1-888-PIVOT-POINT | 1-888-748-6876
turn
Select Page
GDPR & Privacy Shield - What They Mean for Your Business

Employment Opportunities

Do you thrive in a dynamic environment? Do you like challenges? Do you believe work and fun are not mutually exclusive?

Then maybe, you’re the one we’re looking for. We need team players who are smart and creative, who love IT assurance and who want to grow with a growing company: who are as comfortable talking with senior management about Information Security Management Systems and attestation strategies as they are with a developer or sysadmin about TLSv1.2.

Current Positions Available

At Pivot Point Security, we’re not necessarily looking for certifications and years of expertise. We are willing to train the right person. We’re looking for candidates who are highly intelligent, eager to learn, and cut from the finest moral fiber. While we are less concerned with skills and qualifications we will not compromise on your ability to deliver superior results.

Click here for more information on working at Pivot Point Security, or apply to a position below.

GRC Consultant (Atlanta, GA Area)

Do you thrive in a dynamic environment? Do you like challenges? Do you believe work and fun are not mutually exclusive?

Then maybe, you’re the one we’re looking for. We need team players who are smart and creative, who love IT assurance and who want to grow with a growing company: who are as comfortable talking with senior management about Information Security Management Systems and attestation strategies as they are with a developer or sysadmin about TLSv1.2.

We are looking for the “right” person to join our team as a GRC (Governance, Risk Management and Compliance) Consultant to work in a collaborative fashion with our clients to help them manage Information Security & compliance risk as well as prove the same to management and customers. In this role, you will spend 10 – 35% of your time at client sites and the rest of your time working from wherever you work most effectively. We will provide training/certification for the right person.

Click here to apply now

We expect this person will:

  • Meet/exceed defined contribution goals for services you will deliver.
  • Achieve target Net Promoter Scores for your service by managing client relationships.
  • Ensure 100% certification success rate on ISMS projects.
  • Earn and gain the trust and respect of the PPS team.

The right person HAS the following characteristics (these are “non-negotiable”):

  • Personal integrity, a highly transparent nature, and a mindset of “mutual benefit”.
  • Thrives on and is worthy of self-managing the projects they are responsible for (micro-management is a four-letter word at PPS).
  • Has very high “Self-Expectation” (self-motivated, self-aware, self –disciplined, self-improving, and self-governed). You hold yourself to a higher standard than others do.
  • Enjoys work and life, values a balance, and is looking for a company that shares those ideals (understands that you do not get a second chance to see your child’s first school play and that it does not matter if the report gets done at 3 PM or 10 PM, if it gets done).
  • Highly consultative and collaborative nature; someone who enjoys helping others achieve ambitious business and information assurance goals.
  • Effectively and proactively communicates in writing/speech both internally/externally from the server room to the boardroom.
  • The ability to “work from anywhere” as this role is remote/virtual in nature.
  • A good sense of humor and the ability to laugh at themselves.

The right person usually has the following experience (these are somewhat negotiable):

  • Enough Information Technology and Information Security experience to contextualize and make their recommendations relevant and valuable.
  • Experience and knowledge with Governance, Risk Management and Compliance
  • Significant knowledge of ISO 27001/2 and its derivatives (e.g., HITRUST, Shared Assessment) as much of our consulting and collaboration is around an ISO 27001 Information Security Management System.
  • Solid knowledge of the NIST 800-171/FISMA framework and is derivatives (e.g., Fed RAMP, CMS Information Security Program) as many of our clients serve government customers.
  • Experience working in a highly consultative manner (e.g., in a consulting firm, or across business units/functions).

The right person often has the following attributes (these are negotiable):

  • Experience in and/or a desire to contribute to PPS’s Network & Application Security practice areas (e.g., architecture/configuration reviews, Vulnerability Assessments, Penetration Tests, targeted gap assessments, Source Code Reviews).
  • Experience with the myriad of regulatory compliance frameworks our client base is subject to (e.g., HIPAA, PII, PCI-DSS, SOX, STARS, NERC-CIP).
  • Certifications that demonstrate to our clients our commitment to excellence in our craft (e.g., ISO 27001 Lead Implementer, CISA, CISSP, ISO 27001 Lead Auditor, MCSE, CEH, OSCP).
  • Familiarity with related standards (e.g., SSAE-16 SOC1, SOC2, ISO-22301, ISO-9001).

Click here to apply now

About Pivot Point Security

We’re a small, but growing, company. So, we do our best to keep the right people at PPS (most of our team has been together for 6+ years) by aspiring to:

  • A high-performance work environment with extremely passionate, driven and experienced technical professionals. At Pivot Point Security, you will find colleagues you can respect and learn from.
  • A management system where all employees participate in establishing the company’s goals/initiatives and have ready visibility into the company’s performance. We’re working hard to create processes and metrics to measure our, *and your) success.
  • An environment where relationships are important, internally and externally. We provide the highest levels of customer service and strive to always exceed our clients’ expectations.
  • A competitive salary (more than most) with a F100 level benefits package (e.g., medical, dental, vision, HCFSA, 401K w/ company match, 529 College Savings, Adoption Assistance, vacation and personal days).
  • Providing individuals, the opportunity to develop by giving them the resources required, surrounding them with great colleagues, and allowing them to take on new/big challenges.

