Information Security Assessor - (QSA Certified)

Type: Contracted, Project-Based, Permanent

Travel: None

Please ensure you read through the entire job posting and understand the work model, expectations, requirements, location, and qualification requirements for this role.

RSI Security is a trusted leader in cybersecurity compliance and assessment, dedicated to helping organizations navigate complex security frameworks and safeguard their operations. We are committed to operational excellence, leveraging innovation and expertise to deliver tailored solutions that empower businesses to thrive in a rapidly evolving digital landscape. Our culture emphasizes collaboration, continuous improvement, and professional growth, offering team members the opportunity to contribute meaningfully to impactful projects in a supportive and forward-thinking environment.

As an RSI Security Information Security Assessor, ACTIVE QSA REQUIRED, you will work closely with clients to evaluate and validate security controls, ensure regulatory compliance, and provide actionable recommendations to address gaps. This role involves leading client engagements, contributing to internal process improvements, and supporting the team with resources to enhance client satisfaction. The ideal candidate is self-motivated, thrives in the fast-paced cybersecurity field, and demonstrates a commitment to learning, active listening, compassion, and delivering transparent, detailed feedback and insights.

• Assess the security controls and regulatory compliance of a client organization (~50% of the time) – By properly scoping and understanding the client environment, business processes, people and technologies, determining compliance requirements and then assessing if the client organization can demonstrate the compliance through clear evidence that is observed, reviewed and tested. Afterwards, drafts a compliance report that outlines how the company has met compliance requirements for the company’s applicable regulations
• Act as an advisor to a client organization in preparation for an assessment (~25% of the time) – Guiding the client to properly prepare for controls and/or compliance audit through proper scoping and identifying sensitive data, how it is managed, determine what the requirements are needed to implement controls, perform gap analysis and generate a report outlining action items to take and policies to develop to be ready for an assessment
• Provide technical writing to a client organization (~5% of the time) – Leads, contributes and delegates technical writing for a client who does not have policies and procedures created to meet compliance requirements. Reviews work and provides feedback if the work is delegated to an Analyst and finalizes to share with the client
• Partner with the Sales and Marketing team (~10% of the time) – Provides pre-sales meeting support and helps the sales team to create proposals for a client by understanding the client’s business, security requirements, regulatory requirements, and identifying complexities. Contributes to marketing efforts, including sitting on a panel as part of a webinar and writing blogs on relevant subjects
• Contribute to internal process improvements & Continuous education (~10% of the time) – Is an active contributor to internal project tasks at RSI, providing improvements to processes to maintain the highest level of efficiency and help productize RSI’s services. Stays abreast of the latest cyber security and compliance changes with 40 hours per year of CPE

• Bachelor’s degree in Computer Science or equivalent education required
• Training or hands-on experience in at least one major cloud platform (AWS, Azure, or Google Cloud) required
• 5+ years of IT experience total required; having 3+ years’ experience specifically in cyber security required
• At least 2 active certifications required from the following: CISA, CISM, or CISSP
• Active security assessor certification; PCI-DSS or HITRUST (Preferred)
• Ability to support upselling and pre-sales by identifying client needs and contributing to value-driven solutions
• Demonstrated ability to interface and collaborate with executive leadership required
• Demonstrated ability to lead complex projects and engagements and get consistent on-time results that meet expectations required
• Demonstrated strong interpersonal and communication skills to develop and maintain relationships with clients and colleagues required
• Working technical knowledge of software development, cloud computing and network architecture required
• Experience working with a PSA tool, such as Asana, Oracle NetSuite, Mavenlink, or Sage preferred

As a global employer, we consider numerous factors when determining compensation, including the specific job responsibilities, your geographical location, and your level of experience.

Our commitment to equity, equal opportunity, inclusion, and diversity is part of our broader commitment to respecting fundamental human rights across our value chain. RSI Security is proud to be an Equal Opportunity Employer. The Company will consider for employment qualified applicants with arrest and conviction records.

Equal Opportunity Employer/Veterans/Disabled

For more information on RSI Security, please visit our website - www.rsisecurity.com or our social media RSI Security LinkedIn. On our career site, you will find some of the key steps you can expect to guide you along the way.

Powered by JazzHR