Information Security Assessor- QSA Certified
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Information Security Assessor- QSA Certified based in United States.
This role sits at the intersection of cybersecurity, compliance, and client advisory work, focusing on delivering high-quality security and regulatory assessments for complex client environments. The position involves leading PCI DSS evaluations, validating security controls, and producing formal compliance deliverables used to demonstrate regulatory alignment. You will work directly with clients to scope environments, identify gaps, and translate technical findings into clear, actionable remediation guidance. Operating in a remote-first and highly collaborative setting, you will contribute both to client success and internal methodology improvements. The role requires strong technical depth, attention to detail, and the ability to communicate effectively with both technical teams and executive stakeholders. It is well suited for professionals who enjoy structured assessment work combined with advisory responsibilities and client engagement.
Accountabilities:
- Lead end-to-end PCI DSS security assessments, including scoping, control testing, evidence validation, and reporting (ROC, AOC, SAQ)
- Conduct client discovery sessions to map environments, data flows, and compliance requirements
- Identify security and compliance gaps and provide clear remediation guidance
- Produce structured, evidence-based assessment reports aligned with regulatory standards
- Support clients in audit readiness and compliance preparation activities
- Collaborate with internal teams and sales during pre-engagement scoping and proposals
- Contribute to methodology improvements, documentation standards, and internal knowledge sharing
- Active QSA certification (required)
- 5+ years of IT experience with at least 3+ years in cybersecurity, risk, or compliance roles
- Proven hands-on experience performing PCI DSS assessments (ROC, AOC, SAQ)
- Strong understanding of cloud platforms (AWS, Azure, or GCP)
- Knowledge of network architecture and enterprise security controls
- Strong client-facing communication and stakeholder management skills
- Ability to explain complex technical topics clearly to both technical and executive audiences
- Preferred certifications: CISA, CISM, or CISSP
- Experience with project or workflow tools (Monday.com, Asana, etc.) is a plus
- Strong analytical mindset and ability to manage multiple assessments simultaneously
- $100,000 – $150,000 annual salary range based on experience
- 100% remote work within the United States
- Exposure to leading cybersecurity compliance frameworks (PCI DSS, CMMC, HITRUST, etc.)
- Professional development and continuing education (CPE support)
- Collaborative, remote-first work environment
- Opportunity to work directly with diverse enterprise clients
- Career growth in a specialized cybersecurity compliance field
Requirements:
Benefits:
Security pay context
Based on 1,667 disclosed Security salaries on RoleSuite, the role pays a median of $142K/year, with most offers between $114K and $180K (10th–90th percentile: $95K–$216K).
This posting lists $100K–$150K, below the $142K market median.
See the full Security salary breakdown →