As a Company, We:

  1. Tell the Truth (Honesty is almost always the best policy)
  2. Do The Right Thing (Keep commitments, over-communicate, be transparent, confident, worthy of/thrive on freedom)
  3. Smile (Life is too short not to … likeability is nearly as important as competence)
  4. Seek “Win-Win” (Think cooperative, not competitive – seek mutual benefit in all interactions)
  5. Consult (Every situation is unique; listen, understand, educate, and express a clear opinion)
  6. Simplify (Less is more …)
  7. Are Customer Focused
GRC Consultant (Austin, TX Area)

Do you thrive in a dynamic environment? Do you like challenges? Do you believe work and fun are not mutually exclusive?

Then maybe, you’re the one we’re looking for. We need team players who are smart and creative, who love IT assurance and who want to grow with a growing company: who are as comfortable talking with senior management about Information Security Management Systems and attestation strategies as they are with a developer or sysadmin about TLSv1.2.

We are looking for the “right” person to join our team as a GRC (Governance, Risk Management and Compliance) Consultant to work in a collaborative fashion with our clients to help them manage Information Security & compliance risk as well as prove the same to management and customers. In this role, you will spend 10 – 35% of your time at client sites and the rest of your time working from wherever you work most effectively. We will provide training/certification for the right person.

Click here to apply now

We expect this person will:

  • Meet/exceed defined contribution goals for services you will deliver.
  • Achieve target Net Promoter Scores for your service by managing client relationships.
  • Ensure 100% certification success rate on ISMS projects.
  • Earn and gain the trust and respect of the PPS team.

The right person HAS the following characteristics (these are “non-negotiable”):

  • Personal integrity, a highly transparent nature, and a mindset of “mutual benefit”.
  • Thrives on and is worthy of self-managing the projects they are responsible for (micro-management is a four-letter word at PPS).
  • Has very high “Self-Expectation” (self-motivated, self-aware, self –disciplined, self-improving, and self-governed). You hold yourself to a higher standard than others do.
  • Enjoys work and life, values a balance, and is looking for a company that shares those ideals (understands that you do not get a second chance to see your child’s first school play and that it does not matter if the report gets done at 3 PM or 10 PM, if it gets done).
  • Highly consultative and collaborative nature; someone who enjoys helping others achieve ambitious business and information assurance goals.
  • Effectively and proactively communicates in writing/speech both internally/externally from the server room to the boardroom.
  • The ability to “work from anywhere” as this role is remote/virtual in nature.
  • A good sense of humor and the ability to laugh at themselves.

The right person usually has the following experience (these are somewhat negotiable):

  • Enough Information Technology and Information Security experience to contextualize and make their recommendations relevant and valuable.
  • Experience and knowledge with Governance, Risk Management and Compliance
  • Significant knowledge of ISO 27001/2 and its derivatives (e.g., HITRUST, Shared Assessment) as much of our consulting and collaboration is around an ISO 27001 Information Security Management System.
  • Solid knowledge of the NIST 800-171/FISMA framework and is derivatives (e.g., Fed RAMP, CMS Information Security Program) as many of our clients serve government customers.
  • Experience working in a highly consultative manner (e.g., in a consulting firm, or across business units/functions).

The right person often has the following attributes (these are negotiable):

  • Experience in and/or a desire to contribute to PPS’s Network & Application Security practice areas (e.g., architecture/configuration reviews, Vulnerability Assessments, Penetration Tests, targeted gap assessments, Source Code Reviews).
  • Experience with the myriad of regulatory compliance frameworks our client base is subject to (e.g., HIPAA, PII, PCI-DSS, SOX, STARS, NERC-CIP).
  • Certifications that demonstrate to our clients our commitment to excellence in our craft (e.g., ISO 27001 Lead Implementer, CISA, CISSP, ISO 27001 Lead Auditor, MCSE, CEH, OSCP).
  • Familiarity with related standards (e.g., SSAE-16 SOC1, SOC2, ISO-22301, ISO-9001).

Click here to apply now

About Pivot Point Security

We’re a small, but growing, company. So, we do our best to keep the right people at PPS (most of our team has been together for 6+ years) by aspiring to:

  • A high-performance work environment with extremely passionate, driven and experienced technical professionals. At Pivot Point Security, you will find colleagues you can respect and learn from.
  • A management system where all employees participate in establishing the company’s goals/initiatives and have ready visibility into the company’s performance. We’re working hard to create processes and metrics to measure our, *and your) success.
  • An environment where relationships are important, internally and externally. We provide the highest levels of customer service and strive to always exceed our clients’ expectations.
  • A competitive salary (more than most) with a F100 level benefits package (e.g., medical, dental, vision, HCFSA, 401K w/ company match, 529 College Savings, Adoption Assistance, vacation and personal days).
  • Providing individuals, the opportunity to develop by giving them the resources required, surrounding them with great colleagues, and allowing them to take on new/big challenges.

