IT Cyber Security Risk Analyst

Locations: Minneapolis, MN

Full-Time

Overview
The Cybersecurity Risk Analyst is a key member of the Digital & IT team, helping drive a culture of cybersecurity, improve risk posture, and enhance user-focused security practices across the enterprise.

This individual will serve as a backup to the Security Engineer(s), assisting with incident response, employee support, and cybersecurity projects. They will lead efforts to improve employee cybersecurity awareness, champion a Zero Trust approach to access and identity management, and help ensure business continuity and disaster recovery plans are in place, tested, and improved over time.

This role blends hands-on technical support with program management and education, making it ideal for someone who is both people-oriented and detail-driven.

Responsibilities ~Essential Job Functions
Security Operations Support

Act as a secondary resource for daily security monitoring, incident response, and vulnerability remediation.

Assist in configuring and managing tools related to endpoint protection, logging, email security, and access control.

Help execute security-related projects, such as patching programs, encryption rollouts, and policy enforcement.

Access Management & Zero Trust Initiatives
Help assess and improve identity and access management practices across systems.

Partner with IT teams to implement role-based access controls and Just-In-Time access principles.

Lead projects and process design supporting Zero Trust architecture, especially for remote access and SaaS tools.

Participate in account reviews and privilege audits to ensure appropriate access levels.

Cybersecurity Awareness & Culture
Develop and lead training and awareness campaigns to reduce employee-related cyber risk.

Manage phishing simulation programs and track effectiveness.

Deliver cybersecurity onboarding for new employees and ongoing training for all staff.

Serve as the go-to contact for employee questions related to phishing, passwords, or safe technology use.

Risk Management & Resilience
Own the development and maintenance of Business Continuity and Disaster Recovery plans.

Facilitate tabletop exercises and capture lessons learned to enhance resilience.

Collaborate with IT and business leaders to identify and reduce operational risk.

Contribute to regulatory, insurance, and customer security documentation as needed.

Governance, Policy, and Metrics

Assist in drafting and maintaining cybersecurity policies and procedures.

Track and report on training compliance, incidents, and risk KPIs.

Stay current on emerging cyber threats and security trends, providing proactive recommendations.

Coordinate with external vendors (e.g., MDR, IAM, phishing) and internal teams to support tool effectiveness and projects.

Qualifications
Minimum Requirements, Education & Experience (incl. KSA's and certifications)

Bachelor's degree in Cybersecurity, Information Technology, or a related field

2+ years in IT or cybersecurity roles, ideally with experience in user support, IAM, or risk management

Excellent communication and teaching skills; comfortable presenting to technical and non-technical audiences

Familiarity with Zero Trust concepts and tools (e.g., MFA, identity providers, conditional access)

Working knowledge of phishing, endpoint protection, and threat mitigation techniques

Strong organizational and documentation skills

Desirable Criteria & Qualifications
Security certifications (e.g., Security+, SSAP, GSEC, or similar)

Experience with identity & access management tools (e.g., Azure AD, Okta, Duo, etc.)

Experience managing phishing simulation platforms (Mimecast, KnowBe4)

Familiarity with business continuity planning and disaster recovery best practices

Experience conducting or facilitating tabletop exercises

Exposure to NIST, ISO 27001, or CIS Controls frameworks

Manufacturing, regulated industry, or multi-site IT experience

Pay Range
Pay Range Details

This pay range reflects the base hourly rate or annual salary for positions within this job grade, based on our market-based pay structures. Actual compensation will depend on factors such as skills, relevant experience, education, internal equity, business needs, and local market conditions. While the full hiring range is shared for transparency, offers are rarely made at the minimum or maximum of the range.

Company Benefits
All Employees:

Our 401k retirement savings plan with a company match contribution; onsite health clinics, discretionary holiday bonus program (based on years of service), Client University, 24/7 employee assistance program with access to five confidential visits with a licensed counselor at no cost, wellness program with incentives, an employee death benefit, and employee sick and safe leave are available to all Client employees.