Security Engineer - Infrastructure

Reed Smith is a dynamic international law firm dedicated to helping clients move their businesses forward. With an inclusive culture and innovative mindset, we deliver smarter, more creative legal services that drive better outcomes for our clients. Our deep industry knowledge, long-standing relationships and collaborative structure make us the go‑to partner for complex disputes, transactions and regulatory matters.

Reed Smith is a dynamic international law firm dedicated to helping clients move their businesses forward. With an inclusive culture and innovative mindset, we deliver smarter, more creative legal services that drive better outcomes for our clients. Our deep industry knowledge, long‑standing relationships and collaborative structure make us the go‑to partner for complex disputes, transactions and regulatory matters.

Our team of 3,000 people (including more than 1,600 lawyers) across more than 30 offices in the United States, Europe, the Middle East and Asia, operate as one global partnership to drive progress for our clients, for ourselves and for our communities.

Under the supervision of the Security Manager, the Security Engineer – Infrastructure is responsible for supporting the security and compliance of the firm’s infrastructure, including networks, servers, workstations, and telecommunications systems. This role works closely with Information Technology teams to ensure all infrastructure components meet firm, industry, and ISO 27001 security standards. The Security Engineer reviews and secures infrastructure, develops risk mitigation strategies, and contributes to enterprise‑wide security projects and initiatives. Responsibilities include serving as a key resource for consulting on security matters, maintaining access controls, and addressing escalations related to security audits, incident response, and internal security concerns. The Security Engineer also participates in the design, implementation, and support of LAN/WAN, remote access, IDS/IPS, PKI, and firewall/unified threat management systems, as well as Identity & Access Management, Endpoint Security Management, Domain Management, and DNS Management. The Security Engineer is also a contributing member of the Cybersecurity Incident Response Team (CIRT).

• Manage and maintain the organization’s Public Key Infrastructure (PKI) systems, ensuring secure encryption, certificate management, and cryptographic key lifecycle processes are in place and operating effectively.
• Implement and oversee encryption solutions to protect data at rest, in transit, and in use across both on‑premises and cloud environments, ensuring compliance with firm and industry security standards.
• Secure cloud environments (including AWS, Azure, and GCP) by ensuring adherence to internal security policies and industry best practices, and assist in the implementation and management of identity management, access control, and data protection within cloud services.
• Collaborate with third‑party vendors to securely integrate external systems into the firm’s infrastructure, ensuring secure communication, interoperability, and compliance with security requirements.
• Deploy, manage, and maintain firewalls, including Firewall‑as‑a‑Service (FWaaS), Unified Threat Management (UTM) solutions, and Secure Web Gateways (SWG), to secure network traffic and enforce firm security policies.
• Implement and manage advanced security technologies such as Cloud Access Security Brokers (CASB), Zero Trust Network Access (ZTNA), and other solutions to strengthen the firm’s security posture.
• Serve as a primary escalation point for security incidents and audits, leading or assisting in the development of mitigation strategies, post‑incident reviews, and compliance reviews to ensure ongoing ISO 27001 adherence.
• Act as an internal consultant to IT teams and departments, providing subject matter expertise on infrastructure security, cloud environments, and endpoint protection.
• Lead reviews of infrastructure security components, recommend improvements, and develop risk mitigation strategies aligned with the firm’s security posture and industry requirements.
• Continuously monitor internal control systems to ensure appropriate access levels and security configurations are maintained across all infrastructure components.
• Analyze daily security events and alerts in the context of firm policies, prioritizing and escalating issues as appropriate to support timely and effective incident response.
• Evaluate security policies and procedures to identify improvement opportunities and ensure alignment with firm standards, industry requirements, and regulatory expectations.
• Provide technical support and administration for LAN/WAN, remote access, IDS/IPS, and unified threat management systems, including troubleshooting, analysis, and the testing and deployment of new hardware and security applications.
• Deploy and manage policies for antivirus and endpoint detection and response agents in collaboration with system owners to ensure effective endpoint security management.
• Manage the availability and security of the firm’s public domains and DNS records, coordinating with relevant stakeholders as required.
• Perform all other duties as assigned.

Job duties and responsibilities included are not exhaustive and may be supplemented as necessary. Reed Smith reserves the right to revise or modify job duties and responsibilities at any time.