As a Company, We:

  1. Tell the Truth (Honesty is almost always the best policy)
  2. Do The Right Thing (Keep commitments, over-communicate, be transparent, confident, worthy of/thrive on freedom)
  3. Smile (Life is too short not to … likeability is nearly as important as competence)
  4. Seek “Win-Win” (Think cooperative, not competitive – seek mutual benefit in all interactions)
  5. Consult (Every situation is unique; listen, understand, educate, and express a clear opinion)
  6. Simplify (Less is more …)
  7. Are Customer Focused
GRC Consultant (San Francisco, CA Area)

Do you thrive in a dynamic environment? Do you like challenges? Do you believe work and fun are not mutually exclusive?

Then maybe, you’re the one we’re looking for. We need team players who are smart and creative, who love IT assurance and who want to grow with a growing company: who are as comfortable talking with senior management about Information Security Management Systems and attestation strategies as they are with a developer or sysadmin about TLSv1.2.

We are looking for the “right” person to join our team as a GRC (Governance, Risk Management and Compliance) Consultant to work in a collaborative fashion with our clients to help them manage Information Security & compliance risk as well as prove the same to management and customers. In this role, you will spend 10 – 35% of your time at client sites and the rest of your time working from wherever you work most effectively. We will provide training/certification for the right person.

Click here to apply now

We expect this person will:

  • Meet/exceed defined contribution goals for services you will deliver.
  • Achieve target Net Promoter Scores for your service by managing client relationships.
  • Ensure 100% certification success rate on ISMS projects.
  • Earn and gain the trust and respect of the PPS team.

The right person HAS the following characteristics (these are “non-negotiable”):

  • Personal integrity, a highly transparent nature, and a mindset of “mutual benefit”.
  • Thrives on and is worthy of self-managing the projects they are responsible for (micro-management is a four-letter word at PPS).
  • Has very high “Self-Expectation” (self-motivated, self-aware, self –disciplined, self-improving, and self-governed). You hold yourself to a higher standard than others do.
  • Enjoys work and life, values a balance, and is looking for a company that shares those ideals (understands that you do not get a second chance to see your child’s first school play and that it does not matter if the report gets done at 3 PM or 10 PM, if it gets done).
  • Highly consultative and collaborative nature; someone who enjoys helping others achieve ambitious business and information assurance goals.
  • Effectively and proactively communicates in writing/speech both internally/externally from the server room to the boardroom.
  • The ability to “work from anywhere” as this role is remote/virtual in nature.
  • A good sense of humor and the ability to laugh at themselves.

The right person usually has the following experience (these are somewhat negotiable):

  • Enough Information Technology and Information Security experience to contextualize and make their recommendations relevant and valuable.
  • Experience and knowledge with Governance, Risk Management and Compliance
  • Significant knowledge of ISO 27001/2 and its derivatives (e.g., HITRUST, Shared Assessment) as much of our consulting and collaboration is around an ISO 27001 Information Security Management System.
  • Solid knowledge of the NIST 800-171/FISMA framework and is derivatives (e.g., Fed RAMP, CMS Information Security Program) as many of our clients serve government customers.
  • Experience working in a highly consultative manner (e.g., in a consulting firm, or across business units/functions).

The right person often has the following attributes (these are negotiable):

  • Experience in and/or a desire to contribute to PPS’s Network & Application Security practice areas (e.g., architecture/configuration reviews, Vulnerability Assessments, Penetration Tests, targeted gap assessments, Source Code Reviews).
  • Experience with the myriad of regulatory compliance frameworks our client base is subject to (e.g., HIPAA, PII, PCI-DSS, SOX, STARS, NERC-CIP).
  • Certifications that demonstrate to our clients our commitment to excellence in our craft (e.g., ISO 27001 Lead Implementer, CISA, CISSP, ISO 27001 Lead Auditor, MCSE, CEH, OSCP).
  • Familiarity with related standards (e.g., SSAE-16 SOC1, SOC2, ISO-22301, ISO-9001).

Click here to apply now

About Pivot Point Security

We’re a small, but growing, company. So, we do our best to keep the right people at PPS (most of our team has been together for 6+ years) by aspiring to:

  • A high-performance work environment with extremely passionate, driven and experienced technical professionals. At Pivot Point Security, you will find colleagues you can respect and learn from.
  • A management system where all employees participate in establishing the company’s goals/initiatives and have ready visibility into the company’s performance. We’re working hard to create processes and metrics to measure our, *and your) success.
  • An environment where relationships are important, internally and externally. We provide the highest levels of customer service and strive to always exceed our clients’ expectations.
  • A competitive salary (more than most) with a F100 level benefits package (e.g., medical, dental, vision, HCFSA, 401K w/ company match, 529 College Savings, Adoption Assistance, vacation and personal days).
  • Providing individuals, the opportunity to develop by giving them the resources required, surrounding them with great colleagues, and allowing them to take on new/big challenges.

As a Company, We:

  1. Tell the Truth (Honesty is almost always the best policy)
  2. Do The Right Thing (Keep commitments, over-communicate, be transparent, confident, worthy of/thrive on freedom)
  3. Smile (Life is too short not to … likeability is nearly as important as competence)
  4. Seek “Win-Win” (Think cooperative, not competitive – seek mutual benefit in all interactions)
  5. Consult (Every situation is unique; listen, understand, educate, and express a clear opinion)
  6. Simplify (Less is more …)
  7. Are Customer Focused
GDPR and Privacy Consultant

Do you thrive in a dynamic environment? Do you like challenges? Do you believe work and fun are not mutually exclusive?

