Employment Opportunities

Do you thrive in a dynamic environment? Do you like challenges? Do you believe work and fun are not mutually exclusive?

Then maybe, you’re the one we’re looking for. We need team players who are smart and creative, who love IT assurance and who want to grow with a growing company: who are as comfortable talking with senior management about Information Security Management Systems and attestation strategies as they are with a developer or sysadmin about TLSv1.2.

Current Positions Available

At Pivot Point Security, we’re not necessarily looking for certifications and years of expertise. We are willing to train the right person. We’re looking for candidates who are highly intelligent, eager to learn, and cut from the finest moral fiber. While we are less concerned with skills and qualifications we will not compromise on your ability to deliver superior results.

Click here for more information on working at Pivot Point Security, or apply to a position below.

NIST InfoSec Consultant (U.S.)

Enjoy any and all things NIST (e.g., CMMC L3, 800-171, FedRAMP, NCSF)? The idea of helping companies build, optimize, and assess their cybersecurity programs excite you? Working with other frameworks like ISO 27001 and CCPA sound like fun?

If you also thrive in a dynamic environment, like challenges and believe work and fun are not mutually exclusive, then maybe you’re the one we’re looking for. We need team players who are smart and creative, who love IT assurance and who want to grow with a growing company: who are as comfortable talking with senior management about Information Security Management Systems and attestation strategies as they are with a developer or sysadmin about TLS v1.2.

We are looking for the “right” person to join our team as a GRC (Governance, Risk Management and Compliance) Consultant to work in a collaborative fashion with our clients to help them manage Information Security & compliance risk as well as prove the same to management and customers. While we may consider other types of information security experience, our primary preference is for those with NIST experience to help our clients gear up for CMMC and FedRAMP. In this role, you will spend 10 – 35% of your time at client sites and the rest of your time working from wherever you work most effectively.

We expect this person will:

  • Work collaboratively with our clients to help them prepare for CMMC L3 certification including; scoping, risk assessment, maturity assessment of current controls, risk/gap remediation plan development, remediation plan execution, System Security Plan Development, etc.
  • Work collaboratively with our clients to help them prepare for FedRAMP including; scoping, 3PAO selection, risk assessment, System Security Plan Development, User Guide & Rules of Behavior, Incident Response Plan, etc.
  • Prepare for and conduct assessments in compliance with Federal Guidelines (NIST 800-53, 800-53A, 800-37, 800-171, etc.) and client requirements.
  • Work collaboratively with other team members and clients to address other information security requirements including; ISO 27001, SOC 2, ISO 27701, CCPA, NCSF, etc.
  • Meet/exceed defined contribution goals for services you will deliver.
  • Achieve target Net Promoter Scores for your service by effectively managing your work effort and client expectations.
  • Ensure 100% certification success rate on client projects.
  • Earn and gain the trust and respect of the PPS team.
  • Grow into a role with increasing responsibility

The right person HAS the following characteristics (these are “non-negotiable”):

  • Personal integrity, a highly transparent nature, and a mind-set of “mutual benefit”.
  • Thrives on and is worthy of self-managing the projects they are responsible for (micro-management is a four-letter word at PPS).
  • Has very high “Self-Expectation” (self-motivated, self-aware, self –disciplined, self-improving, and self-governed). You hold yourself to a higher standard than others do.
  • Enjoys work and life, values a balance, and is looking for a company that shares those ideals (understands that you do not get a second chance to see your child’s first school play and that it does not matter if the report gets done at 3PM or 10PM, as long as it gets done within deadline).
  • Highly consultative and collaborative nature; someone who enjoys helping others achieve ambitious business and information assurance goals.
  • Effectively and proactively communicates in writing/speech both internally/externally from the server room to the board room.
  • The ability to “work from anywhere” as this role may be remote/virtual in nature.
  • A good sense of humor and the ability to laugh at themselves.

The right person usually has the following experience (these are somewhat negotiable):

  • Significant experience with NIST (e.g., 800-171, 800-53, NCSF).
  • Experience working in a consultative fashion.
  • Enough Information Technology and Information Security experience to contextualize and make their recommendations relevant and valuable.
  • Experience and knowledge with Governance, Risk Management and Compliance
  • A desire to take on roles of increasing responsibility including defining services, managing teams and coordinating resources.

The right person often has the following attributes (these are negotiable):

  • Experience with the myriad of regulatory compliance frameworks our client base is subject to (e.g., CCPA, HIPAA, PCI-DSS, SOX, STARS, NERC-CIP).
  • Certifications that demonstrate to our clients our commitment to excellence in our craft (e.g., CISA, CISSP, CMMC RP, CMMC CA-3).
  • Familiarity with related standards (e.g., SOC 2, ISO 27701, ISO 22301, HITRUST, Shared Assessments).

