RSI Security

Information Security Assessor- QSA Certified

Remote - Full Time


Job Description

Information Security Assessor – QSA Certified

 

Location: 100% Remote – U.S. Preferred

Type: W2, Full Time

Pay: $100,000-$150,000

Travel: Minimal (Remote audit model; periodic onsite assessments when required)

 

About Us:

RSI Security is a leader in cybersecurity compliance and assessment services, helping organizations navigate complex regulatory frameworks and strengthen their security posture.

We deliver independent, high-quality assessments across a range of standards including PCI DSS, CMMC, HITRUST, and emerging regulatory requirements. Our approach emphasizes technical depth, practical insight, and a commitment to delivering clear, actionable outcomes for our clients.

We foster a collaborative, remote-first environment focused on continuous improvement, professional growth, and operational excellence.

About the Role:

As an Information Security Assessor (QSA), you will lead and support client engagements focused on evaluating security controls, validating compliance against regulatory frameworks, and providing structured, evidence-based reporting.

This role combines assessment execution, client advisory support, and internal collaboration. You will work directly with client stakeholders to assess environments, identify gaps, and guide organizations toward achieving and maintaining compliance.

You will operate with a strong emphasis on objectivity, technical accuracy, and clear communication, while contributing to RSI’s service quality and client success.


What You’ll Do

  • Perform Security Assessments: Lead and execute PCI DSS assessments, including scoping client environments, performing control validation, and producing required deliverables such as Reports on Compliance (ROC), Attestations of Compliance (AOC), and Self-Assessment Questionnaires (SAQ), as applicable.
  • Develop Assessment Reports: Produce clear, structured reports that document compliance status, supporting evidence, and identified gaps in alignment with applicable regulatory requirements.
  • Provide Advisory Support: Guide clients in preparation for assessments by assisting with scoping, identifying sensitive data flows, performing gap analyses, and outlining remediation actions.
  • Support Technical Documentation: Contribute to or lead the development and review of policies and procedures to align with compliance requirements and industry standards.
  • Collaborate with Sales & Marketing: Support pre-sales activities by participating in client discussions, scoping engagements, and contributing to proposals. Participate in thought leadership activities such as webinars or written content.
  • Contribute to Internal Excellence: Support process improvements, methodology development, and service standardization. Maintain continuing professional education (CPE) and stay current with evolving security and compliance requirements.

What You’ll Bring

  • Experience: 5+ years of IT experience, with at least 3+ years in cybersecurity, compliance, or risk assessment roles.
  • Certifications: Active QSA certification required. At least two of the following preferred: CISA, CISM, CISSP.
  • Technical Acumen: Working knowledge of cloud platforms (AWS, Azure, or GCP), network architecture, and application environments.
  • Assessment & Client Skills: Proven ability to lead engagements, manage client relationships, and deliver high-quality results on time. Experience leading or contributing to PCI DSS assessments, including development of ROC, AOC, and SAQ deliverables.
  • Communication Skills: Strong written and verbal communication skills, with the ability to present complex topics clearly to technical and executive audiences.
  • Tools & Operations (Preferred): Experience with PSA or project management tools such as Monday.com, Asana, Mavenlink, or similar platforms
  • Preferred Experience (Not Required): Experience with government-related frameworks such as FedRAMP and CMMC. Experience with privacy regulations (e.g., CCPA/CPRA, GDPR, or similar data protection requirements).

Mindset We Value

  • Take ownership and follow through without micromanagement
  • Stay calm under pressure and manage shifting priorities effectively
  • Solve problems proactively and continuously seek improvement
  • Value structure, organization, and consistency in delivery
  • Support team success and contribute to a collaborative environment
  • Maintain a growth-oriented and professional mindset

Why Join RSI?

You will be joining a growing leader in cybersecurity compliance, working with diverse clients across industries and frameworks. We offer a fully remote environment, exposure to complex and evolving regulatory landscapes, and opportunities to expand your expertise across multiple domains.

 

RSI Security is an Equal Opportunity Employer. We prioritize competence, qualifications, and the integrity of the certification process in all hiring decisions.