Then maybe, you’re the one we’re looking for. We need team players who are smart and creative, who love IT assurance and who want to grow with a growing company: who are as comfortable talking with senior management about Information Security Management Systems and attestation strategies as they are with a developer or sysadmin about TLSv1.2.

We are looking for the “right” person to join our team as our GDPR and Privacy Consultant, and act as our subject matter expert on Privacy. The “right” person will work in a collaborative fashion with our clients providing services related to a broad range of security & privacy disciplines (including compliance assessments, program design and policy development). In this role, you will spend 10 – 35% of your time at client sites and the rest of your time working from wherever you work most effectively. We will provide training/certification for the right person.

Click here to apply now

We expect this person will:

  • Meet/exceed defined contribution goals for services you will deliver.
  • Achieve target Net Promoter Scores for your service by managing client relationships.
  • Ensure 100% certification success rate on GRC, ISMS and GDPR projects.
  • Earn and gain the trust and respect of the PPS team.

The right person HAS the following characteristics (these are “non-negotiable”):

  • Personal integrity, a highly transparent nature, and a mindset of “mutual benefit”.
  • Thrives on and is worthy of self-managing the projects they are responsible for (micro-management is a four-letter word at PPS).
  • Has very high “Self-Expectation” (self-motivated, self-aware, self –disciplined, self-improving, and self-governed). You hold yourself to a higher standard than others do.
  • Enjoys work and life, values a balance, and is looking for a company that shares those ideals (understands that you do not get a second chance to see your child’s first school play and that it does not matter if the report gets done at 3 PM or 10 PM, if it gets done).
  • Highly consultative and collaborative nature; someone who enjoys helping others achieve ambitious business and information assurance goals.
  • Effectively and proactively communicates in writing/speech both internally/externally from the server room to the boardroom.
  • The ability to “work from anywhere” as this role is remote/virtual in nature.
  • A good sense of humor and the ability to laugh at themselves.

The right person usually has the following experience (these are somewhat negotiable):

  • Enough Information Technology/Information Security/Privacy experience to contextualize and make their recommendations relevant and valuable.
  • Significant knowledge of federal and state security/privacy rules and regulations.
  • Experience evaluating client compliance with common industry standards and regulations.
  • Significant knowledge of Privacy frameworks including; GDPR, Privacy Shield. PIPEDA, MA-201, SB-1386, etc.
  • Solid knowledge of the ISO-27001 and NIST/FISMA frameworks.
  • Experience working in a highly consultative manner (e.g., in a consulting firm, or across business units/functions).

The right person often has the following attributes (these are negotiable):

  • 3+ years working as a Security/Privacy consultant.
  • Experience interpreting security/privacy regulations.
  • Experience in and/or a desire to contribute to PPS’s Network & Application Security practice areas (e.g., architecture/configuration reviews, Vulnerability Assessments, Penetration Tests, targeted gap assessments, Source Code Reviews).
  • Experience with the myriad of regulatory compliance frameworks our client base is subject to (e.g., GCPR, HIPAA, PII, PCI-DSS, SOX, STARS, NERC-CIP).
  • Certifications that demonstrate to our clients our commitment to excellence in our craft (e.g., CIPP, ISO 27001 Lead Implementer, CISA, CISSP, ISO 27001 Lead Auditor, MCSE, CEH, OSCP).
  • Familiarity with related standards (e.g., SSAE-16 SOC1, SOC2, ISO-22301, ISO-9001).

Click here to apply now

About Pivot Point Security

We’re a small, but growing, company. So, we do our best to keep the right people at PPS (most of our team has been together for 6+ years) by aspiring to:

  • A high-performance work environment with extremely passionate, driven and experienced technical professionals. At Pivot Point Security, you will find colleagues you can respect and learn from.
  • A management system where all employees participate in establishing the company’s goals/initiatives and have ready visibility into the company’s performance. We’re working hard to create processes and metrics to measure our, *and your) success.
  • An environment where relationships are important, internally and externally. We provide the highest levels of customer service and strive to always exceed our clients’ expectations.
  • A competitive salary (more than most) with a F100 level benefits package (e.g., medical, dental, vision, HCFSA, 401K w/ company match, 529 College Savings, Adoption Assistance, vacation and personal days).
  • Providing individuals, the opportunity to develop by giving them the resources required, surrounding them with great colleagues, and allowing them to take on new/big challenges.

As a Company, We:

  1. Tell the Truth (Honesty is almost always the best policy)
  2. Do The Right Thing (Keep commitments, over-communicate, be transparent, confident, worthy of/thrive on freedom)
  3. Smile (Life is too short not to … likeability is nearly as important as competence)
  4. Seek “Win-Win” (Think cooperative, not competitive – seek mutual benefit in all interactions)
  5. Consult (Every situation is unique; listen, understand, educate, and express a clear opinion)
  6. Simplify (Less is more …)
  7. Are Customer Focused
Sales Support Associate

Do you thrive in a dynamic environment? Do you like challenges? Do you believe work and fun are not mutually exclusive?