About Pivot Point Security

We’re a small, but growing, company. So, we do our best to keep the right people at PPS (most of our team has been together for 6+ years) by aspiring to:

  • A high-performance work environment with extremely passionate, driven and experienced technical professionals. At Pivot Point Security, you will find colleagues you can respect and learn from.
  • A management system where all employees participate in establishing the company’s goals/initiatives and have ready visibility into the company’s performance. We’re working hard to create processes and metrics to measure our, and your. success.
  • An environment where relationships are important, internally and externally. We provide the highest levels of customer service and strive to always exceed our clients’ expectations.
  • A competitive salary (more than most) with a F100 level benefits package (e.g., medical, dental, vision, HCFSA, 401K w/ company match, 529 College Savings, vacation and personal days).
  • Providing individuals, the opportunity to develop by giving them the resources required, surrounding them with great colleagues, and allowing them to take on new/big challenges.

As a Company, We:

  1. Tell the Truth (Honesty is almost always the best policy)
  2. Do The Right Thing (Keep commitments, over-communicate, be transparent, confident, worthy of/thrive on freedom)
  3. Smile (Life is too short not to … likeability is nearly as important as competence)
  4. Seek “Win-Win” (Think cooperative, not competitive – seek mutual benefit in all interactions)
  5. Consult (Every situation is unique; listen, understand, educate, and express a clear opinion)
  6. Simplify (Less is more …)
  7. Are Customer Focused

At Pivot Point Security, we don’t just accept diversity — we celebrate it, we support it, and we thrive on it for the benefit of our employees, our clients, and our community. Pivot Point Security is proud to be an equal opportunity workplace

If you are interested in applying to this position, please email Lisa Zorovich at lisa.zorovich@pivotpointsecurity.com

 

GRC Consultant (U.S.)

HIRING FOR THIS POSITION IS CURRENTLY ON HOLD

Do you thrive in a dynamic environment? Do you like challenges? Do you believe work and fun are not mutually exclusive?

Then maybe, you’re the one we’re looking for. We need team players who are smart and creative, who love IT assurance and who want to grow with a growing company: who are as comfortable talking with senior management about Information Security Management Systems and attestation strategies as they are with a developer or sysadmin about TLSv1.2.

We are looking for the “right” person to join our team as a GRC (Governance, Risk Management, and Compliance) Consultant to work in a collaborative fashion with our clients to help them manage Information Security & compliance risk as well as prove the same to management and customers. In this role, you will spend 10 – 35% of your time at client sites and the rest of your time working from wherever you work most effectively. We will provide training/certification for the right person.

We expect this person will:

  • Meet/exceed defined contribution goals for services you will deliver.
  • Achieve target Net Promoter Scores for your service by managing client relationships.
  • Ensure 100% certification success rate on ISMS projects.
  • Earn and gain the trust and respect of the PPS team.
  • Grow into a role with increasing responsibility

The right person HAS the following characteristics (these are “non-negotiable”):

  • Personal integrity, a highly transparent nature, and a mindset of “mutual benefit”.
  • Thrives on and is worthy of self-managing the projects they are responsible for (micro-management is a four-letter word at PPS).
  • Has very high “Self-Expectation” (self-motivated, self-aware, self –disciplined, self-improving, and self-governed). You hold yourself to a higher standard than others do.
  • Enjoys work and life, values a balance, and is looking for a company that shares those ideals (understands that you do not get a second chance to see your child’s first school play and that it does not matter if the report gets done at 3 PM or 10 PM, if it gets done).
  • Highly consultative and collaborative nature; someone who enjoys helping others achieve ambitious business and information assurance goals.
  • Effectively and proactively communicates in writing/speech both internally/externally from the server room to the boardroom.
  • The ability to “work from anywhere” as this role is remote/virtual in nature.
  • A good sense of humor and the ability to laugh at themselves.

The right person usually has the following experience (these are somewhat negotiable):

  • Enough Information Technology and Information Security experience to contextualize and make their recommendations relevant and valuable.
  • Experience and knowledge with Governance, Risk Management, and Compliance
  • Significant knowledge of ISO 27001/2 and its derivatives (e.g., HITRUST, Shared Assessment) as much of our consulting and collaboration is around an ISO 27001 Information Security Management System.
  • Solid knowledge of the NIST 800-171/FISMA framework and its derivatives (e.g., Fed RAMP, CMS Information Security Program) as many of our clients serve government customers.
  • Experience working in a highly consultative manner (e.g., in a consulting firm, or across business units/functions).
  • A desire to take on roles of increasing responsibility including defining services, managing teams and coordinating resources.

