IT Security Compliance Administrator - (Remote in Pittsburgh)

US Job Description Firm Information Reed Smith is a dynamic international law firm dedicated to helping clients move their businesses forward.

With an inclusive culture and innovative mindset, we deliver smarter, more creative legal services that drive better outcomes for our clients.

Our deep industry knowledge, long-standing relationships and collaborative structure make us the go-to partner for complex disputes, transactions and regulatory matters.

Our team of 3,000 people (including more than 1,600 lawyers) across more than 30 offices in the United States, Europe, the Middle East and Asia, operate as one global partnership to drive progress for our clients, for ourselves and for our communities.

Position Summary Under the supervision of the IT Security Compliance Manager, the IT Security Compliance Administrator is responsible for supporting the Firm's client security audit process.

This role involves leading and standardizing the client audit initiative, responding to and collecting evidence for client RFIs, RFPs, RAQs, and conducting both remote and on-site audits while continuously improving existing processes.

The IT Security Compliance Administrator will collaborate with internal IT and non-IT management to understand the Firm's secure environments and accurately respond to client security inquiries.

Additionally, this role requires interfacing with clients, their security teams, and attorneys during the audit process.

Strong communication and presentation skills are essential.

As a key member of the IT Security Compliance team, the IT Security Compliance Administrator will also lead various other initiatives, including ISO 27001 compliance, penetration testing, incident response, vendor risk assessments, policy management, vulnerability management, and other compliance-related projects.

Job Duties and Responsibilities Serve as an Information Security Consultant to all departments.

Provide guidance on the confidentiality, integrity, and availability of data.

Assist other IT functions in identifying, implementing, and maintaining information policies and procedures.

Respond to client RFPs, RFIs, RAQs, and security audits regarding compliance with client security policies and procedures.

Provide periodic reports to appropriate personnel, including metrics using various tools.

Monitor compliance with information security policies and procedures, referring issues to the appropriate department manager.

Collaborate with various IT teams to understand the requirements for current and new systems such as intrusion detection systems, application security systems, authentication systems, identity management, and access control.

Lead efforts to provide baseline, periodic, and ongoing information security risk and vulnerability management and penetration testing.

Monitor policy compliance activities within the IT Department.

Participate in the development, implementation, and ongoing compliance monitoring of client or business relationships to address data privacy and security concerns, requirements, and responsibilities.

Maintain current knowledge of applicable data privacy laws (e.g., GDPR, CCPA, etc.) and accreditation standards, and monitor advancements in information technologies to ensure adoption and compliance.

Manage and perform information security incident response processes and coordinate forensic investigation activities.

Assess security risk factors in protecting organizational assets and data.

Identify plans of action to mitigate and address risks.

Understand administrative, technical, and physical control mechanisms and their role as compensating controls.

Develop and maintain professional relationships with end users to ensure consistent service delivery, clear communication, and effective support for security initiatives.

Engage with personnel at all levels of the organization to provide security guidance, address concerns, and promote adherence to policies and best practices.

Serve on special teams, work groups, project teams, or escalation teams related to various firmwide IT initiatives, including specific one-time events (e.g., research, testing, rollouts, upgrades, installations, and acquisitions/mergers) or ongoing activities.

Perform all other duties as assigned.

Job duties and responsibilities included are not exhaustive and may be supplemented as necessary.

Reed Smith reserves the right to revise or modify job duties and responsibilities at any time.

Requirements Education: Bachelor's degree in computer science, Information Security, Business or Engineering; or equivalent work experience is required; CISA and/or CISSP certification preferred.

Experience: Minimum of three to five years of experience in information systems, including project management experience.

Extensive understanding of contemporary hardware and software architectures.

Proven track record in developing security policies and procedures.

Experience in implementing awareness programs and participating in IT audits.

Background in applying advanced IT Security concepts.

Understanding of the legal industry or professional services is preferred but not required.

Skills: Cross-function Communication: Ability to communicate security-related concepts effectively to both technical and non-technical staff.

Collaboration and Teamwork: Skilled in working across departments and with cross-functional teams to support security initiatives.

Auditing and Risk Mitigation: Proficiency in conducting audits, collecting and analyzing evidence, and implementing risk mitigation strategies.

Metric Reporting: Ability to track, analyze, and present periodic security metrics to stakeholders for decision-making.

