Security Analyst Consultant - Attack Surface Management
$110k - $140kKalles Group
Job Description
Job Description
ABOUT KALLES GROUP:
Everyone deserves to be secure. Our mission at Kalles Group is to help secure the future for companies of all shapes and sizes.
While our expertise spans multiple disciplines, our method remains consistent: building trust and relationship with people -- whether you are a client, a consultant, or--in this case--a candidate.
No matter what role you come from--whether you're an executive or just starting your career-you can expect our highest level of attention and respect. We want to find the right fit for each role, but we also want you to find the right fit for your career.
We believe the best way to show you what our team is like is to treat you like you're already a part of it . We hope you'll consider joining our team of experienced professionals who are building their careers at Kalles Group—and having fun while doing it.
WHAT YOU WILL DO:
As a Senior Security Analyst Consultant – Attack Surface Management , you will lead and evolve our client's enterprise Attack Surface Management (ASM) program, helping reduce cyber risk through proactive discovery, analysis, automation, and collaboration. This is a highly visible role that combines strategic leadership with hands-on technical execution, requiring expertise across vulnerability management, cloud security, threat intelligence, and offensive security disciplines.
You will be responsible for developing a comprehensive view of the organization's attack surface, identifying opportunities to reduce exposure, and driving remediation efforts in partnership with engineering, cloud, DevOps, and security teams. Leveraging data, automation, and threat intelligence, you will help prioritize risk reduction initiatives while influencing architectural decisions that strengthen the organization's security posture. This role is ideal for someone who enjoys building programs, solving complex security challenges, and partnering across the enterprise to create meaningful security outcomes.
KEY RESPONSIBILITIES:
- Lead and mature the organization's Attack Surface Management (ASM) program , identifying opportunities to expand capabilities and improve visibility
- Develop and maintain a comprehensive understanding of the enterprise attack surface across cloud, network, and application environments
- Continuously identify, assess, and prioritize vulnerabilities and exposures based on business and security risk
- Partner with security, engineering, infrastructure, and cloud teams to drive remediation efforts and reduce risk
- Leverage metrics and analytics to measure program effectiveness and inform risk-based decision making
- Conduct external reconnaissance activities, OSINT research, and threat intelligence analysis to identify potential exposure points
- Monitor emerging threats, attacker techniques, and industry trends to proactively strengthen defensive capabilities
- Collaborate with Application Security, DevOps, and Cloud Engineering teams to promote secure-by-design practices
- Contribute to incident response investigations and post-incident analysis as needed
- Design and implement automation solutions that improve visibility, efficiency, and risk management workflows
- Develop and maintain operational standards, procedures, documentation, and runbooks
- Mentor team members and share expertise across security domains
- Support compliance initiatives including PCI DSS, SOC 2, and related regulatory requirements
- Validate security controls and identify opportunities for continuous improvement
ABOUT YOU:
- Your values:
- Integrity: You believe in doing the right thing, even when it's uncomfortable, seemingly inefficient, or costly.
- Purposefulness: You have a desire to serve others with your skillset and an openness to continuous learning and growth.
- Ownership: You stick to your commitments, follow up with action, and seek clarity in communication & expectations.
YOUR EXPERIENCE:
Required Qualifications- 6+ years of experience in cybersecurity, including security operations, threat hunting, offensive security, red teaming, or related disciplines
- Experience building, scaling, or leading Attack Surface Management (ASM) capabilities and programs
- Strong understanding of vulnerability management methodologies and risk prioritization frameworks
- Experience working within multi-cloud environments, including AWS, Azure, and GCP
- Deep knowledge of attacker tactics, techniques, and procedures (TTPs) and frameworks such as MITRE ATT&CK
- Expertise in network security, cloud security, attack path analysis, and external attack surface discovery
- Experience conducting OSINT, reconnaissance, and threat intelligence activities
- Proficiency with scripting and automation technologies such as Python and PowerShell
- Strong understanding of enterprise infrastructure, application architectures, and data flows
- Ability to evaluate and influence architectural decisions that reduce organizational risk
- Experience leading cross-functional security initiatives and driving collaboration across multiple teams
- Excellent written and verbal communication skills with the ability to communicate effectively with both technical and non-technical stakeholders
- Strong analytical and problem-solving skills with a data-driven approach to risk management
- Industry certifications such as CISSP, OSCE, GREM, or similar cybersecurity credentials
- Experience applying AI and automation technologies to security operations or attack surface management programs
- Experience with cloud-native security platforms and exposure management tooling
- Familiarity with threat modeling, purple teaming, or advanced adversary simulation exercises
- Experience working in large-scale enterprise environments with complex security requirements
- The annual salary range for this role is $110,000-$140,000.
