Senior Consultant - Cybersecurity Risk Manager

ABOUT KALLES GROUP:

Everyone deserves to be secure. Our mission at Kalles Group is to help secure the future for companies of all shapes and sizes.

While our expertise spans multiple disciplines, our method remains consistent: building trust and relationship with people -- whether you are a client, a consultant, or--in this case--a candidate.

No matter what role you come from--whether you're an executive or just starting your career-you can expect our highest level of attention and respect. We want to find the right fit for each role, but we also want you to find the right fit for your career.

We believe the best way to show you what our team is like is to treat you like you're already a part of it. We hope you'll consider joining our team of experienced professionals who are building their careers at Kalles Group—and having fun while doing it.

WHAT YOU WILL DO: 

As a Senior Risk Management Analyst, you will play a key role in shaping and advancing our client’s enterprise cybersecurity risk strategy. Acting as a trusted advisor to senior leadership, you will design and implement comprehensive risk assessment methodologies that strengthen the organization’s security posture while enabling informed business decision-making. You will build scalable frameworks, establish operational standards, and lead cross-functional initiatives that integrate multiple risk domains across technology and business functions. Your work will ensure audit readiness, regulatory alignment, and effective risk governance in a complex and evolving threat landscape.

KEY RESPONSIBILITIES: 

• Design and implement enterprise-wide cybersecurity risk assessment methodologies that align with business objectives and regulatory requirements

• Develop operational standards, quality criteria, and workflows to ensure consistency, efficiency, and audit traceability across risk management processes

• Integrate controls across multiple technology and business domains to provide comprehensive risk coverage

• Lead and manage third-party risk assessments, including vendor security evaluations and external audit engagements

• Serve as primary liaison with external auditors and key risk stakeholders, representing the organization’s cybersecurity risk posture and remediation strategies

• Make informed commitments within enterprise governance frameworks related to audits, third-party assessments, and GRC platform initiatives

• Align risk management initiatives with medium-term strategic planning (6–18 months) to support business growth and regulatory expectations

• Facilitate senior leadership workshops on complex risk topics, driving consensus on risk tolerance and treatment strategies

• Coordinate cross-functional risk initiatives across Security, IT, Legal, and Business teams

• Contribute to the evolution of the Enterprise Risk Management roadmap by developing scalable, reusable solutions that enhance program maturity and efficiency

• Educate stakeholders on emerging cybersecurity risks, regulatory requirements, and risk-by-design principles

ABOUT YOU:

• Your values:
  • Integrity: You believe in doing the right thing, even when it's uncomfortable, seemingly inefficient, or costly.
  • Purposefulness: You have a desire to serve others with your skillset and an openness to continuous learning and growth.
  • Ownership: You stick to your commitments, follow up with action, and seek clarity in communication & expectations.

YOUR EXPERIENCE:

• 4-6 years of experience in cybersecurity risk management, including leadership of cross-functional initiatives

• Demonstrated success designing and implementing enterprise-level risk methodologies across multiple domains

• Experience managing external audit engagements and serving as a primary liaison with auditors and risk stakeholders

• Proven ability to align risk operations with strategic business objectives through structured planning

• Bachelor’s or Master’s degree in Information Technology, Computer Science, Cybersecurity, Risk Management, or a related field (or equivalent experience)

• Strong expertise in industry-standard cybersecurity frameworks (e.g., NIST CSF, ISO 27001, NIST RMF, CIS Controls, SOC 2, PCI DSS)

• Deep understanding of enterprise risk architecture and integrated control frameworks

• Experience developing operational standards and optimizing workflows for risk management

• Advanced capabilities in methodology development and enterprise framework design

• Excellent stakeholder management and executive communication skills

• Strong facilitation skills with the ability to drive alignment on complex risk topics

• Ability to operate autonomously, remove bottlenecks, anticipate trade-offs, and deliver measurable business outcomes

WHAT WE OFFER:

• The annual salary range for this role is $150,000-$200,000. 
• We offer Medical, Dental, Vision plans, 401K with matching, and PTO for salaried employees.
• Work/life balance – we know there’s more to life than work! We encourage our team to pursue other passions, get outside, and spend time with family. We work with clients and consultants to set expectations for a manageable workload.

LOCATION:

This role requires on-site presence at our client's location in Seattle, WA.

HOW TO APPLY:

Please fill out the form below (including uploading your most recent resume) and we'll be in touch! We know imposter syndrome can be a barrier to many great applicants. We hope you'll still consider applying. That's why we've made the application process as short and simple as possible.

Even if you're not a fit for the role, you can expect to hear back from us! We want you to have the best experience as a candidate, so please feel free to share feedback at any stage of the process to [email protected].

Kalles Group is an equal-opportunity employer and does not discriminate on the basis of creed, nationality, race, ethnicity, disability, gender, or other protected class.