Information Security Assessor- QSA Certified

RSI Security•,

4d•$100,000 - $150,000•Remote

About The Position

As an Information Security Assessor (QSA), you will lead and support client engagements focused on evaluating security controls, validating compliance against regulatory frameworks, and providing structured, evidence-based reporting. This role combines assessment execution, client advisory support, and internal collaboration. You will work directly with client stakeholders to assess environments, identify gaps, and guide organizations toward achieving and maintaining compliance. You will operate with a strong emphasis on objectivity, technical accuracy, and clear communication, while contributing to RSI’s service quality and client success.

Requirements

5+ years of IT experience, with at least 3+ years in cybersecurity, compliance, or risk assessment roles.
Active QSA certification required.
Working knowledge of cloud platforms (AWS, Azure, or GCP), network architecture, and application environments.
Proven ability to lead engagements, manage client relationships, and deliver high-quality results on time.
Experience leading or contributing to PCI DSS assessments, including development of ROC, AOC, and SAQ deliverables.
Strong written and verbal communication skills, with the ability to present complex topics clearly to technical and executive audiences.

Nice To Haves

At least two of the following preferred: CISA, CISM, CISSP.
Experience with PSA or project management tools such as Monday.com, Asana, Mavenlink, or similar platforms
Experience with government-related frameworks such as FedRAMP and CMMC.
Experience with privacy regulations (e.g., CCPA/CPRA, GDPR, or similar data protection requirements).

Responsibilities

Perform Security Assessments: Lead and execute PCI DSS assessments, including scoping client environments, performing control validation, and producing required deliverables such as Reports on Compliance (ROC), Attestations of Compliance (AOC), and Self-Assessment Questionnaires (SAQ), as applicable.
Develop Assessment Reports: Produce clear, structured reports that document compliance status, supporting evidence, and identified gaps in alignment with applicable regulatory requirements.
Provide Advisory Support: Guide clients in preparation for assessments by assisting with scoping, identifying sensitive data flows, performing gap analyses, and outlining remediation actions.
Support Technical Documentation: Contribute to or lead the development and review of policies and procedures to align with compliance requirements and industry standards.
Collaborate with Sales & Marketing: Support pre-sales activities by participating in client discussions, scoping engagements, and contributing to proposals. Participate in thought leadership activities such as webinars or written content.
Contribute to Internal Excellence: Support process improvements, methodology development, and service standardization. Maintain continuing professional education (CPE) and stay current with evolving security and compliance requirements.