Then maybe, you’re the one we’re looking for. We need team players who are smart and creative and want to grow with a growing company.

We are looking for the “right” person to join our team as a Sales Support Associate with a particular focus on nurturing new leads, first contacts and supporting and learning from our existing sales team. You will work in a collaborative fashion with our clients to help them manage information security & compliance risk. But don’t worry – if you’ve got the “right” stuff – we’ll provide training/certification to assure your (and therefore, our) success.

Along with nurturing web leads and existing clients, you’ll be supporting our Sales Team by; maintaining our CRM, assisting the sales team in proposal creation and other administrative support. Ultimately you will be helping to educate potential clients about our services. You will assist with developing new sales opportunities by cultivating and establishing client relationships for the sales team. We don’t believe in “traditional selling”; we work in a collaborative model to provide our clients (and potential clients) with the tools they need to make sound business decisions regarding their information assurance.

Click here to apply now

The right person HAS the following characteristics (these are “non-negotiable”):

  • Personal integrity, a highly transparent nature, and a mindset of “mutual benefit”. (We don’t “sell” – we educate, collaborate and listen.)
  • Thrives on and is worthy of self-managing their work effort (micro-management is a four-letter word at PPS).
  • Very high “Self-Expectation” (self-motivated, self-aware, self –disciplined, self-improving, and self-governed). You hold yourself to a higher standard than others do.
  • A high level of attention to detail.
  • A desire to approach each opportunity as new, not using a cookie cutter or template approach.
  • Enjoys work and values family and is looking for a company that shares those ideals (understands that you don’t get a second chance to see your child’s first school play and that it doesn’t matter if the proposal gets done at 3 PM or 10 PM, as long as it gets done).
  • Highly consultative and collaborative nature; someone who enjoys helping others (clients and team members) achieve ambitious business and information assurance goals.
  • Effective and proactive communication skills in writing/speech. You’ll prepare proposals, SOW’s, track and nurture leads, email and talk to clients until no question is left unanswered.
  • Demonstrable computer skills and proficiency with the Microsoft Office suite of applications.
  • The mental acuity and flexibility to work in a fast paced, sometimes interrupted, multi-tasking environment.
  • A good sense of humor and the ability to laugh at themselves because all work and no play….
  • A passion for challenges, not afraid of the “deep end of the pool.”

The right person should have the following experience (these are somewhat negotiable):

  • Proficiency with CRM concepts (MS-CRM2013 a plus).
  • Excellent organizational and time management skills.
  • Experience working in a sales support role where ongoing nurturing of prospective clients was an integral element of sales success.
  • Inside sales experience preferred.
  • Collaborative sales experience preferred.
  • Experience in MS Suite of products.

The right person often has the following attributes (these are negotiable):

  • Enough Information Technology and Information Security experience to understand our client’s needs (or the ability to learn quickly).
  • Experience working in a highly consultative manner.
  • Thrives on working in a fast pace environment and taking challenges head on.

Click here to apply now

About Pivot Point Security

We’re a small, but growing, company. So we do our best to keep the right people at PPS (most of our team has been together for 6+ years) by aspiring to:

  • A high-performance work environment with extremely passionate, driven and experienced technical professionals. At Pivot Point Security, you will find colleagues you can respect and learn from.
  • A management system where all employees participate in establishing the company’s goals/initiatives and have ready visibility into the company’s performance. We’re working hard to create processes and metrics to measure our, *and your) success.
  • An environment where relationships are important, internally and externally. We provide the highest levels of customer service and strive to always exceed our clients’ expectations.
  • A competitive salary (more than most) with a F100 level benefits package (e.g., medical, dental, vision, HCFSA, 401K w/ company match, 529 College Savings, Adoption Assistance, vacation and personal days).
  • Providing individuals, the opportunity to develop by giving them the resources required, surrounding them with great colleagues, and allowing them to take on new/big challenges.
As a Company, We:
  1. Tell The Truth (Honesty is almost always the best policy …)
  2. Do the Right Thing (Keep commitments, over-communicate, be transparent, confident, worthy of/thrive on freedom)
  3. Smile (Life is too short not to … likability is nearly as important as competence)
  4. Seek “Win-Win” (Think cooperative, not competitive – seek mutual benefit in all interactions)
  5. Consult (Every situation is unique; listen, understand, educate, and express a clear opinion)
  6. Simplify (Less is more … )
  7. Are Customer Focused

Future Positions:

Security Awareness Education Service Lead

**Future Role** 

Please note that we are not currently hiring for this position. Please check back soon for an application link.


Do you thrive in a dynamic environment? Do you like challenges? Does educating others about Information Security excite you? Do you believe work and fun are not mutually exclusive?

We are looking for the “right” person to join our team as our Security Awareness Education Training Service Lead to work in a collaborative fashion with our clients and team to help them manage information security & compliance risk through SAET. In this role, you will establish the strategic direction for the SAE service and deliver those services to our clients’ satisfaction. This role will require you to spend 10 – 35% of your time at client sites and the rest of your time working from wherever you work most effectively. We will provide training/certification for the right person.

