Data Governance Manager

About The Position

Requirements

• 4-7+ years of progressive experience in data governance, data management, data quality, or related discipline
• 2+ years of direct experience with SOC 2 compliance — specifically internal evidence gathering, control documentation, and audit coordination
• Experience managing or participating in third-party vendor risk assessment and continuous monitoring programs
• Demonstrated ability to manage products from a governance perspective
• Strong working knowledge of the Microsoft technology stack (Azure, Microsoft 365, Power BI, Purview, SharePoint)
• Proficiency with data governance or cataloging platforms (e.g., Microsoft Purview, Collibra, Informatica, Alation)
• SQL proficiency or experience working with data engineering teams
• Understanding of data governance frameworks and methodologies
• Ability to design, document, and execute process-driven governance and compliance workflows
• Familiarity with SOC 2 Trust Services Criteria and control mapping

Nice To Haves

• Industry certifications such as CDMP, CISA, CRISC, or CISSP are a plus
• Experience with data lakes is a plus
• Familiarity with additional compliance frameworks beyond SOC 2 (e.g., ISO 27001, NIST CSF, NIST RMF AI, ISO) is ideal
• Experience with GRC tools, audit evidence management platforms, or vendor risk management solutions is a plus

Responsibilities

• Help with the design, implementation, and continuous improvement of the enterprise data and AI governance framework, including policies, standards, operating procedures, and controls aligned with standard frameworks.
• Help build and maintain a master inventory of critical data elements, data owners, authoritative sources, and data lineage across the organization to determine how it flows through systems, products, and AI models.
• Help build and maintain a Data Loss Prevention program that incorporates AI data.
• Help design a feedback system for AI systems to roll into the vulnerability management process.
• Consume CASB data to manage proper responses and policies.
• Collaborate with cross-functional stakeholders (Engineering, Product, Finance, Operations, etc.) to investigate root causes of any failure to controls and prevent recurrence
• Establish and report on data governance KPIs, quality scorecards, and maturity metrics to tech leadership
• Champion data stewardship across business units by training data owners on governance responsibilities and best practices
• Manage the internal SOC 2 Type II evidence-gathering process end-to-end: coordinate with control owners, collect and organize audit evidence, track remediation items, and liaise with external auditors
• Develop and maintain data security policies and procedures aligned with SOC 2 Trust Services Criteria and organizational risk tolerance
• Own the continuous monitoring program for third-party vendors, including periodic risk assessments, security questionnaire reviews, and contract compliance verification
• Partner with PMO, Infrastructure/Cyber, and vendor management to evaluate new vendors and ensure data protection obligations are clearly defined in agreements
• Monitor regulatory developments and emerging compliance requirements that affect data handling, privacy, and security practices; recommend and implement necessary changes
• Maintain a compliance calendar to ensure all cyclical audit, assessment, and reporting obligations are met on time
• Leverage Microsoft technology stack to support governance and compliance objectives, including but not limited to: Microsoft Purview for data cataloging, classification, lineage, and sensitivity labeling Microsoft 365 Compliance Center for data loss prevention (DLP), retention policies, and information protection Microsoft Cloud Application Security Entra ID for access governance and identity management Power BI for data quality dashboards and governance reporting SharePoint / Teams for policy documentation, collaboration, and evidence management workflows
• Partner with external auditors, MSPs, and software providers to resolve compliance gaps and implement solutions
• Collaborate with internal departments on cross-functional data governance and security initiatives
• Respond promptly to critical data integrity or compliance incidents as needed

Benefits

• Health Insurance
• Dental insurance
• Vision insurance
• Retirement plan 401(k)
• 401(k) matching
• Paid Time Off
• FSA/HSA benefits plans
• Disability benefits
• Voluntary Life Insurance
• Basic Life Insurance