• Arootah engages a curated network of senior operators to support clients across the alternative investment industry • Advisors are deployed on project-based engagements when client needs match their expertise • Joining the network does not guarantee placement; it provides access to opportunities as they arise

• Own and lead the company’s GRC strategy across SOX, ISO 27001, and GDPR • Design, implement, and maintain SOX control frameworks, including documentation, testing, and audit readiness • Build and manage the Information Security Management System (ISMS) aligned with ISO 27001 • Ensure GDPR compliance across all data processing activities, including data mapping, DPIAs, and privacy controls • Lead internal and external audits, acting as the primary point of contact for auditors • Identify compliance gaps and drive remediation plans with technical and non-technical teams • Develop governance policies, procedures, and risk management frameworks • Partner closely with Engineering and Security teams to embed controls into systems and SDLC processes • Monitor regulatory and compliance changes and translate them into actionable requirements

Role Description Polsinelli is hiring a Governance Risk & Compliance Engineer for any of our offices, with the option to work remotely. However, our preference is for this role to be based in Kansas City. - Participate in activities associated with Polsinelli’s information and data governance programs. - Perform reviews of Outside Counsel Guidelines to ensure that the Firm meets or exceeds client security requirements and completes the appropriate forms documenting the review. - Complete client security questionnaires in a timely manner. - Support the execution of a multi-year roadmap to enhance Polsinelli’s data governance capabilities. - Conduct analysis and advise on information governance topics related to legal and regulatory compliance. - Monitor compliance with data governance policies and standards and assess potential risks associated with data handling. - Collaborate and drive security initiatives, working with people across multiple teams. - Enable the business and other stakeholders to make risk-aware decisions by advising business units and technology leaders of the information security risks and proposing acceptable risk treatment options and alternatives. - Support the information security and data governance program efforts through the collection of performance indicators, metrics, and other evidence and communicating relevant, succinct, and actionable recommendations to leadership. - Proactively maintain a current and working understanding of information and data governance best practices, the practical application of data security governance concepts, relevant information security and technology regulations and industry trends. - Maintain a current and working understanding of relevant information governance and regulations and industry trends, and assist in the development of Polsinelli Data Governance, Information Security and Privacy Policies and the practical application of the Policies. - Manage multiple simultaneous workstreams supporting disparate stakeholders, providing appropriate and timely communication of issues, concerns, risks, and status. - Employees approved for flexible work arrangements are expected to be available and maintain a practice of reliable, consistent attendance always during the employees scheduled work shift including, but not limited to, Zoom, email and voicemail, and by phone. Installation of Zoom on a cell phone is a requirement for the Information Security team. Qualifications - Bachelor’s degree in Management Information Systems (MIS), Computer Science, or a related discipline OR equivalent work experience. - At least 3 years of experience in information security, with a specific focus on information and data governance. - Strong knowledge of risk and controls, including working knowledge of standards and frameworks such as COSO, COBIT, ISO, NIST, and ITIL. - Ability to thrive in an environment of change and manage multiple tasks and responsibilities simultaneously. - Practical experience with information security risk assessments and information security audits. Requirements - Information Governance Professional (IGP) and/or Certified Information Professional (CIP) certifications. - Experience working in the Legal industry. - Industry-recognized certification relevant to information security, such as CISSP, CRISC, SEC+, CISM or applicable certifications/accreditation. - Strong understanding of information security regulatory requirements and best practices. Benefits - Paid time off - Sick time off - Referral program - Medical insurance and benefits - Dental insurance - Vision insurance - Life insurance - AD&D insurance - ID Theft insurance - Long-term disability benefits - Short-term disability benefits - Parking/Transit reimbursement (varies depending on location) - 401(k) benefits - Employee assistance benefits

Compliance & Monitoring Supervisor Location: Topeka, Kansas, United States Full-time Remote Department: Associate Job Description: The Experienced Senior, Compliance & Monitoring supports the Compliance and Monitoring team by performing essential tasks related to the timely analysis, processing, and review of extensive grant compliance documentation required by federal and state regulations. This role provides second‑level compliance review and oversight, ensuring audit-ready program records and adherence to applicable federal regulations. The incumbent reviews and validates data integrity, collaborates with program teams to resolve compliance issues, and communicates regulatory requirements to support consistent implementation. The position delivers technical assistance, prepares compliance reports and presentations, and strengthens capacity‑building efforts by reinforcing internal controls and monitoring practices that support high quality compliance audits. Job Duties: - Assists program and project analysts in planning and conducting internal QA/QC reviews of all programs and functions, and prepares detailed reports - Performs second‑level review of grant compliance documentation to verify completeness, accuracy, and adherence to federal and state regulatory requirements, ensuring audit‑ready records - Contributes to the development and continuous improvement of compliance, monitoring, and internal control processes that support high‑quality grant oversight - Works closely with program teams to resolve identified issues to conclusion - Communicates applicable state and federal regulations to key stakeholders in collaboration with subject matter experts - Collaborates with internal teams, project staff, and consultants to identify and recommend training, technical assistance opportunities, insights, and expertise for policy, compliance, and other relevant training to staff and key stakeholders - Reviews internal and external presentations and reports on an ad hoc, bi-weekly, monthly, and quarterly basis - Provides overall support to capacity-building initiatives, including but not limited to web-based seminars, printed manuals, group sessions, and training videos - Accepts responsibility for accuracy of data entry, accumulation, and maintenance of program records - Supports subject matter expert team with other tasks and efforts as needed - Other duties as required Supervisory Responsibilities: - Provides functional oversight and guidance to Compliance & Monitoring staff and/or program liaisons performing second‑level compliance reviews - Oversees corrective action plans (CAPs) to ensure timely resolution of findings, documenting progress and outcomes in the system of record - Supports onboarding and training of new compliance or program staff by reinforcing regulatory expectations, documentation standards, and internal control practices - Assigns or coordinates compliance review activities and timelines to ensure timely completion of monitoring deliverables - Contributes to performance feedback by identifying strengths, gaps, and training needs related to compliance documentation and monitoring processes; provides feedback to career advisors/line managers on a weekly basis - Promotes a culture of accountability and continuous improvement by modeling high standards for compliance review, documentation, and issue resolution Qualifications, Knowledge, Skills and Abilities: Education: - Bachelor’s degree in Accounting, Business Administration, Finance, or Law from an accredited university, required - Advanced degree in Accounting or Finance, preferred Experience: - Four (4) or more years of professional office experience including finance, accounting, audit, and/or compliance, required - Experience in policy and compliance, emergency management, disaster recovery, mitigation, community planning, federally funded programs, housing, economic development, and/or infrastructure, preferred - Knowledge of federal funded programs, preferred - Knowledge of 2 CFR § 200 Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards, preferred - Knowledge of rural healthcare initiatives, preferred License/Certifications: - N/A Software: - Basic knowledge of Microsoft Office applications (Word, PowerPoint, Outlook, Excel), required - Proficiency in data analysis tools, preferred Language: - N/A Other Knowledge, Skills & Abilities: - Excellent verbal, interpersonal, and written communication skills - Effective data analysis, problem-solving, and decision-making capabilities - Ability to utilize program policies and procedures to quickly solve problems and ensure program compliance - Willingness to ask bold questions to inform policy, welcome feedback, and proactively collaborate with the team - Ability to meet daily and weekly production goals as set by the program - Strong collaboration skills and ability to work in a fast-paced environment - Self-starter dedicated to providing quality work in a timely manner - Ability to work in remote, office, or BDO offices as required - Ability to sit for prolonged periods and lift up to 15 pounds at times - Ability to travel to client meetings as requested Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.