- We offer Medical, Dental, Vision plans, 401K with matching, and PTO for salaried employees.
- Work/life balance – we know there's more to life than work! We encourage our team to pursue other passions, get outside, and spend time with family. We work with clients and consultants to set expectations for a manageable workload.
LOCATION:
This role is on-site at our client location in Seattle, WA. At this time, we are only considering candidates who currently live in Seattle, WA.
HOW TO APPLY:
Please fill out the form below (including uploading your most recent resume) and we'll be in touch! We know imposter syndrome can be a barrier to many great applicants. We hope you'll still consider applying. That's why we've made the application process as short and simple as possible.
Even if you're not a fit for the role, you can expect to hear back from us! We want you to have the best experience as a candidate, so please feel free to share feedback at any stage of the process to View email address on ziprecruiter.com.
Kalles Group is an equal-opportunity employer and does not discriminate on the basis of creed, nationality, race, ethnicity, disability, gender, or other protected class.
$136.2k - $178.7k
...people. About this team The Security Operations Center (SOC) is responsible... ...As a Senior Cybersecurity Analyst, you will apply deep... ...investigations involving advanced attack techniques, forensic analysis... ...establishing vulnerability management approaches integrating threat...SuggestedPermanent employmentFull timePart timeLocal areaImmediate startWork visa- ...AI / Emerging Tech Security Analyst (AI Training) About the Role What if your security... ...powerful AI systems defend themselves against attack? We're looking for AI Security Analysts... ...of security threat modeling, attack surfaces, and risk classification Familiar...SuggestedHourly payOngoing contractContract workFreelanceRemote workFlexible hours
$120k - $140k
Join to apply for the Consultant - Endpoint Security Analyst role at Kalles Group Join to apply for the Consultant - Endpoint Security Analyst role at... ...design and implement a standardized approach to Patch Management across their organization. This role plays a key part in...SuggestedFull timeRemote workFlexible hours$110.57k - $165.86k
...Job: The mission of the Information Security Team is to manage Information Security risk at Brooks,... ...Information Security Operations Center (SOC) Analyst, you will primarily be responsible... ...to identify, contain, and mitigate attacks. Keys to success in this role include...SuggestedLocal area$80k - $105k
A leading construction firm in Seattle seeks an Information Security Analyst to enhance its security posture. The ideal candidate will have... ...in information security, focusing on vulnerability management, auditing, and risk assessment. Responsibilities include leading...Suggested- ...Application Security Analyst (AI Training) About the Role We're partnering with the world's leading AI research labs to build smarter... ...common production vulnerabilities ~ Able to think like an attacker - you understand real exploitability, not just CVE scores ~...Hourly payOngoing contractContract workFreelanceRemote work
$29.5 per hour
...Category Loss Prevention & Security Location 2100 Alaskan Way... ...Remotely? N Position Type Non-Management Pay Range: $29.50-$29.50... ...in the event of accidents, attacks, or other incidents. Defuse... ...sloping, uneven, or slippery surfaces as well as up and down stairs...Hourly payFull timePart timeWork experience placementRemote workFlexible hoursShift workNight shiftDay shift$100k - $130k
...strategic business outcomes, including cost management, rapid innovation, and environmental... ...future. About the Role We are hiring Security Analysts to run the daily security operations... ...telemetry. Understanding of common attacker techniques such as phishing, credential...Flexible hours$23 - $25 per hour
Logistics Security Analyst Expeditors is a global logistics company headquartered in Seattle, Washington. A Fortune 500 company, Expeditors... ...actively monitor customer shipments, analyze cargo risk events, and manage response protocols. Agents communicate directly with...Hourly payWork at officeLocal areaWorldwideShift workAfternoon shift- ...Security Analyst In this role, you will work collaboratively with the Cybersecurity GRC team along with stakeholders across the business... .... Assists with quarterly SOX control certifications and management attestations. Automates and assists in gathering audit...
- ...Overview: Cybersecurity GRC Security Analyst - Risk and Issue Management Who we are We are a yoga-inspired technical apparel company up to big things. The practice and philosophy of yoga informs our overall purpose to elevate the world through the power of...
- ...PCI Security Analyst Location: Seattle, WA (Hybrid) Duration: 10/07/2024 - 04/11/2025 Rate: DOE US Citizens & Green Card holders are preferred. Qualifications: ~5+ years in Security GRC or a related field with in-depth working knowledge of PCI DSS Standards...Remote work
- ...Qualifications 5+ years of experiencein Security GRC, IT Audit, or a related field, with a strong focus onSOX complianceandIT General... ...Experience working withineral and external auditors, including managing walkthroughs, evidence collection, and audit issue resolution....
