About Our Position & Basic Responsibilities:

We are seeking a motivated and detail-oriented Associate Cybersecurity Analyst to join our growing Information Security team! The Associate Cybersecurity Analyst (ACA) position works within Protocall’s Information Security function. The ACA supports security operations, vulnerability management, and compliance initiatives while helping the organization strengthen its cyber defense posture and maintain regulatory readiness.

This is an entry-level role ideal for individuals looking to begin a career in cybersecurity, particularly in the healthcare space. The Associate Cybersecurity Analyst will support day-to-day security operations, assist in monitoring systems for potential threats, and help maintain the confidentiality, integrity, and availability of organizational data.

This role offers hands-on experience working with security tools, incident response procedures, and risk management practices in a collaborative environment. Additionally, this position supports Protocall’s HITRUST and GovRAMP audits through maintaining ongoing audit trails and collection of audit evidence.

Typical Duties and Responsibilities:

Security Monitoring & Defense
• Assist in monitoring security alerts and logs from SIEM, endpoint, and network defense tools.
• Support initial triage and investigation of low-complexity security incidents under senior staff guidance.
• Help document and track incident response actions and lessons learned.
• Maintain awareness of common threats, vulnerabilities, and exploit techniques.

Vulnerability & Configuration Management
• Assist with routine vulnerability scans, reviews, and remediation tracking.
• Help ensure system configurations align with security baselines (CIS, NIST, vendor benchmarks).
• Document and escalate deviations from security standards.
• Produce reports and identify trends in patch management and vulnerability data.

Compliance & Audit Support
• Assist with evidence collection and reporting for regulatory compliance requirements (e.g., HIPAA, FERPA, GovRAMP).
• Maintain and organize security documentation required for internal and external audits.
• Support continuous monitoring activities.
• Track remediation of compliance findings and contribute to audit readiness efforts.

Policy & Awareness
• Contribute to the maintenance of cybersecurity policies, procedures, and playbooks.
• Provide user-facing support for awareness campaigns and basic security training.
• Manage phishing and social engineering training campaigns.

Required Qualifications:

• Associate’s or Bachelor’s degree in Cybersecurity, Information Technology, or related field; OR equivalent certification and hands-on experience.
• Foundational knowledge of cloud computing, network, operating system, and application security principles.
• Familiarity with the NIST Cybersecurity Framework (CSF) or NIST SP 800-53 security controls.
• Understanding of common regulatory frameworks (HIPAA, FERPA, or FedRAMP/GovRAMP).
• Basic knowledge of security tools such as SIEMs, vulnerability scanners, and EDR solutions.
• Strong organizational skills for compliance documentation and audit preparation.
• Effective written and verbal communication for documenting incidents, policies, and compliance reports.

Desired/Preferred Skills

• CompTIA Security+, CySA+, ISC2 CC/SSCP, or equivalent entry-level certification.
• Exposure to log analysis, security operations, or compliance audits (internship, coursework, or projects).
• Familiarity with scripting (PowerShell, Python, or Bash) for automating basic security tasks.
• Interest in career development toward security operations, compliance, or threat analysis.