1

Cybersecurity Risk Analyst Jobs in Minnesota (NOW HIRING)

The Lead Cybersecurity Specialist within the Legence IT Security organization will be responsible ... cyber analysts tasked with advancing Legence's security posture and reducing risk. This role is ...

The Lead Cybersecurity Specialist within the Legence IT Security organization will be responsible ... cyber analysts tasked with advancing Legence's security posture and reducing risk. This role is ...

next page

Showing results 1-20

Cybersecurity Risk Analyst information

See Minnesota salary details

$15

$39

$64

How much do cybersecurity risk analyst jobs pay per hour?

As of Jul 3, 2026, the average hourly pay for cybersecurity risk analyst in Minnesota is $39.65, according to ZipRecruiter salary data. Most workers in this role earn between $29.18 and $48.27 per hour, depending on experience, location, and employer.

What is the difference between Cybersecurity Risk Analyst vs Cybersecurity Analyst?

AspectCybersecurity Risk AnalystCybersecurity Analyst
CertificationsCompTIA Security+, CISSP, CISACompTIA Security+, CEH, CISSP
Primary FocusAssessing and managing security risksMonitoring, detecting, and responding to security threats
Work EnvironmentRisk management teams, security departmentsSecurity operations centers, IT teams
Industry UsageFinance, healthcare, governmentAll industries with cybersecurity needs

While both roles involve cybersecurity, the Cybersecurity Risk Analyst primarily focuses on identifying and mitigating security risks, whereas the Cybersecurity Analyst concentrates on monitoring and responding to security incidents. Understanding these differences helps organizations assign the right roles for their security needs.

What are the key skills and qualifications needed to thrive as a Cybersecurity Risk Analyst, and why are they important?

To thrive as a Cybersecurity Risk Analyst, you need a deep understanding of information security principles, risk management frameworks, and typically hold a degree in computer science or a related field. Familiarity with tools like vulnerability scanners, SIEM systems, and certifications such as CISSP or CISM is highly valued. Strong analytical thinking, effective communication, and attention to detail help you identify risks and convey complex information to stakeholders. These skills and qualifications are vital to proactively safeguard organizational assets and ensure compliance in an evolving threat landscape.

Is 30 too old for cyber security?

Cybersecurity Risk Analysts can enter the field at any age, as experience, skills, and certifications like CompTIA Security+ or CISSP are often more important than age. Many professionals transition into cybersecurity later in their careers, bringing valuable perspectives and expertise. Age is generally not a barrier to starting or advancing in cybersecurity roles.

How much does a cybersecurity risk analyst make?

A cybersecurity risk analyst's average salary in the United States ranges from $70,000 to $120,000 annually, depending on experience, certifications, and location. Entry-level positions typically start around $60,000, while experienced analysts with certifications like CISSP or CISA can earn over $130,000. The role often requires knowledge of risk assessment tools and security frameworks.

What are some common challenges faced by Cybersecurity Risk Analysts when working with cross-functional teams?

Cybersecurity Risk Analysts often collaborate with IT, compliance, and business units to assess and mitigate risks. A common challenge is translating complex technical risks into language that non-technical stakeholders can understand and act upon. Additionally, balancing security requirements with business objectives may require negotiation and creative problem-solving. Effective communication and relationship-building skills are key to ensuring that security recommendations are adopted across the organization.

What does a Cybersecurity Risk Analyst do?

A Cybersecurity Risk Analyst is responsible for identifying, assessing, and mitigating risks related to an organization’s information systems and data. They evaluate potential threats and vulnerabilities, develop strategies to minimize risks, and ensure compliance with security policies and regulations. Their work helps protect sensitive data and maintain the integrity and confidentiality of digital assets. Analysts often collaborate with IT and business teams to implement security controls and respond to security incidents.

What does a cyber security risk analyst do?

