IT Cyber Security Risk Analyst

The Cybersecurity Risk Analyst is a key member of the Digital & IT team, helping drive a culture of cybersecurity, improve risk posture, and enhance user-focused security practices across the enterprise.

Locations:
Minneapolis, MN

Employment type:

Full-Time

This individual will serve as a backup to the Security Engineer(s), assisting with incident response, employee support, and cybersecurity projects. They will lead efforts to improve employee cybersecurity awareness, champion a Zero Trust approach to access and identity management, and help ensure business continuity and disaster recovery plans are in place, tested, and improved over time.

This role blends hands-on technical support with program management and education, making it ideal for someone who is both people-oriented and detail-driven.

• Act as a secondary resource for daily security monitoring, incident response, and vulnerability remediation.
• Assist in configuring and managing tools related to endpoint protection, logging, email security, and access control.
• Help execute security-related projects, such as patching programs, encryption rollouts, and policy enforcement.
• Assist with Access Management & Zero Trust initiatives: assess and improve identity and access management practices across systems, partner with IT teams to implement role-based access controls and Just-In-Time access principles, lead projects and process design supporting Zero Trust architecture (especially for remote access and SaaS tools), and participate in account reviews and privilege audits to ensure appropriate access levels.
• Develop and lead cybersecurity awareness and culture initiatives: training/awareness campaigns, phishing simulation programs, onboarding for new employees, and providing guidance on phishing, passwords, and safe technology use.
• Own the development and maintenance of Business Continuity and Disaster Recovery plans; facilitate tabletop exercises and capture lessons learned; collaborate with IT and business leaders to identify and reduce operational risk; contribute to regulatory, insurance, and customer security documentation as needed.
• Assist in drafting and maintaining cybersecurity policies and procedures; track training compliance, incidents, and risk KPIs; stay current on emerging threats and coordinate with external vendors and internal teams to support tool effectiveness and projects.

• Bachelor’s degree in Cybersecurity, Information Technology, or a related field
• 2+ years in IT or cybersecurity roles, ideally with experience in user support, IAM, or risk management
• Excellent communication and teaching skills; comfortable presenting to technical and non-technical audiences
• Familiarity with Zero Trust concepts and tools (e.g., MFA, identity providers, conditional access)
• Working knowledge of phishing, endpoint protection, and threat mitigation techniques
• Strong organizational and documentation skills

• Security certifications (e.g., Security+, SSAP, GSEC, or similar)
• Experience with identity & access management tools (e.g., Azure AD, Okta, Duo, etc.)
• Experience managing phishing simulation platforms (Mimecast, KnowBe4)
• Familiarity with business continuity planning and disaster recovery best practices
• Experience conducting or facilitating tabletop exercises
• Exposure to NIST, ISO 27001, or CIS Controls frameworks
• Manufacturing, regulated industry, or multi-site IT experience

This pay range reflects the base hourly rate or annual salary for positions within this job grade, based on our market-based pay structures. Actual compensation will depend on factors such as skills, relevant experience, education, internal equity, business needs, and local market conditions. While the full hiring range is shared for transparency, offers are rarely made at the minimum or maximum of the range.

All Employees:
Our 401k retirement savings plan with a company match contribution; onsite health clinics, discretionary holiday bonus program (based on years of service), Client University, 24/7 employee assistance program with access to five confidential visits with a licensed counselor at no cost, wellness program with incentives, an employee death benefit, and employee sick and safe leave are available to all Client employees.

• Entry level

• Full-time

• Information Technology

• IT Services and IT Consulting