- ...Security Operations Analyst (AI Training) About the Role We're partnering with leading AI research labs to build the next generation of intelligent security systems - and we need experienced SOC professionals to make it happen. Your hands-on knowledge of real-...Hourly payOngoing contractContract workFreelanceRemote workFlexible hours
- ...Role Overview We are seeking an IT Security Operations Analyst for the IT Technology Services contract. This project will provide IT service... ...standards and operational goals. Collaborate with the Patch Management Team to support enterprise security and compliance...Full timeContract workPart timeWork at officeRemote workMonday to Friday
- ...TX or St. Louis, MO (100% Onsite) Job Summary We are looking for an experienced Ping Security Analyst with strong expertise in Ping Identity products and Identity & Access Management (IAM). The ideal candidate will have hands‑on experience implementing Single Sign‑On (...Contract work
- ...integrations, policies, authentication flows, and access controls. Manage application onboarding and SSO integrations across enterprise... ...PagerDuty. Collaborate with application, infrastructure, and security teams to ensure secure and reliable IAM operations. Required...Contract work
- ...based on model view controller architecture and content management system. Our services also extend to the domain of Cloud Computing... ...a radical change. Job Description Participate in security planning and analyst activities. Performs security assessments and security attestations...
$90k - $110k
About The Role We are seeking a Security Analyst with an emphasis on fraud research to join our Information Security team. This role is responsible... ...fraud prevention efforts, incident response, and risk management activities. Work Environment Candidates within 30 miles of...Work experience placementWork at officeWork from home$120k - $130k
...adapters, and contract mapping in PingFederate Access token management, access token mapping, and OIDC policies in PingFederate Creating... ...college fund, student loan refinancing Base Salary Range: $120,000 to $130,000 Per Annum. #J-18808-Ljbffr Tata Consultancy ServicesContract work- Talascend, LLC is seeking an Information Security Analyst in Bellevue, Washington, to protect the organization’s digital assets and respond to security incidents. You will report and assess threats, monitor systems, and provide security training to end-users. The ideal...
- A software development company based in Bellevue is looking for a skilled Mobile Security Analyst to participate in security assessments and perform thorough analysis of vulnerabilities across applications. The ideal candidate will have substantial experience handling...
$120k - $130k
...Adapters and contract mapping in PingFederate Access Token Management, Access Token Mapping, OIDC policies in PingFederate Onboarding... ...Location Seattle, WA Job Function Technology Salary Range $120,000 to $130,000 per annum #J-18808-Ljbffr Tata Consultancy ServicesContract work- ...Command Center Agent to join the team responsible for monitoring customer shipments using advanced technology. The ideal candidate will manage customer communications, accurately enter data, and develop strong customer relationships while ensuring compliance with company...
- Nscale, a GPU cloud provider for AI, seeks a Security Analyst to join their operations team in Seattle. You will triage alerts across endpoints, identities, SaaS, cloud, and network, investigate suspicious activity, and escalate high‑risk events to the appropriate owners...
- HackerOne is seeking a Product Security Analyst to assess and communicate security vulnerabilities in web and mobile applications. You'll work closely with skilled researchers and maintain high-quality customer experiences. The position offers the flexibility of remote...Remote work
$80k - $105k
Information Security Analyst At JH Kelly , we’re seeking a proactive, detail-oriented, and results-driven analyst to join our IT team and... ...of total compensation over the past 10 years. Vulnerability Management & Remediation Leadership Own the vulnerability management...Work at office$1,500 per month
Overview City Washington Country United States We are hiring an experienced Information Security Analyst to join our team in Washington United States. Responsibilities As an Information Security Analyst you will be responsible for protecting the organization's sensitive...Full time- Talascend is currently seeking an Information Security Analyst for a contract opportunity with our client in Bellevue, Washington (State) .... ...and breaches. Triage and respond to security alerts from the Managed Detection & Response (MDR) service, as well as user‑reported...Contract workWork experience placement
- Expeditors seeks a Logistics Security Analyst to join its dynamic team in Bellevue, WA. The role involves monitoring shipments, managing customer communications, and ensuring compliance with service requirements. You will utilize technology and security protocols to enhance...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Security Analyst Consultant - Attack Surface Management. Be the first to apply!
- security operations analyst Seattle, WA
- application security analyst Seattle, WA
- entry level information security analyst Seattle, WA
- cloud security analyst Seattle, WA
- network security analyst Seattle, WA
- entry level security analyst Seattle, WA
- information security compliance analyst Seattle, WA
- security analyst Seattle, WA
- senior security analyst Seattle, WA
- IT security analyst Seattle, WA