Culture: Non-negotiable characteristics vital to success in any role with PPS

  • Personal integrity, a highly transparent nature, and a mind-set of “mutual benefit”.
  • Thrives on and is worthy of self-managing the work they are responsible for (micro-management is a four-letter word at PPS).
  • Has very high “Self-Expectation” (self-motivated, self-aware, self –disciplined, self-improving, and self-governed). You hold yourself to a higher standard than others do.
  • Enjoys and values a work life balance and is looking for a company that shares those ideals (understands that you don’t get a second chance to see your child’s first school play and that it doesn’t matter if the report gets done at 3PM or 10PM, as long as it gets done).
  • Highly consultative and collaborative nature; someone who enjoys helping others achieve ambitious business and information assurance goals.
  • Effectively and proactively communicates in writing/speech both internally/externally.
  • The ability to “work from anywhere” as this role is possibly remote/virtual in nature.
  • A good sense of humor and the ability to laugh at themselves.

Outcomes: We expect the right person will:

  • Establish the strategic direction for the SAE service including tools, partners, content, ,delivery, marketing, business development and sales).
  • Liaise with other Practice/Service Leads to integrate SAE Service with other key services.
  • Liaise with sales, marketing and business development to drive SAE Service growth and achieve revenue, profit and client satisfaction goals.
  • Grow the SAE service and achieve revenue, profit and client satisfaction goals.

Experience: PPS feels the following experience will contribute to success in this role

  • Demonstrated experience managing the delivery of complex information technology or information security services or solutions.
  • Three years of experience creating, delivering and/or managing the delivery of SAE.
  • Experience producing video based training (e.g., filming, video editing, post production, learning management systems, etc.).
  • Passionate and knowledgeable about current Information Security topics and trends.
Dedicated Internal Information Security Auditor

**Future Role** 

Please note that we are not currently hiring for this position. Please check back soon for an application link.


 

PPS is seeking a CISA to own the role of a Dedicated Internal IS Auditor for our clients.

This broad and varied role will see you develop and lead multiple risk-based Information Security audits across an extensive range of clients in many verticals. You will also have the opportunity to help our clients by vetting their ISMS, and validating current processes.

Ideal candidates will have a strong background in internal audit, ideally gained in an IT/IS related business or service provider, giving you a solid understanding of controls in a technical environment. A confident self-starter, you will be driven to succeed in a high-performance environment and be comfortable operating at both a strategic and hands-on level. Knowledge of ISO 27001 is highly desirable.

This is an excellent opportunity to step-up into a leadership capacity and take full ownership of client internal audit function for a growing and unique information assurance firm. In return, you will have the opportunity to work for a business that truly values its employees, and be part of a team with a culture second to none.

  • Performs multiple Internal Information Technology/Security audits simultaneously, including information security controls and information system applications.
  • Performs special reviews and analyses as directed by Services Director or Resource Manager.
  • Establishes the scope of work necessary to meet the audit objectives. Determines records and/or activities to analyze, and the extent of tests to apply.
  • Completes the planning work on assigned audits including a review of appropriate organizational policies and procedures and external reference material for the area under review.
  • Performs analytical reviews of data and ascertains compliance with laws, standards, and best practices.
  • Prepares detailed reports of findings and develops solid recommendations and alternative solutions to issues identified during the audit.
  • Follows appropriate departmental policies and guidelines, as well as Standards for the Professional Practice of Internal Auditing and the Institute of Internal Auditors’ Code of Ethics.

The right person HAS the following characteristics (these are “non-negotiable”):

  • Personal integrity, a highly transparent nature, and a mind-set of “mutual benefit”.
  • Thrives on and is worthy of self-managing the projects they are responsible for (micro-management is a four-letter word at PPS).
  • Has very high “Self-Expectation” (self-motivated, self-aware, self –disciplined, self-improving, and self-governed). You hold yourself to a higher standard than others do.
  • Enjoys work and life, values a balance, and is looking for a company that shares those ideals (understands that you don’t get a second chance to see your child’s first school play and that it doesn’t matter if the report gets done at 3PM or 10PM, if it gets done).
  • Highly consultative and collaborative nature; someone who enjoys helping others achieve ambitious business and information assurance goals.
  • Effectively and proactively communicates in writing/speech both internally/externally from the server room to the board room.
  • The ability to “work from anywhere” as this role is remote/virtual in nature.
  • A good sense of humor and the ability to laugh at themselves.

The right person usually has the following experience (these are somewhat negotiable):

  • Bachelor’s Degree required in Computer Science, Finance, Business or related field or equivalent work experience
  • 3-5 years of audit experience for an Information Assurance firm or professional services firm, or, relevant internal audit experience.
  • CISA is required
  • Up to 75% travel required.
  • Knowledge of information security and administration controls for client server and mainframe environments (e.g., Windows, UNIX), as well as databases (e.g., Oracle, Sybase, SQL).
  • Ability to independently research industry trends, best practices, and requirements.
  • Understand the elements of a strong internal control environment.
  • Ability to appropriately handle ethical issues in the organization.
  • Ability to effectively communicate (verbal and written) with all levels of associates.
  • Understand the symptoms of possible fraud and know the steps to take when fraud is suspected.
  • Experience should also include performance of applications, systems development life cycle, change management, and data warehouse audits.
  • Understand Disaster Recovery and Business Continuity practices.
  • Knowledge of applicable practices and laws relating to data privacy and protection.
  • Industry experience is a strong plus
  • Experience with Model Audit Rule, internal controls, and business process analysis is preferred.
Information Security Management (ISMS) Consultant - New York, NY

**Future Role** 

Please note that we are not currently hiring for this position. Please check back soon for an application link.


