Certified HITRUST CSF Practitioner (1099, Pooling)

Location: Remote, Globally, Work From Anywhere
Type: Contractor – Part-Time, Project-Based
Pay: Based on experience, education, geographic location, and market rates
Travel: None

About Us

RSI Security is a trusted leader in cybersecurity compliance and assessment, dedicated to helping organizations navigate complex security frameworks and safeguard their operations. We are committed to operational excellence, leveraging innovation and expertise to deliver tailored solutions that empower businesses to thrive in a rapidly evolving digital landscape. Our culture emphasizes collaboration, continuous improvement, and professional growth, offering team members the opportunity to contribute meaningfully to impactful projects in a supportive and forward-thinking environment.

Position Summary

The Certified HITRUST CSF Practitioner (CCSFP) Consultant plays a critical role in guiding organizations through HITRUST CSF compliance. This role involves conducting comprehensive readiness assessments, performing gap analyses, and developing detailed remediation plans to enhance security and privacy controls. The consultant assists in implementing security controls, developing policies and procedures, and creating awareness programs to align client organizations with HITRUST CSF standards. Additionally, the consultant supports internal audits and prepares clients for the HITRUST certification process, acting as a liaison to ensure accurate and complete documentation.

Roles & Responsibilities

• Conduct HITRUST readiness assessments to evaluate client compliance posture against HITRUST CSF requirements.
• Identify security and privacy control gaps and deliver actionable remediation plans to support certification readiness.
• Advise clients on the design and implementation of security controls aligned with HITRUST and other relevant frameworks (e.g., NIST, HIPAA).
• Develop or refine policies, procedures, and supporting documentation to align with HITRUST CSF control requirements.
• Provide guidance and subject matter expertise throughout the HITRUST certification process, including MyCSF readiness and evidence validation.
• Deliver client-facing training and awareness on HITRUST program requirements, reporting, and control maintenance practices.
• Support internal audit activities and assist clients in preparing for formal validation and certification engagements.
• Collaborate with internal teams to share insights, improve processes, and align engagement delivery with industry best practices.

Qualifications

• Active Certified HITRUST CSF Practitioner (CCSFP) certification required.
• 3–5 years of experience in cybersecurity, compliance, or audit, with direct involvement in HITRUST or similar frameworks.
• Strong understanding of the HITRUST CSF and how it maps to other standards such as NIST, HIPAA, ISO 27001, and PCI DSS.
• Demonstrated experience performing gap assessments, control implementation, and compliance documentation.
• Excellent communication skills with the ability to translate technical requirements into business-friendly guidance.
• Bachelor’s degree in Cybersecurity, Information Systems, or a related field preferred.
• Experience supporting clients in regulated industries (e.g., healthcare, finance) is a plus.
• Familiarity with HITRUST MyCSF portal and evidence management preferred.

Mindset We Value

• Take ownership and follow through without micromanagement.
• Stay calm under pressure and manage shifting priorities with grace.
• Solve problems proactively and always look for a better way.
• Love structure, checklists, and keeping systems tidy and consistent.
• Serve the team, understanding that behind every client win is solid support.
• Bring a positive attitude and value growth—yours and others’.

What We Offer

• Competitive pay aligned with market rates.
• Flexible work environment.
• Collaborative team culture rooted in trust and humility.
• Opportunities for growth and professional development.

Our Core Values

• Serve Above All Else
• Do What’s Right, Not What’s Easy
• Commit to What You Say
• Discipline Creates Freedom
• Stay Humble, Hungry, and Aware

Equal Employment Opportunity

RSI Security is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital or family status, pregnancy, protected veteran status, or any other status protected by applicable law. We consider qualified applicants with arrest and conviction records in a manner consistent with applicable laws. If you need a reasonable accommodation during the application or recruiting process, please let us know.

For more information on RSI Security, please visit our website – www.rsisecurity.com or our social media RSI Security LinkedIn. On our career site, you will find some of the key steps you can expect to guide you along the way.