Information Security Assessor (Remote Position)
Company: RSI Security
Posted on: January 16, 2022
THIS IS A REMOTE, WORK-FROM-HOME POSITION.
As the Information Security Assessor, you will work closely with
clients to assess and validate a variety of organizations security
controls and regulatory compliance as well as provide advisory
support and recommendations on how to remediate possible gaps and
issues to meet compliance and regulatory standards.
This role will have the opportunity to lead clients engagements as
well as contribute to internal process improvements to provide the
team with the best resources and structure to delight our
The ideal person for this role is self-motivated, is energized by
continuously learning and the fastpaced world of cyber security,
and believes that the ultimate way to care for their colleagues and
clients is to be an active listen, exhibit compassion and also
provide transparent and actionable feedback and insights with the
highest level of attention to detail and review.
What are the 5 most important abilities/functions needed to
- Assess the security controls and regulatory compliance of a
client orgnization (-50% of the time) - By properly scoping and
understanding the client envionrment, business processes, people
and technologies, determining compliance requirements and then
assessing if the client organization can demonstrate the compliance
through clear evidence that is observed, reviewed and tested.
Afterwards, drafts a compliance report that outlines how the
company has met compliance requirements for the company's
- Act as an advisor to a client organization in preparation for
an assessment (-25% of the time) - Guiding the client to properly
prepare for controls and/or compliance audit through proper scoping
and identifying sensitive data, how it is managed, determine what
the requirements are needed to implement controls, perform gap
analysis and generate a report outlining action items to take and
policies to develop to be ready for an assessment.
- Provide technical writing to a client organization (-5% of the
time) - Leads, contributes and delegates technical writing for a
client who does not have policies and procedures created to meet
compliance requirements. Reviews work and provides feedback if the
work is delegated to an Analyst and finalizes to share with the
- Partner with the Sales and Marketing team (-10% of the time) -
Provides pre-sales meeting support and helps the sales team to
create proposals for a client by understanding the client's
business, security requirements, regulatory requirements, and
identify complexities. Contributes to marketing efforts, including
sitting on a panel as part of a webinar and writing blogs on
- Contribute to internal process improvements & Continuous
education (-10% of the time) - Is an active contributor to internal
project tasks at RSI, providing improvements to processes to
maintain the highest level of efficiency and help productize RSI's
services. Stays abreast of the latest cyber security and compliance
changes with 40 hours per year of CPE.
Attributes and behaviors necessary to do a great job?
- Is a trusted advisor and consultant to their clients, who
approaches engagements and issues with a balance of logically
analyzing the possibilities and potential issues to make thoughtful
and insightful decisions and recommendations. Doesn't jump to
conclusions, isn't grounded to any one idea, and always seeks input
from others and stays on top of the latest technology advancements
and marry that with RSI Security's approach and process.
- Learning is a lifestyle, understanding that technology
constantly evolves and is hungry and thirsty to learn new changes
and new knowledge as the landscape of security threats changes so
quickly. Is not afraid to step outside of their comfort zone and
learn new systems, techniques, tools and processes.
- Excellent communication skills including written and verbal,
with strong interpersonal skills, who can build trust and
credibility with clients and their teams. Is a good active listener
to make sure what was said and what was heard are aligned.
- Expresses emotional intelligence by communicating
empathetically and connects easily with others. Approaches clients
with compassion about the challenges or stress they are going
through and has a quiet confidence when approaching situations but
also knows seeking different perspectives and ideas is the key to a
well rounded decision making process.
- Skilled team player who understands the importance of
collaboration and enjoys brainstorming with colleagues and team
members for maximized success.
- Impeccable attention to detail and understands that small
oversights can results in big breakdowns or problems down the
- Self motivation, where quality is paramount with a high degree
of accountability and high sense of urgency to drive things
Essential skills & experience required? What are preferred?
- Bachelor's degree in Computer Science or equivalent education
- 5+ years of IT experience total required; having 3+ years'
experience specifically in cyber security required
- At least 2 active certifications; CISA, CISM and CISSP
- At least 1 active Qualified Security Assessor certification;
HITRUST, PCIDSS QSA, CMMC required
- Demonstrated ability to interface and collaborate with
executive leadership required
- Demonstrated ability to lead complex projects and engagements
and get consistent on-time results that meet expectations
- Demonstrated strong interpersonal and communication skills to
develop and maintain relationships with clients and colleagues
- Working technical knowledge of software development, cloud
computing and network architecture required
- Intermediate to advanced working skills with various office
equipment, computers and various programs including MS Word,
PowerPoint, Excel required
- Experience working with a PSA tool, such as Asana, Oracle
NetSuite, Mavenlink, or Sage preferred
- Experience with Google Office Suite a plus
Culture-fit? What do they have to do to be a good culture-fit? What
values should they have?
RSI Security is the nation's premier cybersecutiy and compliance
provider, dedicated to helping organizations achieve
Our foundation is built on systemization and we attribute our
achievements as a team to being process driven, data driven and
We believe that "Our Success is in Securing Yours" and we believe
that for both our clients as well as our team, and have dedicated
our core values to that, SUCCEED. We succeed by having a people
first mindset- creating trusting relationships with our clients and
colleagues that is based on transparency, and challenging each
other to be better, think differently, and consider different ideas
to come up with the right solution.
Serve - our clients and one another above all else
Unite - as an effective team and meet our goals together.
Commit - to the success of RSI Security and our clients.
Communicate - and build strong and honest relationships
Empower - each other to grow personally and professionally.
Empathize - and show compassion and respect to those around
Discover - better ways to execute and deliver results.
WIIFM (What's in it for me? Why should I be interested if I'm your
ideal candidate? What is the opportunity? The sizzle?)
RSI Security is a small, tight knit organization where
collaboration is not only encouraged, but expected. We value
relationships within our team, and are intentional to build and
maintain a strong team camaraderie through virtual happy hours,
daily morning meetings to help us start off on the right foot, and
meetings dedicated solely to professional development topics to
help us develop and grow together.
This opportunity will offer the right individual:
- The opportunity to have a positive impact on the clients we
serve through thoughtful and proven processes.
- Access to working with a team of exceptional technical
professionally who challenge one another to find the right support
for our clients and develop and grow each other personally and
- The opportunity to join a team of Warriors, who all have the
same values and commitment to approaching cyber security threats
and problems, and believes that "WE" is greater than "I".
This position has no supervisory responsibility: will manage
projects, processes, and deliverables
Position Type/Expected Hours of Work:
This is a full-time, salaried position, and regular hours of work
and days to be worked are Monday through Friday, 8:00 a.m. to 5
p.m.; however, this position can irregularly be required to work
long hours and infrequent weekend work depending on the needs of
Additional Eligibility Qualifications:
Must have an active driver's license. Must submit to a background
check as a contingency for the position.
Work Authorization/Security Clearance (if applicable):
Must be authorized to work in the United States. Each candidate is
required to comply with federal and local laws and authorization
will be checked through E-verify.
Keywords: RSI Security, Miami , Information Security Assessor (Remote Position), Other , Miami, Florida
Didn't find what you're looking for? Search again!