Security Analyst Consultant - Attack Surface Management

Everyone deserves to be secure. Our mission at Kalles Group is to help secure the future for companies of all shapes and sizes.

While our expertise spans multiple disciplines, our method remains consistent: building trust and relationship with people -- whether you are a client, a consultant, or--in this case--a candidate.

No matter what role you come from--whether you're an executive or just starting your career-you can expect our highest level of attention and respect. We want to find the right fit for each role, but we also want you to find the right fit for your career.

• →Your values:
  • →Integrity: You believe in doing the right thing, even when it's uncomfortable, seemingly inefficient, or costly.
  • →Purposefulness: You have a desire to serve others with your skillset and an openness to continuous learning and growth.
  • →Ownership: You stick to your commitments, follow up with action, and seek clarity in communication & expectations.

• 6+ years of experience in cybersecurity, including security operations, threat hunting, offensive security, red teaming, or related disciplines
• Experience building, scaling, or leading Attack Surface Management (ASM) capabilities and programs
• Strong understanding of vulnerability management methodologies and risk prioritization frameworks
• Experience working within multi-cloud environments, including AWS, Azure, and GCP
• Deep knowledge of attacker tactics, techniques, and procedures (TTPs) and frameworks such as MITRE ATT&CK
• Expertise in network security, cloud security, attack path analysis, and external attack surface discovery
• Experience conducting OSINT, reconnaissance, and threat intelligence activities
• Proficiency with scripting and automation technologies such as Python and PowerShell
• Strong understanding of enterprise infrastructure, application architectures, and data flows
• Ability to evaluate and influence architectural decisions that reduce organizational risk
• Experience leading cross-functional security initiatives and driving collaboration across multiple teams
• Excellent written and verbal communication skills with the ability to communicate effectively with both technical and non-technical stakeholders
• Strong analytical and problem-solving skills with a data-driven approach to risk management

• Industry certifications such as CISSP, OSCE, GREM, or similar cybersecurity credentials
• Experience applying AI and automation technologies to security operations or attack surface management programs
• Experience with cloud-native security platforms and exposure management tooling
• Familiarity with threat modeling, purple teaming, or advanced adversary simulation exercises
• Experience working in large-scale enterprise environments with complex security requirements

This role can be remote, but we have a strong preference for client who live in Seattle, WA.  

Please fill out the form below (including uploading your most recent resume) and we'll be in touch! We know imposter syndrome can be a barrier to many great applicants. We hope you'll still consider applying. That's why we've made the application process as short and simple as possible.

Even if you're not a fit for the role, you can expect to hear back from us! We want you to have the best experience as a candidate, so please feel free to share feedback at any stage of the process to talent@kallesgroup.com.

Kalles Group is an equal-opportunity employer and does not discriminate on the basis of creed, nationality, race, ethnicity, disability, gender, or other protected class.