search > San Francisco jobs > San Francisco computer/technical

Posted: Sunday, March 12, 2017 1:02 AM

Job Description:/h3:
Do you thrive in a dynamic environment? Do you like challenges? Do you believe work and fun are not mutually exclusive?
Then maybe, youre the one were looking for. We need team players who are smart and creative, who love IT assurance and who want to grow with a growing company: who are as comfortable talking with senior management about Information Security Management Systems and attestation strategies as they are with a developer or sysadmin about TLS v1.2.
We are looking for the right person to join our team as an Information Security Management System Consultant to work in a collaborative fashion with our clients to help them manage information security and compliance risk as well as prove the same to management and customers. In this role you will spend 10 : 35 of your time at client sites and the rest of your time working from wherever you work most effectively. We will provide
training/certification for the right person.
We expect this person will:
:Meet/exceed defined contribution goals for services you will deliver.
:Achieve target Net Promoter Scores for your service by managing client relationships.
:Ensure 100 certification success rate on ISMS projects.
:Earn and gain the trust and respect of the PPS team.
The right person HAS the following characteristics (these are non:negotiable):
:Personal integrity, a highly transparent nature, and a mind:set of mutual benefit.
:Thrives on and is worthy of self:managing the projects they are responsible for (micro:management is a four letter word at PPS).
:Has very high Self Expectation (self:motivated, self:aware, self :disciplined, self:improving, and self:governed). You hold yourself to a higher standard than others do.
:Enjoys work and life, values a balance, and is looking for a company that shares those ideals (understands that you dont get a second chance to see your childs first school play and that it doesnt matter if the report gets done at 3PM or 10PM, as long as it gets done).
:Highly consultative and collaborative nature; someone who enjoys helping others achieve ambitious business and information assurance goals.
:Effectively and proactively communicates in writing/speech both
internally/externally from the server room to the board room.
:The ability to work from anywhere as this role is remote/virtual in nature.
:A good sense of humor and the ability to laugh at themselves.

The right person usually has the following experience (these are somewhat negotiable):
:Enough Information Technology and Information Security experience to contextualize and make their recommendations relevant and valuable.
:Significant knowledge of ISO:27001/2 and its derivatives (e.g., HITRUST, Shared Assessment) as much of our consulting and collaboration is around an ISO:27001 Information Security Management System.
:Solid knowledge of the NIST/FISMA framework and is derivatives (e.g., FedRAMP, CMS Information Security Program) as many of our clients serve government customers.
:Experience working in a highly consultative manner (e.g., in a consulting firm, or across business units/functions).
The right person often has the following attributes (these are negotiable):
:Experience in and/or a desire to contribute to PPSs Network and Application Security practice areas (e.g.,
architecture/configuration reviews, Vulnerability Assessments, Penetration Tests, targeted gap assessments, Source Code Reviews).
:Experience with the myriad of regulatory compliance frameworks our client base is subject to (e.g., HIPAA, PII, PCI:DSS, SOX, STARS, NERC:CIP).
:Certifications that demonstrate to our clients our commitment to excellence in our craft (e.g., ISO:27001 Lead Implementer, CISA, CISSP, ISO 27001 Lead Auditor, MCSE, CEH, OSCP).
:Familiarity with related standards (e.g., SSAE:16 SOC1, SOC2, ISO:22301, ISO:9001).
About Pivot Point Security
Were a small, but growing, company. So we do our best to keep the righ


• Location: San Francisco

• Post ID: 57284688 sf is an interactive computer service that enables access by multiple users and should not be treated as the publisher or speaker of any information provided by another information content provider. © 2017