IT Cyber Security Risk Analyst
Cretex Companies, Inc. · Elk River, MN · 1 wk ago
Information Technology$61k/yrFull-time
Responsibilities
- Security Operations Support
- Act as a secondary resource for daily security monitoring, incident response, and vulnerability remediation.
- Aid in configuring and managing tools related to endpoint protection, logging, email security, and access control.
- Execute security-related projects, such as patching programs, encryption rollouts, and policy enforcement.
- Access Management & Zero Trust Initiatives
- Assess and improve identity and access management practices across systems.
- Partner with IT teams to implement role-based access controls and Just-In-Time access principles.
- Lead projects and process design supporting Zero Trust architecture, especially for remote access and SaaS tools.
- Participate in account reviews and privilege audits to ensure appropriate access levels.
- Cybersecurity Awareness & Culture
- Develop and lead training and awareness campaigns to reduce employee-related cyber risk.
- Manage phishing simulation programs and track effectiveness.
- Deliver cybersecurity onboarding for new employees and ongoing training for all staff.
- Serve as the go-to contact for employee questions related to phishing, passwords, or safe technology use.
- Risk Management & Resilience
- Own the development and maintenance of Business Continuity and Disaster Recovery plans.
- Facilitate tabletop exercises and capture lessons learned to enhance resilience.
- Collaborate with IT and business leaders to identify and reduce operational risk.
- Contribute to regulatory, insurance, and customer security documentation as needed.
- Governance, Policy, and Metrics
- Assist in drafting and maintaining cybersecurity policies and procedures.
- Track and report on training compliance, incidents, and risk KPIs.
- Stay current on emerging cyber threats and security trends, providing proactive recommendations.
- Cook up with external vendors (e.g., MDR, IAM, phishing) and internal teams to support tool effectiveness and projects.
- Bachelor’s degree in Cybersecurity, Information Technology, or a related field
- 2+ years in IT or cybersecurity roles, ideally with experience in user support, IAM, or risk management
- Excellent communication and teaching skills; comfortable presenting to technical and non-technical audiences
- Familiarity with Zero Trust concepts and tools (e.g., MFA, identity providers, conditional access)
- Working knowledge of phishing, endpoint protection, and threat mitigation techniques
- Strong organizational and documentation skills
Qualifications
Pay Range
Pay Range: USD $60,800.00 - USD $91,200.00 /Yr.