Role Description Fresenius Medical Care’s CSOC seeks a Principal Analyst to lead engineering and development of advanced enterprise-wide detection and threat analytics capabilities. The role drives security engineering strategy, AI enhanced detection logic, threat modeling, and continuous tuning across diverse platforms. It also leads SOAR engineering—building automations, integrating security tools, and creating workflows that reduce manual work and speed up response—while partnering closely with Security and Global IT teams. This is a U.S.-based remote position supporting Fresenius Medical Care’s Global Cyber Security Operations Center. Principal Duties and Responsibilities - Lead architecture, development, and maintenance of SOAR playbooks and automation pipelines. - Automate repetitive security operations and security engineering workflows (EDR, VM scanning, SIEM enrichment, IR actions). - Integrate security tools and platforms using APIs, scripting, and microservices. - Improve MTTR and reduce operational overhead through intelligent automation by closely partnering with Security Engineering, IT Operations, and Cloud Teams. - Develop KPIs to measure automation impact and report operational improvements. - Lead POCs for new automation platforms and evaluate opportunities for AI-based operations. - Provide mentorship and code reviews for automation engineers and analysts. - Partner with security engineering on telemetry strategy, logging requirements, and architectural standards for monitoring visibility. - Integrate AI/ML driven detection capabilities into existing pipelines, validating model performance and reducing false positives. - Maintain ingestion pipelines, parsing logic, normalization rules, and event taxonomies across critical log sources: identity, endpoint, cloud, network, application, and medical systems. - Lead the design, implementation, and optimization of enterprise-wide detection content, including correlation rules, behavioral analytics, machine learning assisted detections, and anomaly models. - Develop detection playbooks and logic focused on lateral movement, credential abuse, insider threats, privilege escalation, cloud compromise, and advanced persistent threats. - Tune, optimize, and enrich detection pipelines with contextual data (identity, asset, threat intelligence, vulnerability data). - Mentor analysts and engineers globally on detection logic development, data analytics, and platform best practices. - Serve as a senior escalation point for complex security incidents and investigations. Physical Demands and Working Conditions The physical demands and work environment characteristics represent those typically encountered while performing essential duties. Reasonable accommodation may be made as needed. This is a remote role with availability expected during core hours and during escalations as required. Supervision Provides technical leadership and mentorship to threat engineers, automation engineers, and security operations analysts globally. Does not directly manage staff. Education - Minimum Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent professional experience). Experience and Required Skills - 5+ years in automation engineering, SOAR engineering, or DevSecOps. - Strong scripting/programming experience (Python required; PowerShell, Go, or NodeJS a plus). - Hands-on experience with: - SOAR platforms (Cortex XSOAR, Splunk SOAR, Microsoft Sentinel automation) - API integrations and REST/JSON workflows - CI/CD tools (GitHub, GitLab, Azure DevOps) - Deep understanding of SOC processes, alerting workflows, and incident response. - Experience integrating EDR, VM, identity, and cloud security tools. Preferred - Experience with AI-driven automation or LLM-assisted workflow design. - Certifications: GCSA, GCFA, GCIH, scripting/DevOps certs. - Experience in hybrid or multi-cloud environments. Compensation The rate of pay for this position will depend on the successful candidate’s work location and qualifications, including relevant education, work experience, skills, and competencies. Annual Rate: $117,700.00 - $196,200.00 for Waltham, MA location. Benefits - Comprehensive benefits package including medical, dental, and vision insurance. - 401(k) with company match. - Paid time off. - Parental leave. - Potential for performance-based bonuses depending on company and individual performance. Equal Opportunity Employer Fresenius Medical Care maintains a drug-free workplace in accordance with applicable federal and state laws. Fresenius Medical Care is an equal opportunity employer and does not discriminate on the basis of race, color, religion, sexual orientation, gender identity, parental status, national origin, age, disability, military service, or other non-merit-based factors.

