ABOUT US:

RSI Security is a trusted leader in cybersecurity compliance and assessment, dedicated to helping organizations navigate complex security frameworks and safeguard their operations. We are committed to operational excellence, leveraging innovation and expertise to deliver tailored solutions that empower businesses to thrive in a rapidly evolving digital landscape. Our culture emphasizes collaboration, continuous improvement, and professional growth, offering team members the opportunity to contribute meaningfully to impactful projects in a supportive and forward-thinking environment.

POSITION SUMMARY:

As an RSI Security Information Security Assessor, ACTIVE QSA REQUIRED, you will work closely with clients to evaluate and validate security controls, ensure regulatory compliance, and provide actionable recommendations to address gaps. This role involves leading client engagements, contributing to internal process improvements, and supporting the team with resources to enhance client satisfaction. The ideal candidate is self-motivated, thrives in the fast-paced cybersecurity field, and demonstrates a commitment to learning, active listening, compassion, and delivering transparent, detailed feedback and insights.

QUALIFICATIONS:

• Bachelor’s degree in Computer Science or equivalent education required
• Training or hands-on experience in at least one major cloud platform (AWS, Azure, or Google Cloud) required
• 5+ years of IT experience total required; having 3+ years’ experience specifically in cyber security required
• At least 2 active certifications required from the following: CISA, CISM, or CISSP
• Active security assessor certification; PCI-DSS or HITRUST (Preferred)
• Ability to support upselling and pre-sales by identifying client needs and contributing to value-driven solutions.
• Demonstrated ability to interface and collaborate with executive leadership required
• Demonstrated ability to lead complex projects and engagements and get consistent on-time results that meet expectations required
• Demonstrated strong interpersonal and communication skills to develop and maintain relationships with clients and colleagues required
• Working technical knowledge of software development, cloud computing and network architecture required
• Experience working with a PSA tool, such as Asana, Oracle NetSuite, Mavenlink, or Sage preferred

ROLES & RESPONSIBILITIES:

• Assess the security controls and regulatory compliance of a client organization (~50% of the time) – By properly scoping and understanding the client environment, business processes, people and technologies, determining compliance requirements and then assessing if the client organization can demonstrate the compliance through clear evidence that is observed, reviewed and tested. Afterwards, drafts a compliance report that outlines how the company has met compliance requirements for the company’s applicable regulations.
• Act as an advisor to a client organization in preparation for an assessment (~25% of the time) – Guiding the client to properly prepare for controls and/or compliance audit through proper scoping and identifying sensitive data, how it is managed, determine what the requirements are needed to implement controls, perform gap analysis and generate a report outlining action items to take and policies to develop to be ready for an assessment.
• Provide technical writing to a client organization (~5% of the time) – Leads, contributes and delegates technical writing for a client who does not have policies and procedures created to meet compliance requirements. Reviews work and provides feedback if the work is delegated to an Analyst and finalizes to share with the client.
• Partner with the Sales and Marketing team (~10% of the time) – Provides pre-sales meeting support and helps the sales team to create proposals for a client by understanding the client’s business, security requirements, regulatory requirements, and identifying complexities. Contributes to marketing efforts, including sitting on a panel as part of a webinar and writing blogs on relevant subjects.
• Contribute to internal process improvements & Continuous education (~10% of the time) – Is an active contributor to internal project tasks at RSI, providing improvements to processes to maintain the highest level of efficiency and help productize RSI’s services. Stays abreast of the latest cyber security and compliance changes with 40 hours per year of CPE.