Security Policy & Best Practices Implementation: Ability to develop, articulate, interpret, and implement security policies, guidance, and best practices across teams to ensure compliance and operational effectiveness.

Information Systems Management: Proficiency in managing information systems, understanding system terminology, concepts, and best practices.

Regulatory Compliance Application: Ability to interpret, apply, and ensure adherence to industry program policies, procedures, regulations, and laws in security compliance processes.

Data Analysis and Evaluation: Skill in collecting, analyzing, and interpreting complex data to evaluate security risks and system performance.

Audit Planning and Project Management: Expertise in planning and managing information security audits and security-related projects.

Independent Work and Judgement: Strong decision-making skills, with the ability to exercise independent judgment and discretion in security operations.

Problem Resolution and Negotiation: Skilled in negotiating issues and effectively resolving problems.

Technical Proficiency: Proficiency in Microsoft Office Suite and security/compliance tracking tools to document and manage security initiatives.

Other Supervisory Responsibilities: None Equipment To Be Used: Personal computer and other office equipment such as telephone, calculator, fax, machine, copier, scanner, etc.

Essential Job Functions: Ability to sit and/or stand for prolonged periods, as the role involves extensive computer use and meetings.

Intense eye usage and finger, hand, and wrist dexterity associated with prolonged computer use, including typing and using a mouse.

Proficiently use computers, telecommunication devices, and other digital collaboration tools.

Accurately read and interpret written documents, computer screens, and other visual displays to assess compliance requirements, review security documentation, and prepare audit responses.

Have sufficient visual acuity to perform these activities.

Ability to hear and understand verbal communication, including conversations, instructions, phone and video calls, to facilitate effective collaboration and coordination with team members and stakeholders.

Communicate effectively, both orally and in writing, with internal teams and stakeholders to support security compliance efforts, respond to inquiries, and ensure alignment with firm security policies and procedures.

Exercise independent judgment and discretion in decision-making, adapting to changing work situations to support security compliance efforts and respond to evolving cybersecurity requirements.

Ability to sustain mental effort and concentration for extended periods, analyzing complex situations and making informed decisions.

Ability to regulate emotions and manage stress effectively to maintain focus, decision-making, and composure in high-pressure or fast-paced work environments.

Ability to work independently, managing tasks and deadlines in a remote or hybrid work environment without direct oversight.

Ability to interact professionally with colleagues, stakeholders, and clients, maintaining positive working relationships.

Ability to adapt to evolving priorities, unexpected challenges, and ambiguity while maintaining resilience in a fast-paced environment.

Requires strong cognitive flexibility and problem-solving skills to assess situations and determine appropriate actions.

Ability to handle sensitive or confidential security-related information with discretion, ensuring compliance with firm policies and regulatory requirements.

Working Conditions: Works remotely.

Occasionally called upon to work hours in excess of your normal daily schedule.

Potential for in-office work requests as needed, so proximity to the office is important.

Pay Ranges: This represents the presently-anticipated low and high end of Reed Smith’s pay range for this position.

Actual pay may vary based on various factors, including but not limited to location and experience.

Pittsburgh: $78,000 - $90,000 Benefits Package Overview: 401k Plan Medical Health Savings Account Virtual Health Dental Vision Accident Insurance Hospital Indemnity Critical Illness Insurance Life Insurance Short-Term Disability Long-Term Disability Flexible Spending Accounts Lyra Health Employee Assistance Program (EAP) Paid Family Leave (for eligible Exempt and Non-Exempt Staff) College Savings Plan Transportation Benefit Back-up Child Care College Coach Pet Insurance Paid Sick Time Paid Time Off Reed Smith offers a challenging work environment, business casual dress code and a total compensation package that includes a competitive salary, flexible benefits program, tuition assistance, and generous 401 (k) plan.

Reed Smith is an Equal Opportunity Employer.

Reed Smith's success depends heavily on the effective utilization of qualified people, regardless of their race, ancestry, religion, color, sex, age, national origin, sexual orientation, gender identity and/or expression, disability, veteran's status, or any characteristic protected by law.

As a firm, we adhere to and promote equal employment opportunity for all.

Reed Smith provides reasonable accommodations for persons with disabilities, including in the application and interview process.

Qualified candidates only.

No search firms.