Sign upLog in

IT Security Compliance Administrator (Remote in PGH)

Reed Smith LLP

Pittsburgh, PA(remote)

Apply
JOB DETAILS
SALARY
$81,000–$91,000
JOB TYPE
Full-time, Employee
SKILLS
Access Control, Accreditation Standards, Administrative Skills, Analysis Skills, Applications Security, Auditing, Authentication, Best Practices, Childcare, Coaching, Communication Skills, Computer Science, Computer Security, Continuous Improvement, Cross-Functional, Customer Relations, Data Analysis, Data Quality, Decision Support, Dental Insurance, Detail Oriented, Establish Priorities, Flexible Spending Accounts, GSP (Good Safety Practices), Hardware Architecture, Healthcare, ISO (International Organization for Standardization), Identity Data Management, Incident Response, Information Systems/Technology IS/IT Administration, Information Technology & Information Systems, Information Technology/Systems Audit, Information/Data Security (InfoSec), Insurance, Internal Audit, International Operations, Intrusion Detection Systems, Legal, Life Insurance, Maintain Compliance, Management of Information Systems/Technology (MIS), Mergers and Acquisitions, Metrics, Microsoft Office, Multitasking, Operational Support, Operations Processes, Pager, Penetration Testing, People Management, Policy Development, Policy Implementation, Presentation/Verbal Skills, Privacy Controls, Privacy Regulations, Problem Solving Skills, Procedure Development, Process Improvement, Professional Services, Project/Program Management, Regulations, Reporting Skills, Request for Proposals (RFP), Risk Analysis, Risk Management, Security Analysis, Security Attacks, Security Auditing, Security Compliance, Security Monitoring, Service Delivery, Software Architecture, Systems Administration/Management, Telecommunications, Time Management, Work From Home, Writing Skills
LOCATION
Pittsburgh, PA
POSTED
4 days ago

Position summary

The IT Security Compliance Administrator supports the firm's client security audit process. This role leads and standardizes the client audit initiative, responds to and collects evidence for client RFIs, RFPs, RAQs, and conducts both remote and on-site audits while continuously improving existing processes. The IT Security Compliance Administrator collaborates with internal IT and non-IT management to understand the firm's secure environments and accurately respond to client security inquiries. Additionally, this role also interfaces with clients, their security teams, and attorneys throughout the audit process.

As a key member of the IT Security Compliance team, the IT Security Compliance Administrator will also leads initiatives, including ISO 27001 compliance, penetration testing, incident response, vendor risk assessments, policy management, vulnerability management, and other compliance-related projects.

Must reside within approximately 1–2 hours of the Pittsburgh office. See full details in the working conditions section below.

Job duties and responsibilities

  • Serve as an Information Security Consultant to all departments. Provide guidance on the confidentiality, integrity, and availability of data. Assist other IT functions in identifying, implementing, and maintaining information policies and procedures.
  • Respond to client RFPs, RFIs, RAQs, and security audits regarding compliance with client security policies and procedures.
  • Provide periodic reports to appropriate personnel, including metrics using various tools.
  • Monitor compliance with information security policies and procedures, referring issues to the appropriate department manager.
  • Collaborate with various IT teams to understand the requirements for current and new systems such as intrusion detection systems, application security systems, authentication systems, identity management, and access control.
  • Lead efforts to provide baseline, periodic, and ongoing information security risk and vulnerability management and penetration testing.
  • Monitor policy compliance activities within the IT Department.
  • Participate in the development, implementation, and ongoing compliance monitoring of client or business relationships to address data privacy and security concerns, requirements, and responsibilities.
  • Maintain current knowledge of applicable data privacy laws (e.g., GDPR, CCPA, etc.) and accreditation standards, and monitor advancements in information technologies to ensure adoption and compliance.
  • Manage and perform information security incident response processes.
  • Assess security risk factors in protecting organizational assets and data. Identify plans of action to mitigate and address risks.
  • Understand administrative, technical, and physical control mechanisms and their role as compensating controls.
  • Develop and maintain professional relationships with end users to ensure consistent service delivery, clear communication, and effective support for security initiatives.
  • Engage with personnel at all levels of the organization to provide security guidance, address concerns, and promote adherence to policies and best practices.
  • Serve on special teams, work groups, project teams, or escalation teams related to various firmwide IT initiatives, including specific one-time events (e.g., research, testing, rollouts, upgrades, installations, and acquisitions/mergers) or ongoing activities.
  • Perform other duties as assigned.

Job duties and responsibilities included are not exhaustive and may be supplemented as necessary. Reed Smith reserves the right to revise or modify job duties and responsibilities at any time.

