Legal Staff Information Technology in Pittsburgh, PA

Law Firm

Pittsburgh, PA

Legal Staff Information Technology in Pittsburgh, PA

Legal Staff

5-5 yrs required

No

**Job Title: Security Engineer - Infrastructure**

**Job Responsibilities:**
The Security Engineer - Infrastructure, under the supervision of the Security Manager, is tasked with ensuring the security and compliance of the law firm's infrastructure, which includes networks, servers, workstations, and telecommunications systems. Key responsibilities include:
- Supporting the security and compliance of infrastructure components to meet firm, industry, and ISO 27001 security standards.
- Reviewing and securing infrastructure, developing risk mitigation strategies, and contributing to security projects and initiatives.
- Serving as a key resource for consulting on security matters, maintaining access controls, and addressing security audits, incident response, and internal security concerns.
- Participating in the design, implementation, and support of LAN/WAN, remote access, IDS/IPS, PKI, and firewall/unified threat management systems, as well as Identity & Access Management, Endpoint Security Management, Domain Management, and DNS Management.
- Being a contributing member of the Cybersecurity Incident Response Team (CIRT).
- Managing and maintaining the organization’s Public Key Infrastructure (PKI) systems.
- Implementing and overseeing encryption solutions to protect data across on-premises and cloud environments.
- Securing cloud environments and assisting in identity management, access control, and data protection within cloud services.
- Collaborating with third-party vendors to securely integrate external systems into the firm’s infrastructure.
- Deploying, managing, and maintaining firewalls and advanced security technologies.
- Acting as a primary escalation point for security incidents and audits.
- Leading reviews of infrastructure security components and developing risk mitigation strategies.
- Monitoring internal control systems to ensure appropriate access levels and security configurations.
- Analyzing daily security events and alerts, and evaluating security policies and procedures for improvement opportunities.
- Providing technical support and administration for network systems and security applications.
- Deploying and managing policies for antivirus and endpoint detection and response agents.
- Managing the availability and security of the firm’s public domains and DNS records.

**Education and Experience Information:**
- A Bachelor’s degree in Computer Science, Business, Engineering, or a related field; or equivalent work experience is required.
- CISSP certification or progress toward CISSP certification is preferred.
- Minimum of five years of experience in information systems, including at least one year of systems project management experience.
- Proven background in applying advanced IT security concepts and understanding of contemporary hardware and software architectures in a multi-site, mission-critical environment.
- Experience with the development and implementation of security policies and procedures, security awareness programs, and participation in IT audits is preferred.
- Hands-on experience with operating system security, encryption technologies, forensic analysis, penetration testing, and vulnerability/risk assessment.
- Prior experience in the legal profession or professional services environment is preferred but not required.

**Skills:**
- Ability to design and implement secure infrastructure solutions aligned with enterprise architecture and industry security standards.
- Proficient in configuring and securing cloud environments, including identity management and encryption.
- Strong project coordination skills and ability to support and organize information security audits.
- Proficient in analyzing and interpreting complex security-related data.
- Competency in applying and enforcing security policies, standards, and procedures.
- Ability to interpret and operationalize security regulations and compliance requirements.
- Skilled in identifying infrastructure risks and recommending mitigation strategies.
- Proven ability to assess and securely integrate third-party systems into existing infrastructure.
- Skilled in negotiating issues and resolving problems effectively.

**Salary Information:**
The anticipated pay range for this position in Pittsburgh is between $96,000 and $139,000. Actual pay may vary based on various factors, including location and experience.

**Additional Information:**
- The position is remote, but the individual must reside within 1-2 hours of commuting distance from the Pittsburgh office to accommodate potential emergencies, special circumstances, or occasional in-office work requests.
- The role may require flexibility to work beyond standard hours.
- The law firm offers a comprehensive benefits package, including a 401k plan, medical insurance, health savings account, virtual health, dental, vision, accident insurance, and more.
- The law firm is committed to equal employment opportunity and provides reasonable accommodations for persons with disabilities.

**Working Conditions:**
- The role involves extensive computer use and meetings, requiring the ability to sit and/or stand for prolonged periods.
- Proficient use of computers, telecommunication devices, and digital collaboration tools is essential.
- Ability to handle sensitive or confidential information with discretion is required.
- The ability to work independently and manage tasks and deadlines in a remote or hybrid work environment is essential.