 
Apply: Information Security Assessor- QSA Certified
* Required fields
First name*
Last name*
Email address*
Location *
Phone number*
Resume*

Attach resume or Paste resume

Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or paste resume

Paste your resume here or attach resume file

What’s your citizenship / employment eligibility?*
What’s your highest level of education completed?*
Are you 18 years of age or older?*
LinkedInLinkedIn profile URL:*
Desired salary*
Are you legally authorized to work in your current country of residence for any employer?*
U.S. BASED APPLICANTS: Your response is MANDATORY when applying for a role with RSI. Do you need, or will you need in the future, any immigration related support or sponsorship from RSI Security in order to begin or continue employment with RSI? This includes support (such as J-1, F-1 CPT letter or STEM OPT Training Plan), visa sponsorship for employment (H-1B, H-1B1, E-3, O-1, or TN), and any EAD holders that will need longer term employment authorization (temporary work visa or permanent residency).*
Are you able to accommodate a Mon-Fri 8-5 Pacific Time Zone?*
If offered the role, what would your anticipated notice period be?*
What interests you the most about this role - OR - working for RSI Security?*
Do you have a current CISA?*
If you answered yes, please list the CISA certification number.*
Do you have a current CISM or CISSP?*
If you answered yes, please list your CISSP or CISM certification number.*
Do you have a current QSA or ISA?
**MUST be noted on your resume for consideration***
Based on what you read in the job description, your geographical location, and your level of experience, what is your total hourly pay expectation (in $US Dollars$) for this role?*
Have you read through the entire job posting? Do you understand the work model, expectations, requirements, location, and qualification requirements for this role?*
Do you foresee any challenges in meeting the job’s physical or scheduling requirements?*
Each step in our hiring process has been designed to help us get to know each other better. Should you advance at each stage, here's what all the steps look like:

- Application Review
- Hiring Manager Interview
- Panel Interview w/ Various Colleagues (FTE only)
-- Verbal, Then Written Offer
- Background Check
- Start Your Next Professional Chapter

Please confirm you have reviewed the hiring process as outlined above and can confirm your interest in continuing this journey with us.*
Are you currently based in the United States and authorized to work there?*
The following questions are entirely optional.
To comply with government Equal Employment Opportunity and/or Affirmative Action reporting regulations, we are requesting (but NOT requiring) that you enter this personal data. This information will not be used in connection with any employment decisions, and will be used solely as permitted by state and federal law. Your voluntary cooperation would be appreciated. Learn more.
Gender
Race/Ethnicity
Invitation for Job Applicants to Self-Identify as a U.S. Veteran
  • A “disabled veteran” is one of the following:
    • a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or
    • a person who was discharged or released from active duty because of a service-connected disability.
  • A “recently separated veteran” means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.
  • An “active duty wartime or campaign badge veteran” means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.
  • An “Armed forces service medal veteran” means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.
Veteran status
I IDENTIFY AS ONE OR MORE OF THE CLASSIFICATIONS OF PROTECTED VETERAN LISTED ABOVE
I AM NOT A PROTECTED VETERAN
I DON’T WISH TO ANSWER
Voluntary Self-Identification of Disability
Voluntary Self-Identification of Disability Form CC-305
OMB Control Number 1250-0005
Expires 05/31/2026
Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

  • Alcohol or other substance use disorder (not currently using drugs illegally)
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
  • Blind or low vision
  • Cancer (past or present)
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or serious difficulty hearing
  • Diabetes
  • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
  • Epilepsy or other seizure disorder
  • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
  • Intellectual or developmental disability
  • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
  • Missing limbs or partially missing limbs
  • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
  • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
  • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
  • Partial or complete paralysis (any cause)
  • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
  • Short stature (dwarfism)
  • Traumatic brain injury
Please check one of the boxes below:
YES, I HAVE A DISABILITY, OR HAVE HAD ONE IN THE PAST
NO, I DO NOT HAVE A DISABILITY AND HAVE NOT HAD ONE IN THE PAST
I DO NOT WANT TO ANSWER

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

Name Date
Human Check*