Job Description
Position summary The IT Security Compliance Administrator supports the firm's client security audit process. Responsibilities include: • Leading and standardizing the client audit initiative • Responding to and collecting evidence for client RFIs, RFPs, and RAQs • Conducting both remote and on-site audits • Continuously improving audit and compliance processes • Collaborating with internal IT and non-IT management to understand secure environments • Accurately responding to client security inquiries • Interfacing with clients, their security teams, and attorneys throughout the audit process As a key member of the IT Security Compliance team, this role also leads initiatives including: • ISO 27001 compliance • Penetration testing • Incident response • Vendor risk assessments • Policy management • Vulnerability management • Other compliance-related projects Job duties and responsibilities • Serve as an Information Security Consultant to all departments • Provide guidance on confidentiality, integrity, and availability of data • Assist IT functions in identifying, implementing, and maintaining policies and procedures • Respond to client RFPs, RFIs, RAQs, and security audits regarding compliance with client security policies • Provide periodic reports and metrics using various tools • Monitor compliance with information security policies and refer issues as needed • Collaborate with IT teams to understand systems such as: • Intrusion detection • Application security • Authentication systems • Identity management • Access control • Lead efforts for: • Risk and vulnerability management • Penetration testing • Ongoing security monitoring • Monitor policy compliance activities within IT • Participate in development and implementation of compliance monitoring for client and business relationships • Maintain knowledge of data privacy laws (e.g., GDPR, CCPA) and accreditation standards • Manage and perform information security incident response processes • Assess security risks and develop mitigation plans • Understand administrative, technical, and physical control mechanisms • Develop and maintain relationships with end users and stakeholders • Provide security guidance across all levels of the organization • Serve on special teams and project initiatives, including: • Research • Testing • Rollouts • Upgrades • Installations • Acquisitions/mergers • Perform other duties as assigned Job duties and responsibilities included are not exhaustive and may be supplemented as necessary. Reed Smith reserves the right to revise or modify job duties and responsibilities at any time. Requirements Education: • Bachelor's degree in computer science, Information Security, Business, or Engineering required • Equivalent work experience considered • CISA and/or CISSP certification preferred Experience: • Minimum of three to five years of experience in information systems, including project management • Extensive understanding of hardware and software architectures • Proven experience developing security policies and procedures • Experience implementing internal audit programs and participating in IT audits • Background applying advanced IT security concepts • Experience coordinating information security audits and related projects • Legal or professional services industry experience preferred Skills: • Strong written and verbal communication skills • Ability to communicate effectively with technical and non-technical audiences • Proficiency in conducting audits and analyzing evidence • Ability to interpret and apply regulatory and compliance requirements • Ability to develop and implement security policies and best practices • Strong analytical skills to interpret and present security metrics and data • Proficiency in managing information systems and security tools • Strong prioritization and time management skills • High level of professionalism, discretion, and sound judgment • Proficiency in Microsoft Office Suite and compliance tracking tools • Ability to work independently or as part of a team in a remote or hybrid environment Other Supervisory responsibilities: • None Equipment to be used: • Personal computer • Telephone, calculator, copier, scanner, and other standard office equipment Essential job functions: • Ability to sit or stand for extended periods and perform tasks requiring prolonged computer use • Ability to use computers and digital collaboration tools • Ability to communicate effectively • Ability to analyze complex information while managing multiple priorities • Ability to safeguard confidential and sensitive information • Ability to carry and monitor a 24/7 pager or similar device and respond to critical incidents • Ability to work extended or non-standard hours as needed Working conditions: • Works remotely • May be required to work beyond normal daily schedule • Potential for occasional in-office work The position is remote; however: • Must reside within 1–2 hours of commuting distance from the Pittsburgh office • May require in-office presence for emergencies or special circumstances • Flexibility to work beyond standard hours may be required Pay ranges This represents the presently-anticipated low and high end of Reed Smith's pay range for this position. Actual pay may vary based on various factors, including location and experience. • Pittsburgh: $81,000 - $91,000 Employee benefits overview Our comprehensive benefits package includes: • 401(k) Retirement Plan • Medical Insurance • Health Savings Account (HSA) • Virtual Health Services • Dental Insurance • Vision Insurance • Accident Insurance • Hospital Indemnity Insurance • Critical Illness Insurance • Life Insurance • Short-Term Disability Coverage • Long-Term Disability Coverage • Flexible Spending Accounts (FSA) • Lyra Health Employee Assistance Program (EAP) • Paid Family Leave (for eligible Exempt and Non-Exempt staff) • Transportation Benefit • Back-up Child Care Services • College Coach Program • Pet Insurance • Paid Sick Time (for Exempt staff) • Paid Time Off (available to all full-time, non-temporary employees) Reed Smith offers a challenging work environment, business casual dress code and a total compensation package that includes a competitive salary, flexible benefits program, tuition assistance, and generous 401(k) plan. Reed Smith is an Equal Opportunity Employer with Core Values of Integrity, Excellence, Teamwork & Respect, Innovation, and Impact. Reed Smith also provides reasonable accommodations in accordance with law, including in the application and interview process. Qualified candidates only. No search firms. Remote Skills: Access Control, Accreditation Standards, Administrative Skills, Analysis Skills, Auditing, Best Practices, CISA - Certified Information Systems Auditor, CISSP - Certified Information Systems Security Professional, Calculators, Childcare, Coaching, Communication Skills, Computer Science, Computer Security, Continuous Improvement, Copying Machines, Customer Relations, Data Quality, Dental Insurance, Document Scanners, Establish Priorities, Flexible Spending Accounts, Hardware Architecture, Healthcare, ISO (International Organization for Standardization), Identity Data Management, Incident Response, Information Technology & Information Systems, Information Technology/Systems Audit, Information/Data Security (InfoSec), Insurance, Internal Audit, Interpret Regulations, Intrusion Detection Systems, Legal, Life Insurance, Maintain Compliance, Management of Information Systems/Technology (MIS), Mergers and Acquisitions, Metrics, Microsoft Office, Multitasking, Office Equipment, PC (Personal Computer) Systems, Pager, Penetration Testing, People Management, Policy Development, Policy Implementation, Presentation/Verbal Skills, Privacy Regulations, Procedure Development, Professional Services, Project/Program Management, Regulatory Compliance, Reporting Skills, Request for Proposals (RFP), Risk Analysis, Risk Management, Security Analysis, Security Auditing, Security Compliance, Security Monitoring, Software Architecture, Team Player, Time Management, Work From Home, Writing Skills About the Company: Reed Smith LLP Although Reed Smith works from multiple locations, the firm's lawyers are linked by more than technology. All share a common culture, with Core Values supporting Reed Smith's firm-wide commitment to add value, achieve excellence, and promote professional development. These foster a workplace in which diversity and inclusion, pro bono service and community support are manifest. As the firm continues to grow, it remains sharply attuned to its Core Values, which define its professional character as well as what clients can expect from Reed Smith lawyers, who live these values every day. Company Size: 2,500 to 4,999 employees Industry: Legal Services Founded: 1877 Website: