Role Description Baker Botts L.L.P. is seeking a highly skilled Governance, Risk, and Compliance (GRC) Engineer with expertise in Microsoft Purview to provide technical leadership and subject-matter expertise for our firm’s data governance, security, and compliance initiatives. This role will be responsible for designing, implementing, and managing Microsoft Purview solutions and Microsoft 365 security services to ensure data governance, security, and compliance initiatives. This role serves as a trusted advisor to the Office of General Counsel, eDiscovery, IT, and Information Governance stakeholders to protect sensitive data, mitigate risks, and support legal hold and eDiscovery processes. This is a Firmwide, full-time, exempt, remote position resident in our Austin, Dallas, Houston, New York, or Washington DC office with excellent benefits. - Implement, configure, and maintain Microsoft Purview components including Data Map, Unified Catalog, Information Protection, and Compliance Manager. - Design and execute legal hold strategies using Purview’s eDiscovery and retention capabilities. - Develop and enforce data governance policies and procedures. - Conduct regular audits and assessments of data practices and compliance posture. - Generate reports and insights using Power BI and Purview dashboards. - Implement information protection strategies to safeguard sensitive data across Microsoft 365 and Azure environments. - Configure and enforce Data Loss Prevention (DLP) policies to prevent unauthorized data sharing and leakage. - Establish and manage data retention policies to ensure regulatory adherence. - Monitor and manage insider threats and respond to security alerts and incidents. - Develop and implement data classification and labeling strategies. - Continuously assess and improve the security posture of collaboration environments. - Experience with IAM strategies for Microsoft 365 collaboration services. - Familiarity with Entra ID (formerly Azure AD), including service principals, managed identities, and federation. - Enforce access controls and identity governance policies. - Collaborate with legal, IT, and governance teams to align security and compliance goals. - Work with workload administrators and business application owners to implement necessary controls. - Provide training and support to staff on data governance and security best practices. - Maintain detailed documentation of security policies, procedures, and incident responses. Qualifications - Bachelor’s degree in Information Technology, Computer Science, Law, or a related field required. - 5–8 years of experience managing and securing Microsoft 365 environments. - Proven expertise with Microsoft Purview, Entra ID, Exchange Online, SharePoint Online, and Exchange On-Premises. - Strong understanding of legal hold, privacy regulations, and compliance standards. - Experience with Azure Information Protection and data-at-rest encryption (e.g., Thales HSMs). - Proficiency in PowerShell for automation and management tasks. - Familiarity with identity federation and business continuity planning. Requirements - Preferred Certifications: - Microsoft 365 Certified: Fundamentals - Microsoft 365 Certified: Administrator Expert - Microsoft 365 Certified: Information Security Administrator Associate - Certified Information Privacy Professional (CIPP) - Certified Information Governance Professional (IGP) Benefits - Baker Botts is committed to cultivating a culture where our attorneys and staff thrive professionally and personally. - We are proud to offer a comprehensive benefits program designed to support and enhance the overall wellbeing of our employees and their families. - The salary range for this position if filled in New York is $128,000-$140,000 annually, or if filled in Washington, DC is $120,000 - $135,000 annually. The actual compensation will be based on a combination of factors.

