Advisory Consultant - Cybersecurity (REMOTE)
Hamilton Township, New Jersey, United States - Remote
We are looking for an Advisory Level Consultant to lead our clients on designing, implementing, and managing Information Security Management Systems (ISMS) to protect their organization's infrastructure and maintain compliance with various regulations, standards, and frameworks (ISO 27001, HIPPA, SOC 2, etc…). You will be responsible for working with our client's senior leadership and internal IT teams to advise and ensure security actions are evaluated, validated, and implemented as required.
To be successful as an Advisory Consultant, you should have expert analytical skills and in-depth knowledge of information security practices to proactively identify and prevent a wide range of security threats in client environments. Top candidates will also be excellent communicators; training and educating our client's key stakeholders in various information security topics.
If you thrive in a dynamic environment, like challenges, and believe work and fun are not mutually exclusive, you may be the one we're looking for. We need team players who are smart and creative, love IT assurance, and want to grow with a growing company: who are as comfortable talking with senior management about certification or attestation strategies as they are with a Developer or System Administrator about securing a SaaS based application or the latest Windows’ exploit.
This position will be responsible for:
- Consulting with our client's senior management team and their internal IT departments to improve their information security posture.
- Promote awareness of security issues among client management and ensure sound security principles are reflected in the organization's vision and goals.
- Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
- Continuously validate client organization against policies/guidelines/procedures/regulations/laws to ensure compliance.
- Identify alternative information security strategies to address organizational security objective.
- Keeping up to date with developments in the threat environment, as well as privacy and security standards.
- Conducting and/or participating in gap, risk, and business impact assessments.
- Documenting ISMS policies and procedures, updating policies and procedures, and monitoring to ensure compliance with security policies.
The right person HAS the following characteristics (these are "non-negotiable" ):
- Personal integrity, a highly transparent nature, and a mind-set of "mutual benefit".
- Thrives on and is worthy of self-managing the projects they are responsible for (micro-management is a four-letter word at PPS).
- Has very high "Self-Expectation" (self-motivated, self-aware, self –disciplined, self-improving, and self-governed). You hold yourself to a higher standard than others do.
- Enjoys work and life, values a balance, and is looking for a company that shares those ideals (understands that you do not get a second chance to see your child's first school play and that it does not matter if the report gets done at 3:00 PM or 10:00 PM, if it gets done).
- Highly consultative and collaborative nature; someone who enjoys helping others achieve ambitious business and information assurance goals.
- Effectively and proactively communicates in writing/speech both internally/externally from the server room to the board room.
- The ability to "work from anywhere" as this role is remote/virtual in nature.
- A good sense of humor and the ability to laugh at themselves.
- Applicable Information Security and Technology experience to contextualize and make recommendations relevant and valuable.
The right person usually has the following experience (these are somewhat negotiable):
- Certifications that demonstrate to our clients our commitment to excellence in our craft (e.g., ISO 27001 Lead Implementer, CISA, CISSP, ISO 27001 Lead Auditor, CCSA, MCSE, CEH, OSCP).
- Experience working as a consultant managing/leading multiple client projects.
- Experience authoring policies and procedures.
- Experience with the myriad of regulatory compliance or privacy frameworks our client base is subject to (e.g., HIPAA, PII, PCI-DSS, SOX, STARS, NERC-CIP, GDPR, CCPA).
- Familiarity with related standards/frameworks (e.g., Secure Control Framework, SSAE-16 SOC1, ISO 27001, NIST 800-171, NIST CSF, CMMC, SOC2, ISO-22301, ISO-9001).
- A general understanding of cyber security technologies or security issues such as: Hardware or Virtual Network Firewalls, Cloud Native Firewalls, Identity and Access Management (IAM), Zero Trust, Cloud Access Security Brokers (CASB), Secure Web Gateways (SWG), Distributed Denial of Service (DDoS) protection, Web Application Firewalls (WAF), and Network Detection and Response (NDR).
About Pivot Point Security
We're a small, but growing, company. So, we do our best to keep the right people at PPS (most of our team has been together for 6+ years) by aspiring to:
- A high-performance work environment with extremely passionate, driven and experienced technical professionals. At Pivot Point Security, you will find colleagues you can respect and learn from.
- A management system where all employees participate in establishing the company's goals/initiatives and have ready visibility into the company's performance. We're working hard to create processes and metrics to measure our, *and your) success.
- An environment where relationships are important, internally and externally. We provide the highest levels of customer service and strive to always exceed our clients' expectations.
- A competitive salary (more than most) with a F100 level benefits package (e.g., medical, dental, vision, HCFSA, 401K w/ company match, 529 College Savings, vacation and personal days).
- Providing individuals, the opportunity to develop by giving them the resources required, surrounding them with great colleagues, and allowing them to take on new/big challenges.
As a Company, We:
1. Tell the Truth (Honesty is almost always the best policy)
2. Do the Right Thing (Keep commitments, over-communicate, be transparent, confident, worthy of/thrive on freedom)
3. Smile (Life is too short not to … likeability is nearly as important as competence)
4. Seek "Win-Win" (Think cooperative, not competitive - seek mutual benefit in all interactions)
5. Provide Clear and Actionable Guidance
7. Are Customer Focused
At Pivot Point Security, we don't just accept difference — we celebrate it, we support it, and we thrive on it for the benefit of our employees, our clients, and our community. Pivot Point Security is proud to be an equal opportunity workplace
* Salary range is an estimate based on our salary survey 💰
Tags: Audits CCPA CEH CISA CISSP Cloud CMMC Compliance DDoS Exploit Firewalls GDPR HIPAA IAM ISMS ISO 27001 Monitoring NIST OSCP Privacy Risk assessment SaaS SOC SOC 1 SOC 2 Vulnerabilities Windows
Perks/benefits: 401(k) matching Competitive pay Health care
More jobs like this
Explore more InfoSec/Cybersecurity career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.
- Open SOC Analyst jobs
- Open Senior Cybersecurity Engineer jobs
- Open Security Operations Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Security Architect jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Engineer jobs
- Open Information System Security Officer (ISSO) jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open IT Security Analyst jobs
- Open Head of Information Security jobs
- Open Cyber Hunt SME jobs
- Open Security Consultant jobs
- Open Lead Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Security Operations Engineer jobs
- Open Staff Application Security Engineer jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Penetration Tester jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Security Analyst jobs
- Open Director of Information Security jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Risk assessment-related jobs
- Open Governance-related jobs
- Open Pentesting-related jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Kubernetes-related jobs
- Open DevOps-related jobs
- Open DevSecOps-related jobs
- Open SaaS-related jobs
- Open Vulnerability management-related jobs
- Open IAM-related jobs
- Open APIs-related jobs
- Open CISM-related jobs
- Open CI/CD-related jobs
- Open Forensics-related jobs
- Open Java-related jobs
- Open Analytics-related jobs
- Open Malware-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open OWASP-related jobs
- Open Terraform-related jobs
- Open IDS-related jobs