 

We are looking for the “right” person to lead our Cyber Liability Insurance Service Area which predominantly works in a collaborative fashion with our insurance vertical client base to help them effectively manage the risk associated with member risk. This involves building/optimizing the practices these organizations use to underwrite and manage information security risk for their members. In this role, you will spend 10 – 35% of your time at client sites and the rest of your time working from wherever you work most effectively. We will provide training/certification for the right person.

We expect this person will:

  • Meet/exceed defined contribution goals for services you will deliver.
  • Achieve target Net Promoter Scores for your service by managing client relationships.
  • Ensure 100% certification success rate on ISMS projects.
  • Earn and gain the trust and respect of the PPS team.

The right person HAS the following characteristics (these are “non-negotiable”):

  • Personal integrity, a highly transparent nature, and a mind-set of “mutual benefit”.
  • Thrives on and is worthy of self-managing the projects they are responsible for (micro-management is a four-letter word at PPS).
  • Has very high “Self-Expectation” (self-motivated, self-aware, self –disciplined, self-improving, and self-governed). You hold yourself to a higher standard than others do.
  • Enjoys work and life, values a balance, and is looking for a company that shares those ideals (understands that you don’t get a second chance to see your child’s first school play and that it doesn’t matter if the report gets done at 3PM or 10PM, if it gets done).
  • Highly consultative and collaborative nature; someone who enjoys helping others achieve ambitious business and information assurance goals.
  • Effectively and proactively communicates in writing/speech both internally/externally from the server room to the board room.
  • The ability to “work from anywhere” as this role is remote/virtual in nature.
  • A good sense of humor and the ability to laugh at themselves.

The right person usually has the following experience (these are somewhat negotiable):

  • Enough Information Technology and Information Security experience to contextualize and make their recommendations relevant and valuable.
  • Significant knowledge of ISO-27001/2 and its derivatives (e.g., HITRUST, Shared Assessment) as much of our consulting and collaboration is around an ISO-27001 Information Security Management System.
  • Solid knowledge of the NIST 800-171/FISMA framework and is derivatives (e.g., Fed RAMP, CMS Information Security Program) as many of our clients serve government customers.
  • Experience working in a highly consultative manner (e.g., in a consulting firm, or across business units/functions).

The right person often has the following attributes (these are negotiable):

  • Experience in and/or a desire to contribute to PPS’s Network & Application Security practice areas (e.g., architecture/configuration reviews, Vulnerability Assessments, Penetration Tests, targeted gap assessments, Source Code Reviews).
  • Experience with the myriad of regulatory compliance frameworks our client base is subject to (e.g., HIPAA, PII, PCI-DSS, SOX, STARS, NERC-CIP).
  • Certifications that demonstrate to our clients our commitment to excellence in our craft (e.g., ISO-27001 Lead Implementer, CISA, CISSP, ISO 27001 Lead Auditor, MCSE, CEH, OSCP).
  • Familiarity with related standards (e.g., SSAE-16 SOC1, SOC2, ISO-22301, ISO-9001).
Information Security Management (ISMS) Consultant - Atlanta, GA

**Future Role** 

Please note that we are not currently hiring for this position. Please check back soon for an application link.


We are looking for the “right” person to lead our Cyber Liability Insurance Service Area which predominantly works in a collaborative fashion with our insurance vertical client base to help them effectively manage the risk associated with member risk. This involves building/optimizing the practices these organizations use to underwrite and manage information security risk for their members. In this role, you will spend 10 – 35% of your time at client sites and the rest of your time working from wherever you work most effectively. We will provide training/certification for the right person.

We expect this person will:

  • Meet/exceed defined contribution goals for services you will deliver.
  • Achieve target Net Promoter Scores for your service by managing client relationships.
  • Ensure 100% certification success rate on ISMS projects.
  • Earn and gain the trust and respect of the PPS team.

The right person HAS the following characteristics (these are “non-negotiable”):

  • Personal integrity, a highly transparent nature, and a mind-set of “mutual benefit”.
  • Thrives on and is worthy of self-managing the projects they are responsible for (micro-management is a four-letter word at PPS).
  • Has very high “Self-Expectation” (self-motivated, self-aware, self –disciplined, self-improving, and self-governed). You hold yourself to a higher standard than others do.
  • Enjoys work and life, values a balance, and is looking for a company that shares those ideals (understands that you don’t get a second chance to see your child’s first school play and that it doesn’t matter if the report gets done at 3PM or 10PM, if it gets done).
  • Highly consultative and collaborative nature; someone who enjoys helping others achieve ambitious business and information assurance goals.
  • Effectively and proactively communicates in writing/speech both internally/externally from the server room to the board room.
  • The ability to “work from anywhere” as this role is remote/virtual in nature.
  • A good sense of humor and the ability to laugh at themselves.

