Information Security Assessor- QSA Certified

Job Description

Information Security Assessor – QSA Certified

Location: 100% Remote – U.S. Preferred

Type: W2, Full Time

Pay: $100,000-$150,000

Travel: Minimal (Remote audit model; periodic onsite assessments when required)

About Us:

RSI Security is a leader in cybersecurity compliance and assessment services, helping organizations navigate complex regulatory frameworks and strengthen their security posture.

We deliver independent, high-quality assessments across a range of standards including PCI DSS, CMMC, HITRUST, and emerging regulatory requirements. Our approach emphasizes technical depth, practical insight, and a commitment to delivering clear, actionable outcomes for our clients.

We foster a collaborative, remote-first environment focused on continuous improvement, professional growth, and operational excellence.

About the Role:

As an Information Security Assessor (QSA), you will lead and support client engagements focused on evaluating security controls, validating compliance against regulatory frameworks, and providing structured, evidence-based reporting.

This role combines assessment execution, client advisory support, and internal collaboration. You will work directly with client stakeholders to assess environments, identify gaps, and guide organizations toward achieving and maintaining compliance.

You will operate with a strong emphasis on objectivity, technical accuracy, and clear communication, while contributing to RSI’s service quality and client success.

What You’ll Do

• Perform Security Assessments: Lead and execute PCI DSS assessments, including scoping client environments, performing control validation, and producing required deliverables such as Reports on Compliance (ROC), Attestations of Compliance (AOC), and Self-Assessment Questionnaires (SAQ), as applicable.
• Develop Assessment Reports: Produce clear, structured reports that document compliance status, supporting evidence, and identified gaps in alignment with applicable regulatory requirements.
• Provide Advisory Support: Guide clients in preparation for assessments by assisting with scoping, identifying sensitive data flows, performing gap analyses, and outlining remediation actions.
• Support Technical Documentation: Contribute to or lead the development and review of policies and procedures to align with compliance requirements and industry standards.
• Collaborate with Sales & Marketing: Support pre-sales activities by participating in client discussions, scoping engagements, and contributing to proposals. Participate in thought leadership activities such as webinars or written content.
• Contribute to Internal Excellence: Support process improvements, methodology development, and service standardization. Maintain continuing professional education (CPE) and stay current with evolving security and compliance requirements.

What You’ll Bring

• Experience: 5+ years of IT experience, with at least 3+ years in cybersecurity, compliance, or risk assessment roles.
• Certifications: Active QSA certification required. At least two of the following preferred: CISA, CISM, CISSP.
• Technical Acumen: Working knowledge of cloud platforms (AWS, Azure, or GCP), network architecture, and application environments.
• Assessment & Client Skills: Proven ability to lead engagements, manage client relationships, and deliver high-quality results on time. Experience leading or contributing to PCI DSS assessments, including development of ROC, AOC, and SAQ deliverables.
• Communication Skills: Strong written and verbal communication skills, with the ability to present complex topics clearly to technical and executive audiences.
• Tools & Operations (Preferred): Experience with PSA or project management tools such as Monday.com, Asana, Mavenlink, or similar platforms
• Preferred Experience (Not Required): Experience with government-related frameworks such as FedRAMP and CMMC. Experience with privacy regulations (e.g., CCPA/CPRA, GDPR, or similar data protection requirements).

Mindset We Value

• Take ownership and follow through without micromanagement
• Stay calm under pressure and manage shifting priorities effectively
• Solve problems proactively and continuously seek improvement
• Value structure, organization, and consistency in delivery
• Support team success and contribute to a collaborative environment
• Maintain a growth-oriented and professional mindset

Why Join RSI?

You will be joining a growing leader in cybersecurity compliance, working with diverse clients across industries and frameworks. We offer a fully remote environment, exposure to complex and evolving regulatory landscapes, and opportunities to expand your expertise across multiple domains.

RSI Security is an Equal Opportunity Employer. We prioritize competence, qualifications, and the integrity of the certification process in all hiring decisions.