Junior Cyber Security Analyst

Location:

Pay Range:

The Junior IT Cyber Security Analyst assists in safeguarding the organization's systems, data, and networks across both corporate and clinical environments. This role supports core cybersecurity operations, including threat monitoring, incident response, vulnerability management, and compliance activities, under the direction of senior cybersecurity professionals. The position contributes foundational cybersecurity expertise while contributing to day-to-day security operations. The Junior Analyst helps maintain and strengthen the organization's overall security posture through active participation in monitoring, analysis, and risk mitigation efforts.

KPA 1 - Threat Monitoring & Initial Response (Support Role)

• Monitor security alerts from SIEM, EDR, email security, and network tools.
• Perform initial triage and escalate suspicious activity to senior analysts.
• Follow established incident response playbooks for basic investigations.
• Document incidents, actions taken, and outcomes.

KPA 2 - Vulnerability & Patch Support

• Assist with vulnerability scans and review scan results.
• Track remediation progress and follow up with system owners.
• Support patching efforts by validating updates and documenting status.
• Help maintain asset and vulnerability inventories.

KPA 3 - Compliance & Documentation

• Support collection of evidence for audits (HIPAA, SOC 2, etc.).
• Maintain documentation for policies, procedures, and controls.
• Assist with periodic access reviews and data protection checks.
• Help track remediation of audit findings.

KPA 4 - Cyber Awareness, Training, and Culture

• Assist in coordinating phishing simulations and training campaigns.
• Help distribute cybersecurity communications (e.g., tips, alerts).
• Promote secure behaviors across staff through basic guidance.
• Support onboarding security training for new employees.

KPA 5 - Clinic Onboarding and Operational Support

• Assist senior analysts with clinic onboarding security tasks.
• Support inventory collection (devices, users, systems).
• Help validate baseline security controls during integrations.
• Participate in remote or occasional on-site support activities.

KPA 6 - Learning & Continuous Improvement

• Participate in cybersecurity projects and tool implementations.
• Develop knowledge of security technologies and best practices.
• Track and report basic metrics (e.g., ticket resolution, alert volumes).
• Continuously improve technical and analytical skills.

Education

• Associate or Bachelor's degree in Information Technology, Cybersecurity, or related field (or equivalent experience).

• High school education required.

Minimum Relevant Experience

• 0-2 years of IT or cybersecurity-related experience.

• Internship, lab, or hands-on training experience preferred.

Certifications/Licenses

• CompTIA Security+ (or actively pursuing)

• Other entry-level certifications (e.g., Network+, ISC2 CC)

Skills

• Analytical & Problem-Solving: Applies foundational analysis to investigate alerts, review data, and identify issues; follows established processes with attention to detail and appropriate escalation.

• Interpersonal Effectiveness: Communicates professionally, builds collaborative relationships, maintains confidentiality, and responds constructively to feedback.

• Communication: Demonstrates clear written and verbal communication; documents incidents and findings effectively; conveys basic technical information to non-technical audiences.

• Customer Focus & Organizational Awareness: Supports internal users and clinical staff with a service-oriented approach; aligns work with organizational priorities and healthcare standards.

• Self-Management & Accountability: Manages time and priorities effectively; demonstrates reliability, initiative, and adaptability in a structured environment.

• Adaptability: Thrives in a fast-paced, multi-site healthcare setting; manages competing priorities and collaborates across distributed teams.

• Technical Proficiency: Proficient in Microsoft Office (Word, Excel, PowerPoint, Outlook); able to learn and utilize cybersecurity tools (e.g., SIEM, EDR, vulnerability scanners) with training.

Travel: 0-25%

Expectations for All Employees

This position description reflects the general duties and responsibilities necessary to perform the principal functions of the job, as identified, and shall not be considered an exhaustive list of job responsibilities which may be inherent in the job. To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed are representative of the knowledge, skill, and/or ability required. The responsibilities listed may be subject to change at any time and individuals may be asked to perform duties outside of their regular responsibilities to support the ongoing business operation needs.

Americans with Disabilities Act (ADA) Compliance

The essential functions described herein are intended to define the fundamental duties of the position and serve as the minimum requirements for performance. They do not represent an exhaustive list of all job duties that may be required. AON complies with the Americans with Disabilities Act (ADA) and applicable state and local laws. The Company will engage in an interactive process to evaluate and, where appropriate, provide reasonable accommodations to qualified individuals with disabilities, provided such accommodations do not impose an undue hardship on the business.

Physical Requirements

• Sitting
• Keyboard use
• Minimal lifting
• Long screen exposure

Cognitive Requirements

• Time management
• Effective written/verbal communication
• Policy interpretation

Environmental Requirements

• Home office setup
• Minimal external environmental exposure

Accommodation Notes

• Flexible hours
• Ergonomic home office guidance
• Communication software accessibility