Data Governance Manager in London

The Department
Our Technology team continues to go from strength to strength, playing a vital role in firm-wide innovation and strategy. Far from being a support function, Technology is integral to the firm's growth agenda, backed by strong leadership engagement and sustained investment.

The Role
Build a modern, outcome-driven data governance capability that strengthens the firm's resilience and unlocks business value. The Data Governance Manager will operationalize the firm's governance model to embed privacy-by-design, proportionate controls, and clear accountability, improving data quality, enabling responsible innovation, and reducing the firm's data attack surface as part of holistic risk management. This role ensures governance is not just compliance, but a strategic enabler for growth and protection.

Duties and Responsibilities
Establish and maintain data governance roles, responsibilities and structures supported by practical policies, standards and data artefacts. Operationalize DGC priorities via quarterly delivery roadmaps and cadences; co-chair working and strategic meetings as needed. Introduce and maintain enterprise taxonomy, glossary and lineage in Microsoft Purview; ensure certified definitions are adopted in reporting and AI. Deliver an Information Asset Register and put in place processes to govern registered assets and critical data elements. Stand up domain data quality scorecards, remediation workflows and continuous improvement; drive measurable improvements (≥75% compliance for priority domains). Implementation of retention, classification and confidentiality safeguards proportionately across key systems (e.g., iManage/Intapp Walls). Lead privacy by design reviews and coach delivery teams, so governance guardrails enable pace rather than add friction. Publish evidence-based assurance packs for CIO/DGC, escalating unresolved risks and tracking actions to closure. Own the quarterly Operating Model delivery plan for Data Governance; report progress monthly to DGC/CIO with evidence-based metrics. Coordinate with the firm's AI governance mechanisms to embed proportionate controls and provide assurance (e.g., participate in AIRA risk assessments; surface outcomes and escalations to the AI Governance & Risk Committee). Operationalise AI readiness in delivery, ensure classification, retention and confidentiality safeguards are prerequisites for go live; align Purview sensitivity labels and Defender DLP/MDCA controls to approved policy and usage patterns for Copilot/AI tools.

Skills and Experience
Proven experience designing and operationalizing data governance frameworks in complex, regulated environments (experience in legal settings highly desirable). Excellent communication and influencing skills; able to simplify governance concepts and drive adoption across legal and business audiences. Hands-on experience with Microsoft Purview (glossary, lineage, sensitivity labels) and MDM platforms (e.g., Profisee / Intapp Walls). Strong understanding of data quality management (controls, scorecards, remediation) and privacy/retention operations. Experience of process mapping, improvement and automation; comfortable with federated accountability across domains. Hands-on AI/LLM governance execution: able to run AIRA style risk assessments, document decisions and produce assurance packs that leadership can rely on. Microsoft 365 governance literacy: understands Copilot access via M365 ACLs; uses Purview labels for encryption/usage restrictions and coordinates with Defender DLP/MDCA for SaaS/web governance. Methodologies: pragmatic DAMA DMBOK application and familiarity with EDM Council DCAM; able to embed privacy by design and DPIA in delivery cadences. Experience aligning data governance with cyber risk frameworks to reduce the organization's data attack surface. Ability to link governance outcomes to business value and client trust, with measurable KPIs and assurance reporting. Knowledge of GDPR, UK Data Protection Act, and sector-specific compliance obligations. Experience managing governance risks across SaaS platforms and third-party integrations. Outcome focused leader who rationalises and simplifies complex issues and articulates benefits clearly. Flexible and adaptable, comfortable with ambiguity as the business evolves. Collaborative and personable, able to build trust and influence senior stakeholders. Bias for action, designs lightweight governance that enables autonomous delivery.

Qualifications
Degree in Information Management, Computer Science, Data/Information Governance, Law/Compliance or equivalent experience. Optional certifications: IAPP (e.g., CIPP/E, CIPM); DAMA CDMP; familiarity with EDM Council DCAM; relevant Microsoft Purview/Compliance certifications; awareness of ISO 27001/27701.

Please note that this job profile is not an exhaustive list of duties but merely an outline of the key components of the role. You may be required by your line manager to take on additional responsibilities when requested.

About Mishcon de Reya LLP
Mishcon de Reya is an independent law firm, which now employs over 1400 people with more than 650 lawyers offering a wide range of legal services to companies and individuals. The firm has grown rapidly in recent years, showing more than 40% revenue growth in the past five years alone. With presence in London, Oxford, Cambridge, Singapore, Hong Kong and UAE, the firm services an international community of clients and provides advice in situations where the constraints of geography often do not apply. The work the firm undertakes is cross-border, multi-jurisdictional and complex, centred around three increasingly entwined and connected sectors: the Innovation Economy, Private Wealth and Capital, and Real Estate. The firm is known as a disputes powerhouse with a formidable capacity firmwide for dispute resolution. We strive to create a fully diverse and inclusive workplace where all our people are empowered to fulfil their potential. We are proud of our agile working culture and are always happy to talk flexible working.