Requirements

Education

  • Bachelor's degree in computer science, Information Security, Business or Engineering; or equivalent work experience is required; CISA and/or CISSP certification preferred.

Experience

  • Minimum of three to five years of experience in information systems, including project management experience.
  • Extensive understanding of contemporary hardware and software architectures.
  • Proven track record in developing security policies and procedures.
  • Experience in implementing internal audit programs and participating in IT audits.
  • Background in applying advanced IT Security concepts.
  • Understanding of the legal industry or professional services is preferred.
  • Experience planning and coordinating information security audits and related projects.

Skills

  • Strong written and verbal communication skills, including the ability to convey security-related concepts to both technical and non-technical audiences and work effectively with all levels of firm personnel across cross-functional teams.
  • Proficiency in conducting audits, collecting and analyzing evidence, and implementing risk mitigation strategies.
  • Ability to interpret, apply, and ensure adherence to industry program policies, procedures, regulations, and laws in security compliance processes.
  • Demonstrated capability to develop, articulate, interpret, and implement security policies, guidance, and best practices across teams to support compliance and operational effectiveness.
  • Ability to collect, track, analyze, interpret, and present security metrics and complex data to evaluate security risks, system performance, and support decision-making.
  • Proficiency in managing information systems, understanding system terminology, concepts, and best practices.
  • Strong prioritization and time management skills, with the ability to manage multiple responsibilities, meet established timelines, and facilitate effective resolution of issues in collaboration with stakeholders.
  • High degree of professionalism, discretion, and sound judgment, with the ability to remain calm and responsive in dynamic or sensitive situations.
  • Proficiency in Microsoft Office Suite and security/compliance tracking tools to document and manage security initiatives.
  • Able to work independently or on a team, including in a remote or hybrid work environment with minimal oversight.

Additional information

Supervisory responsibilities

  • None

Equipment used

  • Personal computer and other office equipment such as telephone, calculator, copier, scanner, etc.

Essential job functions

  • Ability to sit or stand for extended periods and perform tasks requiring prolonged and/or extensive computer use.
  • Ability to use computers, telecommunications, and digital collaboration tools to perform core job responsibilities.
  • Ability to engage in effective and professional communication.
  • Ability to analyze complex information while maintaining attention to detail, managing multiple priorities, and exercising sound judgment in decision-making.
  • Ability to access, use, and safeguard confidential and sensitive information while performing job responsibilities in work environments that support confidentiality, privacy, and information security requirements.
  • Ability to carry and monitor a 24/7 pager or similar communication device and respond in a timely manner to critical system incidents, security events, or business-impacting technology issues, including outside of standard business hours.
  • Ability to work extended or non-standard hours, including adjusting work schedules as needed to support project demands and global operations across multiple time zones.

Working conditions

  • Works remotely. Occasionally called upon to work hours in excess of your normal daily schedule. Potential for in-office work requests as needed, so proximity to the office is important.

The position is remote; however, the individual is expected to reside within approximately 1–2 hours of commuting distance from the Pittsburgh office. This is to accommodate potential emergencies, special circumstances, or occasional in-office work requests. While the role primarily follows a regular schedule, there may be instances requiring flexibility to work beyond standard hours, making proximity to the office important.

Pay ranges

This represents the presently anticipated low and high end of Reed Smith's pay range for this position. Actual pay may vary based on various factors, including but not limited to location and experience.

  • Pittsburgh GSP: $81,000 - $91,000

Employee benefits overview

Our comprehensive benefits package includes:

  • 401(k) Retirement Plan
  • Medical Insurance
  • Health Savings Account (HSA)
  • Virtual Health Services
  • Dental Insurance
  • Vision Insurance
  • Accident Insurance
  • Hospital Indemnity Insurance
  • Critical Illness Insurance
  • Life Insurance
  • Short-Term Disability Coverage
  • Long-Term Disability Coverage
  • Flexible Spending Accounts (FSA)
  • Lyra Health Employee Assistance Program (EAP)
  • Paid Family Leave (for eligible Exempt and Non-Exempt staff)
  • Transportation Benefit
  • Back-up Child Care Services
  • College Coach Program
  • Pet Insurance
  • Paid Sick Time (for Exempt staff)
  • Paid Time Off (available to all full-time, non-temporary employees)

Reed Smith offers a challenging work environment, business casual dress code and a total compensation package that includes a competitive salary, flexible benefits program, tuition assistance, and generous 401(k) plan.

Reed Smith is an Equal Opportunity Employer with Core Values of Integrity, Excellence, Teamwork & Respect, Innovation, and Impact. Reed Smith also provides reasonable accommodations in accordance with law, including in the application and interview process.

Qualified candidates only. No search firms.

About the Company

R

Reed Smith LLP