Information Security Assessor – QSA Certified (W2, FT)

Location: Remote – USA

Type: Full Time (W-2 or equivalent)

Compensation: Competitive salary + commission eligibility

Travel: Potential travel to client sites as required

RSI Security is a trusted leader in cybersecurity compliance and assessment, dedicated to helping organizations navigate complex security frameworks and safeguard their operations. We are committed to operational excellence, leveraging innovation and expertise to deliver tailored solutions that empower businesses to thrive in a rapidly evolving digital landscape. Our culture emphasizes collaboration, continuous improvement, and professional growth, offering our team members the opportunity to contribute meaningfully to impactful projects in a supportive and forward-thinking environment.

The Information Security Assessor leads and delivers formal assessments and consulting services across multiple cybersecurity frameworks, with a primary focus on PCI DSS. This role requires hands‑on experience conducting QSA-led assessments, drafting compliance documentation, and guiding clients through full assessment lifecycles.

The ideal candidate holds an active PCI QSA certification, has a strong background in compliance and information security, and excels in independent execution as well as collaborative client engagement.

• Lead formal PCI DSS assessments, including audits, readiness assessments, and gap analyses.
• Conduct evidence reviews, stakeholder interviews, technical validation, and documentation sampling.
• Draft and deliver comprehensive Reports on Compliance (ROCs) and Attestations of Compliance (AOCs).
• Provide advisory services for clients navigating PCI, SOC 2, ISO 27001, HIPAA, NIST, and HITRUST initiatives.
• Collaborate cross‑functionally with advisory and technical teams to support integrated engagements.
• Mentor junior team members in PCI methodology and cybersecurity best practices.
• Stay current with evolving standards and updates from the PCI Security Standards Council (SSC).
• Represent RSI Security in client meetings and contribute to long‑term client success.

• Active PCI QSA certification - required.
• Bachelor's degree in cybersecurity, information systems, or equivalent experience.
• 3–5+ years of experience in security assessments, compliance, or consulting.
• Demonstrated experience with ROC/AOC development and delivery.
• Familiarity with additional frameworks: SOC 2, ISO 27001, NIST, HIPAA, HITRUST.
• Ability to perform gap analyses, risk assessments, and control evaluations.
• Strong technical and written communication skills, including report writing and presentations.
• Self‑driven with the ability to manage multiple engagements independently.
• Strong organizational and time management skills.

• Ownership and accountability — drive results without micromanagement.
• Client‑first attitude with a solutions‑oriented mindset.
• Calm and focused under pressure; flexible with shifting priorities.
• Continuous improvement and proactive problem‑solving mindset.
• Team collaboration and knowledge sharing.
• Humility, integrity, and professionalism in all client interactions.

• Competitive salary and commission/bonus opportunities.
• 100 % remote work flexibility.
• Collaborative and inclusive team culture.
• Professional development and upskilling opportunities.
• Opportunity to work on diverse and impactful cybersecurity engagements.

RSI Security is proud to be an Equal Opportunity Employer. We value equity, inclusion, and diversity as part of our broader commitment to respecting fundamental human rights across our value chain. The Company will consider qualified applicants with arrest and conviction records, consistent with applicable laws.

For more information on RSI Security, please visit www.rsisecurity.com or our LinkedIn page. On our career site, you will also find the steps guiding you through our hiring process.