Security Analyst Consultant - Attack Surface Management

Kalles Group·Remote(United States)
Cybersecurity
Excel

WFA Digital Insight

As the demand for cybersecurity specialists continues to skyrocket, with a reported 25% growth in 2025, professionals with expertise in Attack Surface Management are in high demand. Kalles Group stands out for its commitment to building trust and relationships with clients and candidates alike. With the rise of remote work, companies are looking for skilled security analysts who can proactively identify and mitigate cyber risks. If you're a seasoned security expert looking for a new challenge, this role could be the perfect fit. Before applying, consider highlighting your experience in vulnerability management, threat intelligence, and cloud security.

Job Description

About the Role

As a Security Analyst Consultant at Kalles Group, you will play a critical role in leading and evolving the company's Attack Surface Management program. This highly visible position combines strategic leadership with hands-on technical execution, requiring expertise across vulnerability management, cloud security, threat intelligence, and offensive security disciplines. You will be responsible for developing a comprehensive view of the organization's attack surface, identifying opportunities to reduce exposure, and driving remediation efforts in partnership with various teams.

The ideal candidate will have a strong background in cybersecurity, with a proven track record of building and implementing effective security programs. You will be working closely with cross-functional teams, including security, engineering, infrastructure, and cloud teams, to drive remediation efforts and reduce risk. If you enjoy building programs, solving complex security challenges, and partnering across the enterprise to create meaningful security outcomes, this role is perfect for you.

Kalles Group prides itself on its collaborative and dynamic work environment, where every team member is valued and respected. As a Security Analyst Consultant, you will be an integral part of this team, working together to secure the future for companies of all shapes and sizes.

What You Will Do

  • Lead and mature the organization's Attack Surface Management program, identifying opportunities to expand capabilities and improve visibility
  • Develop and maintain a comprehensive understanding of the enterprise attack surface across cloud, network, and application environments
  • Continuously identify, assess, and prioritize vulnerabilities and exposures based on business and security risk
  • Partner with security, engineering, infrastructure, and cloud teams to drive remediation efforts and reduce risk
  • Leverage metrics and analytics to measure program effectiveness and inform risk-based decision making
  • Conduct external reconnaissance activities, OSINT research, and threat intelligence analysis to identify potential exposure points
  • Monitor emerging threats, attacker techniques, and industry trends to proactively strengthen defensive capabilities
  • Collaborate with Application Security, DevOps, and Cloud Engineering teams to promote secure-by-design practices
  • Contribute to incident response investigations and post-incident analysis as needed
  • Design and implement automation solutions that improve visibility, efficiency, and risk management workflows
  • Develop and maintain operational standards, procedures, documentation, and runbooks

What We Are Looking For

  • 6+ years of experience in cybersecurity, including security operations, threat hunting, and offensive security
  • Strong understanding of vulnerability management, cloud security, and threat intelligence
  • Experience with security frameworks and compliance initiatives, including PCI DSS and SOC 2
  • Excellent communication and collaboration skills, with the ability to work effectively with cross-functional teams
  • Strong analytical and problem-solving skills, with the ability to identify and mitigate complex security risks
  • Experience with automation tools and scripting languages, such as Python or PowerShell
  • Familiarity with cloud platforms, such as AWS or Azure
  • Strong understanding of security metrics and analytics, with the ability to inform risk-based decision making

Nice to Have

  • Experience with Attack Surface Management programs and technologies
  • Familiarity with DevOps and Agile development methodologies
  • Knowledge of emerging threats and attacker techniques, such as AI-powered attacks or cloud-based threats
  • Experience with security orchestration, automation, and response (SOAR) tools
  • Certification in cybersecurity, such as CISSP or CEH

Benefits and Perks

  • Competitive salary and benefits package
  • Opportunity to work with a dynamic and collaborative team
  • Professional development and growth opportunities
  • Flexible work arrangements, including remote work options
  • Access to cutting-edge security tools and technologies
  • Recognition and reward for outstanding performance and contributions
  • Comprehensive health and wellness program, including mental health support
  • Generous PTO and holiday schedule, including paid family leave
  • Retirement savings plan, including company match
  • Employee stock purchase plan, with discounted stock options
  • Access to exclusive company events and networking opportunities

How to Stand Out

  • Tip: Highlight your experience with vulnerability management, threat intelligence, and cloud security in your application, as these skills are highly valued in this role.
  • To stand out, be prepared to provide specific examples of your experience in building and implementing effective security programs.
  • When preparing for your interview, review common security frameworks and compliance initiatives, such as PCI DSS and SOC 2, to demonstrate your knowledge and expertise.
  • Consider creating a personal portfolio or blog to showcase your skills and experience in cybersecurity, particularly in areas relevant to Attack Surface Management.
  • During salary negotiations, be prepared to discuss your expected salary range based on industry standards and your level of experience.
  • Red flag: Be cautious of companies that do not prioritize cybersecurity or do not have a clear understanding of the role and responsibilities of a Security Analyst Consultant.

This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.