Role Description As the Corporate Policy and Compliance Administrator, you will play a critical role in supporting NCCPA’s governance framework by managing and executing the full policy lifecycle, including: - Development - Approval - Implementation - Communication - Ongoing review This position partners with internal stakeholders across the organization to ensure policies and procedures are clear, compliant, and aligned with NCCPA’s strategic goals. Reports To: Senior Manager of Corporate Policy & Compliance Location: NCCPA is a hybrid work environment with our headquarters located in Johns Creek, Georgia. This position is remote, with required travel for mandatory meetings. As a matter of policy, NCCPA restricts remote positions to those in which the employee’s home office location is in a U.S. jurisdiction in the Eastern or Central time zones. How Will You Make a Difference? You will… - Manage and execute the full policy lifecycle, including development, approval, implementation, and ongoing review - Draft, edit, and maintain policies, procedures, job aids, and reference documents - Partner with cross-functional stakeholders to ensure policies align with organizational strategy and compliance standards - Serve as the primary administrator of the policy management system - Track and maintain policy updates in accordance with governance frameworks - Ensure timely review and approval of all policy-related documentation - Monitor and track employee acknowledgments and escalate overdue items as needed - Support change management efforts related to new or updated policies - Assist with onboarding documentation and training for new hires, interns, and internal transitions - Conduct risk assessments and track exceptions to internal policy requests - Provide guidance on policy interpretation and compliance-related matters - Support internal compliance initiatives and special projects as needed Qualifications - A bachelor's degree - A minimum of three years of experience in policy governance and compliance - Proficiency in Microsoft Office suite - Strong writing skills including policy and business writing - Experience managing documentation, processes, and compliance-related workflows - Ability to interpret and apply policies within an organizational framework Requirements - Strong interpersonal and communication skills - Excellent attention to detail and organizational abilities - Critical thinking and problem-solving skills - Ability to manage multiple priorities and meet deadlines - Self-motivated with the ability to work independently - Ability to effectively collaborate with stakeholders at all levels Benefits - Five years of experience in policy governance and compliance - J.D., paralegal certification, or Certified Compliance and Ethics Professional (CCEP) - Experience working in a regulated or compliance-driven environment - Familiarity with policy management systems and governance frameworks Company Description The National Commission on Certification of Physician Assistants (NCCPA) is the only certifying organization for physician assistants in the United States. Established as a not-for-profit organization in 1974, we are dedicated to assuring the public that board certified PAs meet established standards of clinical knowledge and cognitive skills upon entry into practice and throughout their careers.

• Support the company’s transparency reporting activities in accordance with all applicable laws and company policies for Healthcare Providers (HCPs) and Healthcare organizations (HCOs) • Ensure correct reporting for all Transfers of Value (TOV) from the company to the reportable HCPs and support HCP dispute resolutions. • Achieve transparency monthly, quarterly, and annual reporting deadlines with accurately reported data as well as conduct weekly data scrubbing for submission into the reporting system. • Maintain up-to-date knowledge of Sunshine Act transparency reporting requirements to assess general data quality issues that may impact ability to report information to the applicable agencies. • Resource for day-to-day processes related to compliance with Sunshine Act Transparency, analyze and determine the best course of action for each inquiry/problem, while producing timely reports and providing supporting documentation for audits. • Support the implementation of transparency monitoring policies and procedures and training on them. • Provide support in the annual certification process. • Partner with multiple stakeholders throughout the Company (e.g., Legal, Clinical Operations, Medical Affairs, Sales and Marketing, HR, Internal Audit, QA) to manage and enhance an effective corporate compliance program and function and ensure that appropriate compliance policies, procedures, and internal controls are in place. • Develop, maintain and regularly assess key policies and procedures to mitigate identified risks and meet government and healthcare compliance requirements. • Ensure curriculum and training plans align with business needs and regulatory/legal requirements. • Understand relevant laws and regulations in key global markets to ensure that the Company’s policies and business practices align with such laws and regulations. • Assist with monitoring, auditing and enforcement of compliance efforts, including compliance monitoring activities; risk assessments and reviews of compliance risk areas to determine risk exposure; ongoing collaboration with key stakeholders to identify any issues of non-compliance; and summarize and report same to the Chief Compliance Officer or her designee. • Conduct and manage compliance investigations regarding allegations of law or company policy or ethical standards and prepare written reports on the findings of such investigations, as directed by the Chief Compliance Officer or her designee. Assist with the determination and implementation of corrective actions. • Collaborate with the Chief Compliance Officer or her designee and global team to continue to enhance a culture of ethics and compliance. • Serve as a resource and subject matter expert for all healthcare compliance related activities. • Lead on other projects as assigned from time to time. • All other duties as assigned.

• Draft/amend customized comprehensive defined benefit and defined contribution plan documents, summary plan descriptions, summaries of material modifications and other plan related documents and participant communications. • Ensure all plan documents comply with ERISA regulations and other applicable federal laws. • Adhere to document production timelines to ensure efficiency and timely document production. • Organize and maintain plan documents, ensuring they are up-to-date and accessible. • Train and mentor staff on plan document drafting and compliance. • Provide technical guidance regarding plan language and training for the internal team as needed. • Keep abreast of laws and regulations impacting employee benefits, claims procedures, and notice requirements.