The right person often has the following attributes (these are negotiable):

  • Experience in and/or a desire to contribute to PPS’s Network & Application Security practice areas (e.g., architecture/configuration reviews, Vulnerability Assessments, Penetration Tests, targeted gap assessments, Source Code Reviews).
  • Experience with the myriad of regulatory compliance frameworks our client base is subject to (e.g., HIPAA, PII, PCI-DSS, SOX, STARS, NERC-CIP).
  • Prior experience developing services for delivery and managing a team.
  • Certifications that demonstrate to our clients our commitment to excellence in our craft (e.g., ISO 27001 Lead Implementer, CISA, CISSP, ISO 27001 Lead Auditor, MCSE, CEH, OSCP).
  • Familiarity with related standards (e.g., SSAE-16 SOC1, SOC2, ISO-22301, ISO-9001).

Click here to apply now

About Pivot Point Security

We’re a small, but growing, company. So, we do our best to keep the right people at PPS (most of our team has been together for 6+ years) by aspiring to:

  • A high-performance work environment with extremely passionate, driven and experienced technical professionals. At Pivot Point Security, you will find colleagues you can respect and learn from.
  • A management system where all employees participate in establishing the company’s goals/initiatives and have ready visibility into the company’s performance. We’re working hard to create processes and metrics to measure our, *and your) success.
  • An environment where relationships are important, internally and externally. We provide the highest levels of customer service and strive to always exceed our clients’ expectations.
  • A competitive salary (more than most) with an F100 level benefits package (e.g., medical, dental, vision, HCFSA, 401K w/ company match, 529 College Savings, Adoption Assistance, vacation and personal days).
  • Providing individuals, the opportunity to develop by giving them the resources required, surrounding them with great colleagues, and allowing them to take on new/big challenges.

As a Company, We:

  1. Tell the Truth (Honesty is almost always the best policy)
  2. Do The Right Thing (Keep commitments, over-communicate, be transparent, confident, worthy of/thrive on freedom)
  3. Smile (Life is too short not to … likeability is nearly as important as competence)
  4. Seek “Win-Win” (Think cooperative, not competitive – seek mutual benefit in all interactions)
  5. Consult, Educate (Every situation is unique; listen, understand, educate, and express a clear opinion)
  6. Simplify (Less is more …)
  7. Are Customer Focused

At Pivot Point Security, we don’t just accept difference — we celebrate it, we support it, and we thrive on it for the benefit of our employees, our clients, and our community. Pivot Point Security is proud to be an equal opportunity workplace and is an affirmative action employer.

About Pivot Point Security

We’re a small, but growing, company (45% per year growth over last 4 years), so we do our best to keep the right people at PPS (most of our team has been together for 6+ years) by aspiring to:

  • A high-performance work environment with extremely passionate, driven and experienced technical professionals. At Pivot Point Security you will find colleagues you can respect and learn from.
  • A management system where all employees participate in establishing the company’s goals/initiatives and have ready visibility into the company’s performance. We’re working hard to create processes and metrics to measure our (and your) success.
  • An environment where relationships are important, internally and externally. We provide the highest levels of customer service and strive to always exceed our clients’ expectations.
  • A competitive salary (more than most) with a F100 level benefits package (e.g., medical, dental, vision, HCFSA, 401K w/ company match, 529 College Savings, Adoption Assistance, vacation and personal days).
  • Providing individuals the opportunity to develop by giving them the resources required, surrounding them with great colleagues, and allowing them to take on new/big challenges.

As a Company, We:

  1. Tell the Truth (Honesty is almost always the best policy)
  2. Do The Right Thing (Keep commitments, over-communicate, be transparent, confident, worthy of/thrive on freedom)
  3. Smile (Life is too short not to … likeability is nearly as important as competence)
  4. Seek “Win-Win” (Think cooperative, not competitive – seek mutual benefit in all interactions)
  5. Consult (Every situation is unique; listen, understand, educate, and express a clear opinion)
  6. Simplify (Less is more …)
  7. Are Customer Focused

At Pivot Point Security, we don’t just accept difference — we celebrate it, we support it, and we thrive on it for the benefit of our employees, our clients, and our community. Pivot Point Security is proud to be an equal opportunity workplace and is an affirmative action employer.