External Industry Risk & Security Governance Representative

WE ARE HIRING

About Us
RSI Security operates an independent Certification Body (CB) aligned with ISO/IEC 17021-1 and pursuing accreditation for ISO/IEC 42001 (Artificial Intelligence Management Systems). RSI also operates CMMC C3PAO Level 2 assessment activities aligned with ISO/IEC 17020 requirements. To safeguard accreditation integrity, RSI maintains a formally constituted Impartiality Committee composed of internal and external voting members representing balanced interests.

About the Role

The External Industry Risk & Security Governance Representative serves as a voting member of the RSIS Impartiality Committee. This is a governance oversight role not an audit, consulting, sales, or certification decision function. The role ensures that certification and inspection activities:

1. Reflect real-world industry risk expectations
2. Remain free from commercial pressure
3. Do not prioritize revenue over integrity
4. Maintain public trust and stakeholder confidence

1. Participate in audit execution
2. Participate in certification decisions
3. Engage in sales or commercial negotiations
4. Provide advisory services to RSIS certification clients during tenure

Key Responsibilities

• Provide independent industry perspective on impartiality risks
• Review high and critical structural risks presented by management
• Assess whether commercial models could create undue influence
• Evaluate revenue concentration and market dependency risks
• Ensure industry credibility of certification and inspection decisions
• Challenge management where independence safeguards appear insufficient
• Participate in quarterly committee meetings

Governance Authority
Committee members:

• Hold voting authority within the Committee
• Operate independently from management
• May request documentation necessary to discharge oversight responsibilities
• Have authority to escalate unresolved concerns in accordance with the Committee Charter

Competence Requirements
Candidates should demonstrate:

• 10+ years in enterprise security, risk management, governance, or executive oversight
• Experience serving as CISO, Deputy CISO, VP Security, Risk Executive, or equivalent
• Understanding of third-party assurance, certification, or regulatory oversight environments
• Ability to operate at governance and oversight level rather than operational delivery

Preferred:

• Experience interacting with certification bodies, regulators, or accreditation frameworks
• Experience with ISO-based management systems or structured audit environments
• Experience in SaaS / enterprise cybersecurity governance

Independence Requirements
Prior to appointment, candidates must:

• Complete formal Conflict of Interest screening
• Disclose advisory or financial relationships with RSI entities
• Commit to ongoing annual independence attestations
• Agree not to perform advisory services for RSIS certification clients during tenure

Cooling-off and recusal requirements apply where applicable.

Term & Review
Appointments are for a two-year term, renewable once, subject to continued independence verification and performance review in accordance with the Impartiality Committee Charter.
RSI Security is an Equal Opportunity Employer. We prioritize competence, qualifications, and the integrity of the certification process in all hiring decisions.