US Job Description
Firm Information
Reed Smith is a dynamic international law firm dedicated to helping clients move their businesses forward. With an inclusive culture and innovative mindset, we deliver smarter, more creative legal services that drive better outcomes for our clients. Our deep industry knowledge, long-standing relationships and collaborative structure make us the go-to partner for complex disputes, transactions and regulatory matters.
Our team of 3,000 people (including more than 1,600 lawyers) across more than 30 offices in the United States, Europe, the Middle East and Asia, operate as one global partnership to drive progress for our clients, for ourselves and for our communities.
Position Summary
Under the supervision of the Security Manager, the Security Engineer will specialize in all aspects of information security and work closely with various Information Technology teams to ensure the infrastructure-encompassing networks, servers, workstations and telecommunications systems-meets stringent security and compliance standards as set by thefirm, industry, and ISO 27001 requirements. The Security Engineer will play a key role in reviewing and securing infrastructure components, developing risk mitigation strategies, and contributing to enterprise-wide security projects. This position will also serve as a key resource for consulting on security matters, ensuring access controls are properly maintained, and addressing escalations related to security audits, incident responses, and internal security concerns.
The Security Engineer will function as an internal consultant and resource to others in the department as it relates to security of infrastructures, endpoints, and cloud environments. The position will analyze and prioritize daily security events in context and in line with security policies and serve as a primary escalation point for security incident response events as well as information security concerns or questions. The Security Engineer will perform periodic technical and non-technical evaluation, based upon existing Reed Smith security policies and procedures and establish the extent to which an entity's security policies and procedures meet the necessary minimum requirements. The Security Engineer is a member of the Cybersecurity Incident Response Team (CIRT).
The position will also assist with design, functionality, implementation and ongoing support of LAN/WAN, remote access, IDS/IPS, PKI, and firewall/unified threat management systems/tools/devices throughout the global enterprise. The Security Aanalyst will also participate in Identity & Access Management, Endpoint Security Management, Domain Management, and DNS Management. This may include system administration, troubleshooting, analysis, testing, research, training, problem solving, technical support, development, and testing/deployment of new applications, hardware, and systems.
Job Duties and Responsibilities
- Public Key Infrastructure (PKI) - Manage and maintain the organization's PKI systems, ensuring secure encryption, certificate management, and cryptographic key lifecycles.
- Encryption - Implement and manage encryption solutions to protect data at rest, in transit, and in u, across on-premises and cloud environments.
- Cloud Security - Secure cloud environments (AWS, Azure, GCP), ensuring compliance with internal security policies and industry best practices. Assist in securing identity management, access control, and data protection in cloud services.
- Vendor System Integration - Collaborate with third-party vendors to securely integrate their systems into the organization's infrastructure, maintaining secure communication and interoperability.
- Firewall and Unified Threat Management (UTM) - Deploy, manage, and maintain firewalls, including Firewall-as-a-Service (FWaaS), Unified Threat Management (UTM) solutions, and Secure Web Gateways (SWG) to secure network traffic and enforce security policies.
- Advanced Security Solutions - Implement and manage Cloud Access Security Brokers (CASB), Zero Trust Network Access (ZTNA), and other advanced security technologies to enhance the organization's defense strategy.
- Security Audits & Incident Response - Act as a primary escalation point for security incidents and audits, leading or assisting in the development of mitigation strategies and post-incident reviews. Assist with compliance reviews to ensure continued ISO 27001 adherence.
- Internal Consulting - Function as an internal consultant to IT teams and departments, providing expertise on infrastructure security, cloud environments, and endpoint protection.
- Risk Mitigation and Strategy - Lead reviews of infrastructure security components, recommend improvements, and develop risk mitigation strategies aligned with the organization's security posture and industry requirements.
- Monitoring and Access Control - Continuously monitor internal control systems to ensure appropriate access levels and security configurations are maintained across all infrastructure components.
- System Support and Administration - Provide technical support for LAN/WAN, remote access, IDS/IPS, and unified threat management systems, including administration, troubleshooting, analysis, and the testing/deployment of new hardware and security applications.
- Endpoint Security Management - Deploy and manage policy for antivirus and endpoint detection & response agents in collaboration with system owners.
- Domain and DNS Management - Manage availability and security of the firm's public domains and DNS records as required by other stakeholders.
- Other duties as assigned.
Job duties and responsibilities included are not exhaustive and may be supplemented as necessary. Reed Smith reserves the right to revise or modify job duties and responsibilities at any time.
Requirements
Education: Bachelor's degree in Computer Science, Business or Engineering; or equivalent work experience is required; CISSP certification or working toward CISSP certification desired.
Experience: Minimum of five years information systems experience, including at least one year of systems project management experience. Experience with security policies and procedures, awareness programs and IT audits preferred. Background in applying advanced IT security concepts and extensive understanding of contemporary hardware and software architectures in a multi-site mission critical environment. Background or experience with the legal professions a plus.
Must have understanding and working knowledge of operating system security, encryption technologies, forensics analysis, penetration testing and vulnerability/risk assessment.
Skills: Must be an intelligent, articulate, and persuasive leader who can serve as an effective member of the team and who is able to communicate security-related concepts to a broad range of technical and non-technical staff. Should have experience with disaster recovery and business continuity and risk management. Must have a solid understanding of information technology and information security policies and procedures. Knowledge of management information systems terminology, concepts, and practices. Knowledge of industry program policies, procedures, regulations, and laws. Skill in collecting and analyzing complex data, evaluating information and systems, and drawing logical conclusions. Skill in information security audit planning and project management, and in maintaining composure under pressure while meeting multiple deadlines. Ability to work independently under general supervision with considerable latitude for initiative and independent judgment. Skill in negotiating issues and resolving problems.
Other
Supervisory Responsibilities: None.
Equipment To Be Used: Information security management software and hardware ; Personal computer and other office equipment such as telephone, calculator, copier, scanner, etc.
Essential Job Functions:
- Manual dexterity sufficient to operate standard office machines.
- Communicate with various personalities at all levels.
- Capacity to organize and prioritize workload and remain flexible in an environment of changing priorities while staying calm under pressure.
- Ability to grasp and apply new ideas.
- Make judgment decisions and adapt to changing work situations.
- Able to respond to changing priorities and in high-pressure situations.
Working Conditions: Works remotely. Occasionally called upon to work hours in excess of your normal daily schedule. Potential for in-office work requests as needed, so proximity to the office is important.
Benefits Package Overview:
- 401k Plan
- Medical
- Health Savings Account
- Virtual Health
- Dental
- Vision
- Accident
- Hospital indemnity
- Critical illness
- Life insurance
- Short term disability
- Long term disability
- Flexible Spending Accounts
- Lyra Health EAP
- Paid Family Leave
- College Savings Plan
- Transportation benefit
- Back-up Child Care
- College Coach
- Pet insurance
- Paid sick time
- Vacation time
Reed Smith offers a challenging work environment, business casual dress code and a total compensation package that includes a competitive salary, flexible benefits program, tuition assistance, and generous 401 (k) plan.
Reed Smith is an Equal Opportunity Employer. Reed Smith's success depends heavily on the effective utilization of qualified people, regardless of their race, ancestry, religion, color, sex, age, national origin, sexual orientation, gender identity and/or expression, disability, veteran's status, or any characteristic protected by law. As a firm, we adhere to and promote equal employment opportunity for all.
Reed Smith provides reasonable accommodations for persons with disabilities, including in the application and interview process.
Qualified candidates only. No search firms.