A cybersecurity risk analyst evaluates an organization’s security posture by identifying vulnerabilities, assessing potential threats, and recommending measures to mitigate risks. They often use tools like risk assessment frameworks and require knowledge of security protocols, compliance standards, and threat intelligence. Their work helps organizations protect sensitive data and maintain secure systems.

Can you make $500,000 a year in cyber security?

Cybersecurity Risk Analysts typically earn between $70,000 and $130,000 annually, with top-tier professionals in senior or specialized roles potentially earning over $200,000. Achieving a salary of $500,000 usually requires advanced certifications, extensive experience, leadership positions, or working in high-paying industries or consulting roles.
Infographic showing various Cybersecurity Risk Analyst job openings in Minnesota as of June 2026, with employment types broken down into 100% Full Time. Highlights an 86% Physical, 4% Hybrid, and 10% Remote job distribution, with an average salary of $82,476 per year, or $39.7 per hour.
IT Cyber Security Risk Analyst

IT Cyber Security Risk Analyst

Cretex Companies, Inc.

Elk River, MN • On-site

Full-time

Posted 9 days ago


Job description

Job Summary:
Cretex Companies, Inc. is seeking a Cybersecurity Risk Analyst to join their Digital & IT team. This role is crucial for improving the cybersecurity culture and risk posture within the organization, focusing on incident response, employee training, and the implementation of Zero Trust principles.
Responsibilities:
• Act as a secondary resource for daily security monitoring, incident response, and vulnerability remediation.
• Assist in configuring and managing tools related to endpoint protection, logging, email security, and access control.
• Help execute security-related projects, such as patching programs, encryption rollouts, and policy enforcement.
• Help assess and improve identity and access management practices across systems.
• Partner with IT teams to implement role-based access controls and Just-In-Time access principles.
• Lead projects and process design supporting Zero Trust architecture, especially for remote access and SaaS tools.
• Participate in account reviews and privilege audits to ensure appropriate access levels.
• Develop and lead training and awareness campaigns to reduce employee-related cyber risk.
• Manage phishing simulation programs and track effectiveness.
• Deliver cybersecurity onboarding for new employees and ongoing training for all staff.
• Serve as the go-to contact for employee questions related to phishing, passwords, or safe technology use.
• Own the development and maintenance of Business Continuity and Disaster Recovery plans.
• Facilitate tabletop exercises and capture lessons learned to enhance resilience.
• Collaborate with IT and business leaders to identify and reduce operational risk.
• Contribute to regulatory, insurance, and customer security documentation as needed.
• Assist in drafting and maintaining cybersecurity policies and procedures.
• Track and report on training compliance, incidents, and risk KPIs.
• Stay current on emerging cyber threats and security trends, providing proactive recommendations.
• Coordinate with external vendors (e.g., MDR, IAM, phishing) and internal teams to support tool effectiveness and projects.
Qualifications:
Required:
• Bachelor’s degree in Cybersecurity, Information Technology, or a related field
• 2+ years in IT or cybersecurity roles, ideally with experience in user support, IAM, or risk management
• Excellent communication and teaching skills; comfortable presenting to technical and non-technical audiences
• Familiarity with Zero Trust concepts and tools (e.g., MFA, identity providers, conditional access)
• Working knowledge of phishing, endpoint protection, and threat mitigation techniques
• Strong organizational and documentation skills
Preferred:
• Security certifications (e.g., Security+, SSAP, GSEC, or similar)
• Experience with identity & access management tools (e.g., Azure AD, Okta, Duo, etc.)
• Experience managing phishing simulation platforms (Mimecast, KnowBe4)
• Familiarity with business continuity planning and disaster recovery best practices
• Experience conducting or facilitating tabletop exercises
• Exposure to NIST, ISO 27001, or CIS Controls frameworks
• Manufacturing, regulated industry, or multi-site IT experience
Company:
Solid Companies. Solid Values. A family of companies driven by the core principles of honesty and integrity. Founded in 1917, the company is headquartered in Elk River, USA, with a team of 1001-5000 employees. The company is currently Late Stage.