[Remote] Security Engineer - Infrastructure - (Remote in Pittsburgh)

Note: The job is a remote job and is open to candidates in USA. Reed Smith LLP is a dynamic international law firm dedicated to delivering innovative legal services. They are seeking a Security Engineer - Infrastructure who will support the security and compliance of the firm’s infrastructure, working closely with IT teams to ensure adherence to security standards and manage security incidents.

Responsibilities

• Manage and maintain the organization’s Public Key Infrastructure (PKI) systems, ensuring secure encryption, certificate management, and cryptographic key lifecycle processes are in place and operating effectively
• Implement and oversee encryption solutions to protect data at rest, in transit, and in use across both on-premises and cloud environments, ensuring compliance with firm and industry security standards
• Secure cloud environments (including AWS, Azure, and GCP) by ensuring adherence to internal security policies and industry best practices, and assist in the implementation and management of identity management, access control, and data protection within cloud services
• Collaborate with third-party vendors to securely integrate external systems into the firm’s infrastructure, ensuring secure communication, interoperability, and compliance with security requirements
• Deploy, manage, and maintain firewalls, including Firewall-as-a-Service (FWaaS), Unified Threat Management (UTM) solutions, and Secure Web Gateways (SWG), to secure network traffic and enforce firm security policies
• Implement and manage advanced security technologies such as Cloud Access Security Brokers (CASB), Zero Trust Network Access (ZTNA), and other solutions to strengthen the firm’s security posture
• Serve as a primary escalation point for security incidents and audits, leading or assisting in the development of mitigation strategies, post-incident reviews, and compliance reviews to ensure ongoing ISO 27001 adherence
• Act as an internal consultant to IT teams and departments, providing subject matter expertise on infrastructure security, cloud environments, and endpoint protection
• Lead reviews of infrastructure security components, recommend improvements, and develop risk mitigation strategies aligned with the firm’s security posture and industry requirements
• Continuously monitor internal control systems to ensure appropriate access levels and security configurations are maintained across all infrastructure components
• Analyze daily security events and alerts in the context of firm policies, prioritizing and escalating issues as appropriate to support timely and effective incident response
• Evaluate security policies and procedures to identify improvement opportunities and ensure alignment with firm standards, industry requirements, and regulatory expectations
• Provide technical support and administration for LAN/WAN, remote access, IDS/IPS, and unified threat management systems, including troubleshooting, analysis, and the testing and deployment of new hardware and security applications
• Deploy and manage policies for antivirus and endpoint detection and response agents in collaboration with system owners to ensure effective endpoint security management
• Manage the availability and security of the firm’s public domains and DNS records, coordinating with relevant stakeholders as required
• Perform all other duties as assigned

Skills

• Bachelor's degree in Computer Science, Business, Engineering, or a related field; or equivalent work experience is required
• Minimum of five years of experience in information systems, including at least one year of systems project management experience
• Proven background in applying advanced IT security concepts and extensive understanding of contemporary hardware and software architectures in a multi-site, mission-critical environment
• Experience with the development and implementation of security policies and procedures, security awareness programs, and participation in IT audits
• Hands-on experience with operating system security, encryption technologies, forensic analysis, penetration testing, and vulnerability/risk assessment
• Ability to design and implement secure infrastructure solutions aligned with enterprise architecture and industry security standards
• Proficient in configuring and securing cloud environments (e.g., AWS, Azure, GCP), including identity management, access controls, and encryption
• Strong project coordination skills, with the ability to support and organize information security audits and related initiatives
• Proficient in collecting, analyzing, and interpreting complex security-related data to evaluate risks and system performance
• Competency in applying and operationalizing security policies, standards, regulatory requirements, and internal control frameworks across technical environments
• Skilled in identifying infrastructure risks and recommending and supporting mitigation strategies
• Proven ability to assess and securely integrate

Apply tot his job Apply To this Job