The right person usually has the following experience (these are somewhat negotiable):

  • Enough Information Technology and Information Security experience to contextualize and make their recommendations relevant and valuable.
  • Significant knowledge of ISO-27001/2 and its derivatives (e.g., HITRUST, Shared Assessment) as much of our consulting and collaboration is around an ISO-27001 Information Security Management System.
  • Solid knowledge of the NIST 800-171/FISMA framework and is derivatives (e.g., Fed RAMP, CMS Information Security Program) as many of our clients serve government customers.
  • Experience working in a highly consultative manner (e.g., in a consulting firm, or across business units/functions).

The right person often has the following attributes (these are negotiable):

  • Experience in and/or a desire to contribute to PPS’s Network & Application Security practice areas (e.g., architecture/configuration reviews, Vulnerability Assessments, Penetration Tests, targeted gap assessments, Source Code Reviews).
  • Experience with the myriad of regulatory compliance frameworks our client base is subject to (e.g., HIPAA, PII, PCI-DSS, SOX, STARS, NERC-CIP).
  • Certifications that demonstrate to our clients our commitment to excellence in our craft (e.g., ISO-27001 Lead Implementer, CISA, CISSP, ISO 27001 Lead Auditor, MCSE, CEH, OSCP).
  • Familiarity with related standards (e.g., SSAE-16 SOC1, SOC2, ISO-22301, ISO-9001).
Penetration Tester/Ethical Hacker

**Future Role** 

Please note that we are not currently hiring for this position. Please check back soon for an application link.


 

We are looking for the “right” person to join our Network Services team as a Penetration Tester/Ethical Hacker to deliver a tightly knit group of penetration testing services including network, application, phishing, and physical testing to our diverse client base to complement our information assurance services.

The right person has the following characteristics (these are “non-negotiable”):

  • Personal integrity, a highly transparent nature, and a mindset of “mutual benefit”. (We don’t “sell” – we educate, collaborate and listen.)
  • Thrives on and is worthy of self-managing their work effort (micro-management is a four-letter word at PPS).
  • Very high “Self-Expectation” (self-motivated, self-aware, self –disciplined, self-improving, and self-governed). You hold yourself to a higher standard than others do.
  • A high level of attention to detail.
  • A desire to approach each opportunity as new, not using a cookie cutter or template approach.
  • Enjoys work and values family and is looking for a company that shares those ideals (understands that you don’t get a second chance to see your child’s first school play and that it doesn’t matter if the proposal gets done at 3 PM or 10 PM, if it gets done).
  • Highly consultative and collaborative nature; someone who enjoys helping others (clients and team members) achieve ambitious business and information assurance goals.
  • Effective and proactive communication skills in writing/speech. You’ll prepare proposals, SOW’s, track and nurture leads, email and talk to clients until no question is left unanswered.
  • Demonstrable computer skills and proficiency with the Microsoft Office suite of applications.
  • The mental acuity and flexibility to work in a fast-paced, sometimes interrupted, multi-tasking environment.
  • A good sense of humor and the ability to laugh at themselves because all work and no play….
  • A passion for challenges, not afraid of the “deep end of the pool

The right person should have the following experience (these are somewhat negotiable):

  • Ability to work collaboratively with clients to assess/improve network security via architecture reviews, Network Vulnerability Assessments, Network Penetration Testing, Firewall Rule-base Reviews, Active Directory Configuration Review, and related activities.
  • Ability to work collaboratively with clients to assess/improve application security via architecture reviews, Application Vulnerability Assessments, Application Penetration Testing, Source Code Vulnerability Assessment, Source Code Review, and related activities.
  • Ability to work collaboratively with PPS’s marketing, sales, and product development professionals to ensure that your industry and Subject Matter Expertise is reflected in our marketing materials, sales proposals, and service offerings.
  • 10% – 20% travel required.

About Pivot Point Security

We’re a small, but growing, company (45% per year growth over last 4 years), so we do our best to keep the right people at PPS (most of our team has been together for 6+ years) by aspiring to:

  • A high-performance work environment with extremely passionate, driven and experienced technical professionals. At Pivot Point Security you will find colleagues you can respect and learn from.
  • A management system where all employees participate in establishing the company’s goals/initiatives and have ready visibility into the company’s performance. We’re working hard to create processes and metrics to measure our (and your) success.
  • An environment where relationships are important, internally and externally. We provide the highest levels of customer service and strive to always exceed our clients’ expectations.
  • A competitive salary (more than most) with a F100 level benefits package (e.g., medical, dental, vision, HCFSA, 401K w/ company match, 529 College Savings, Adoption Assistance, vacation and personal days).
  • Providing individuals the opportunity to develop by giving them the resources required, surrounding them with great colleagues, and allowing them to take on new/big challenges.

As a Company, We:

  1. Tell the Truth (Honesty is almost always the best policy)
  2. Do The Right Thing (Keep commitments, over-communicate, be transparent, confident, worthy of/thrive on freedom)
  3. Smile (Life is too short not to … likeability is nearly as important as competence)
  4. Seek “Win-Win” (Think cooperative, not competitive – seek mutual benefit in all interactions)
  5. Consult (Every situation is unique; listen, understand, educate, and express a clear opinion)
  6. Simplify (Less is more …)
  7. Are Customer Focused