Stay current on changes to CJIS, HIPAA, SHIELD, and ABA confidentiality standards.
• Stay current with emerging technologies, security practices, and industry standards relevant to the role, and provide recommendations for improvements.
• Maintain awareness of ongoing IT initiatives, organizational priorities, and cross-departmental projects to ensure alignment with broader business goals.
• Perform other related duties as assigned in response to organizational needs, new compliance requirements, or changes in technology.

Qualifications

• 6+ years in IT governance, compliance, or security roles.
• Strong knowledge of NIST CSF, ISO 27001, ITIL Security Mgmt.
• Hands-on experience with M365 Security & Compliance Center, Purview, Intune.
• Familiarity with audits, penetration testing, and risk assessments.
• Ability to develop, test, and maintain BCP/DRP/IRP.
• Excellent communication and report-writing skills for technical and non-technical audiences.
• Experience collaborating with MSPs, auditors, and cross-functional teams.
• Bachelor's degree in Information Systems, Computer Science, Cybersecurity, or related field
• Professional Certifications (strongly preferred): CISSP,CISM,CISA, ISO 27001, Microsoft certified.

The following qualifications are preferred, but not required:

• Experience in nonprofit, academic or healthcare environment
• Experience with unionized employees

To cultivate the deep subject matter knowledge, strong interpersonal relationships and collaborative approach that are critical to the position’s success, it is essential that the candidate be able to participate in-person and onsite in both internal and external meetings and events. This position has an onsite requirement of in-office, 5 days per week.

Approximately 70% of The Bronx Defenders' staff, including attorneys and non-attorneys, are represented by UAW Local 2325 - Association of Legal Aid Attorneys (AFL-CIO). This position is not within the bargaining unit.

Compensation

Salary is commensurate with experience. The salary range for this position is $130,000 to $150,000 annually. Full-time employees are also eligible for a comprehensive benefits package including but not limited to medical, dental, and vision coverage; a 403(b) plan with employer contribution; and a generous vacation, sick leave, and parental leave policy

To apply, please click APPLY TO THIS JOB ONLINE and upload your resume and cover letter in one document. Your resume will be used to determine your salary based on the number of years of directly relevant professional experience and should include all relevant professional experience. Applications without a written cover letter will not be considered.

The Bronx Defenders is an equal opportunity employer and is cultivating a workplace that embraces staff with a diversity of backgrounds, identities, and experiences. We acknowledge the ways in which systemic oppression and injustice can undermine access to professional opportunities and are committed to conducting hiring and promotion processes that are equitable and accessible to those commonly excluded from the workforce. We do not discriminate against and encourage applicants from marginalized communities to apply, including those who identify as Black, Indigenous, people of color, queer, transgender, gender non-conforming, disabled, neurodivergent, and those directly impacted by criminal, civil, family, and immigration legal systems. We value lived as well as professional experience and particularly welcome applications from the Bronx community that we work with.