Education: Bachelor’s degree in Computer Science, Business, Engineering, or a related field; or equivalent work experience is required. CISSP certification or progress toward CISSP certification is preferred.

• Minimum of five years of experience in information systems, including at least one year of systems project management experience.
• Proven background in applying advanced IT security concepts and extensive understanding of contemporary hardware and software architectures in a multi‑site, mission‑critical environment.
• Experience with the development and implementation of security policies and procedures, security awareness programs, and participation in IT audits preferred.
• Hands‑on experience with operating system security, encryption technologies, forensic analysis, penetration testing, and vulnerability/risk assessment.
• Prior experience in the legal profession or professional services environment preferred but not required.

• Ability to design and implement secure infrastructure solutions aligned with enterprise architecture and industry security standards.
• Proficient in configuring and securing cloud environments (e.g., AWS, Azure, GCP), including identity management, access controls, and encryption.
• Strong project coordination skills, with the ability to support and organize information security audits and related initiatives.
• Proficient in collecting, analyzing, and interpreting complex security‑related data to evaluate risks and system performance.
• Competency in applying and operationalizing security policies, standards, regulatory requirements, and internal control frameworks across technical environments.
• Skilled in identifying infrastructure risks and recommending and supporting mitigation strategies.
• Proven ability to assess and securely integrate third‑party systems and tools into existing infrastructure, ensuring alignment with firm security standards and practices.
• Effective verbal and written communication skills, with the ability to actively listen and interact professionally with internal and external stakeholders.
• Skilled in negotiating issues and resolving problems effectively within complex technical environments.
• Proven ability to manage multiple tasks, prioritize effectively, and meet established timelines while responding to a variety of user needs.
• Able to work independently or on a team, including in a remote or hybrid work environment without continual direct oversight.

Supervisory Responsibilities: None

Equipment To Be Used: Information security management software and hardware; Personal computer and other office equipment such as telephone, calculator, copier, scanner, etc.

• Ability to sit or stand for extended periods and perform tasks requiring prolonged and/or extensive computer use.
• Ability to use computers, telecommunications, and digital collaboration tools to perform core job responsibilities.
• Ability to communicate effectively.
• Ability to maintain attention to detail while analyzing complex information, managing multiple priorities, and applying sound judgment to strategic decisions.
• Ability to provide off‑hours support and coverage, including evenings, weekends, and holidays, to support critical incidents or business needs.
• Ability to adjust working hours as needed to support global operations across multiple time zones.
• Ability to access, use, and safeguard confidential and sensitive information while performing job responsibilities in work environments that support confidentiality, privacy, and information security requirements.

The position is remote; however, the individual must reside within 1–2 hours of commuting distance from the Pittsburgh office. This is to accommodate potential emergencies, special circumstances, or occasional in‑office work requests. While the role primarily follows a regular schedule, there may be instances requiring flexibility to work beyond standard hours, making proximity to the office important.

This represents the presently‑anticipated low and high end of Reed Smith’s pay range for this position. Actual pay may vary based on various factors, including but not limited to location and experience.

• Pittsburgh: $96,000 - $139,000

Actual compensation will depend on experience, skills, and alignment with organizational needs.

• 401(k) Retirement Plan
• Medical Insurance
• Health Savings Account (HSA)
• Virtual Health Services
• Dental Insurance
• Vision Insurance
• Accident Insurance
• Hospital Indemnity Insurance
• Critical Illness Insurance
• Life Insurance
• Short‑Term Disability Coverage
• Long‑Term Disability Coverage
• Flexible Spending Accounts (FSA)
• Lyra Health Employee Assistance Program (EAP)
• Paid Family Leave (for eligible Exempt and Non‑Exempt staff)
• College Savings Plan
• Transportation Benefit
• Back‑up Child Care Services
• College Coach Program
• Pet Insurance
• Paid Sick Time (for Exempt staff)
• Paid Time Off (available to all full‑time, non‑temporary employees)

Reed Smith offers a challenging work environment, business casual dress code and a total compensation package that includes a competitive salary, flexible benefits program, tuition assistance, and generous 401(k) plan.

Reed Smith is an Equal Opportunity Employer with Core Values of Integrity, Excellence, Teamwork & Respect, Innovation, and Impact. Reed Smith also provides reasonable accommodations in accordance with law, including in the application and interview process.

Qualified candidates only. No search firms.