Information Security Assessor

Summary

Join RSI Security as an Information Security Assessor and work remotely, globally, on project-based or permanent contracts. You will assess client security controls and compliance, advise on assessment preparation, contribute to technical writing, partner with sales and marketing, and improve internal processes. This role requires a Bachelor's degree in Computer Science or equivalent, cybersecurity experience, relevant certifications, and strong communication skills. Compensation is based on experience and location. RSI Security offers a supportive and forward-thinking work environment.

Requirements

• Obtain a Bachelor’s degree in Computer Science or equivalent education
• Complete training in Google, AWS, and Azure
• Have 5+ years of IT experience total; 3+ years’ experience specifically in cybersecurity
• Possess at least 2 active certifications: CISA, CISM, and CISSP
• Demonstrate the ability to interface and collaborate with executive leadership
• Demonstrate the ability to lead complex projects and engagements and get consistent on-time results that meet expectations
• Demonstrate strong interpersonal and communication skills to develop and maintain relationships with clients and colleagues
• Possess working technical knowledge of software development, cloud computing, and network architecture
• Have intermediate to advanced working skills with various office equipment, computers, and various programs including MS Word, PowerPoint, Excel

Responsibilities

• Assess the security controls and regulatory compliance of a client organization (~50% of the time) – By properly scoping and understanding the client environment, business processes, people and technologies, determining compliance requirements and then assessing if the client organization can demonstrate the compliance through clear evidence that is observed, reviewed and tested. Afterwards, drafts a compliance report that outlines how the company has met compliance requirements for the company’s applicable regulations
• Act as an advisor to a client organization in preparation for an assessment (~25% of the time) – Guiding the client to properly prepare for controls and/or compliance audit through proper scoping and identifying sensitive data, how it is managed, determine what the requirements are needed to implement controls, perform gap analysis and generate a report outlining action items to take and policies to develop to be ready for an assessment
• Provide technical writing to a client organization (~5% of the time) – Leads, contributes and delegates technical writing for a client who does not have policies and procedures created to meet compliance requirements. Reviews work and provides feedback if the work is delegated to an Analyst and finalizes to share with the client
• Partner with the Sales and Marketing team (~10% of the time) – Provides pre-sales meeting support and helps the sales team to create proposals for a client by understanding the client’s business, security requirements, regulatory requirements, and identifying complexities. Contributes to marketing efforts, including sitting on a panel as part of a webinar and writing blogs on relevant subjects
• Contribute to internal process improvements & Continuous education (~10% of the time) – Is an active contributor to internal project tasks at RSI, providing improvements to processes to maintain the highest level of efficiency and help productize RSI’s services. Stays abreast of the latest cyber security and compliance changes with 40 hours per year of CPE

Preferred Qualifications

• Have experience working with a PSA tool, such as Asana, Oracle NetSuite, Mavenlink, or Sage
• Have experience with Google Office Suite
• Have at least 1 active Qualified Security Assessor certification; HITRUST or PCIDSS QSA

Benefits

• 100% Remote work, Globally, Work from anywhere
• Compensation based on experience, education, geographic location, and market rates
• Opportunities for professional growth