Aledade is recruiting for 2026 Summer Interns! Interns ​receive​ guidance​ ​from​ senior​ ​leaders​ and​ ​take​ ​part​ ​in​ ​substantive, hands-on​ ​projects​ ​that​ ​foster​ an understanding​ ​of​ ​overall​ ​operations​ ​at​ ​Aledade​ ​and​ ​the​ ​function​ ​of our​ ​complex​ ​healthcare​ system​ ​in​ ​general.​ This internship will begin on June 1st, 2026, and last for 10 weeks until August 7th, 2026. We are seeking a motivated Security Intern to join our Cloud Security team. In this role, you will assist with the configuration and optimization of Wiz dashboards to help monitor, visualize, and report on our cloud security posture across AWS, Azure, and GCP environments. This position is ideal for students passionate about cybersecurity, cloud technologies, and security analytics. Responsibilities: - Assist the security engineering team in setting up and customizing Wiz dashboards. - Work with team members to prioritize and visualize key cloud security metrics and findings. - Help develop customized dashboard views for stakeholders across engineering and compliance. - Support onboarding of new cloud assets and accounts into Wiz. - Document dashboard configurations, procedures, and best practices for the team. - Participate in routine cloud security posture management (CSPM) reviews and reporting. - Assist with data analysis and creating periodic reports using Wiz insights. Requirements: - Currently pursuing or recently completed a degree in Cybersecurity, Computer Science, Information Security, or related field. - Basic understanding of cloud platforms (AWS, Azure, GCP). - Interest in cybersecurity and security tooling. - Familiarity with dashboards or data visualization tools is a plus. - Strong attention to detail and willingness to learn new technologies. - Excellent written and verbal communication skills. Preferred Skills, Knowledge and Abilities - Exposure to Wiz or similar Cloud Security Posture Management (CSPM) tools. - Experience interpreting and visualizing security data. What You'll Gain - Hands-on experience with one of the industry’s leading cloud security platforms. - Opportunity to work with and learn from experienced cloud security professionals. - Practical cybersecurity skills applicable to modern cloud environments. Who We Are: Aledade, a public benefit corporation, exists to empower the most transformational part of our health care landscape - independent primary care. We were founded in 2014, and since then, we've become the largest network of independent primary care in the country - helping practices, health centers and clinics deliver better care to their patients and thrive in value-based care. Additionally, by creating value-based contracts across a wide variety of health plans, we aim to flip the script on the traditional fee-for-service model. Our work strengthens continuity of care, aligns incentives and ensures primary care physicians are paid for what they do best - keeping patients healthy. If you want to help create a health care system that is good for patients, good for practices and good for society - and if you're eager to join a collaborative, inclusive and remote-first culture - you've come to the right place. What Does This Mean for You? At Aledade, you will be part of a creative culture that is driven by a passion for tackling complex issues with respect, open-mindedness and a desire to learn. You will collaborate with team members who bring a wide range of experiences, interests, backgrounds, beliefs and achievements to their work - and who are all united by a shared passion for public health and a commitment to the Aledade mission. At Aledade, we don’t just accept differences, we celebrate them! We strive to attract, develop and retain highly qualified individuals representing the diverse communities where we live and work. Aledade is committed to creating a diverse environment and is proud to be an equal opportunity employer. Employment policies and decisions at Aledade are based on merit, qualifications, performance and business needs. All qualified candidates will receive consideration for employment without regard to age, race, color, national origin, gender (including pregnancy, childbirth or medical conditions related to pregnancy or childbirth), gender identity or expression, religion, physical or mental disability, medical condition, legally protected genetic information, marital status, veteran status, or sexual orientation. Privacy Policy: By applying for this job, you agree to Aledade's Applicant Privacy Policy available at https://www.aledade.com/privacy-policy-applicants

• Lead 24x7 Threat Detection and Response Analysts providing operational and strategic planning, including fostering innovation, planning projects, and organizing and negotiating the allocation of resources as well managing the day-to-day operations. • Work closely with customers on reporting, stewardship calls, and in the case of escalations. • Enforce all policies and procedures, including those for security, disaster recovery, standards, and service provision. • Drive continuous refinement and improvement of detection and response and incident response processes. • Oversee the security of Client systems via Advanced Fusion Center (AFC) service. • Keep current with the latest vendor updates, expansion opportunities, and technology directions, utilized in the Clients environment. • Collaborate and consult with other Managers on the overall advancement of the Security Operations organization and Optiv in general. • Direct and drive process and documentation improvement. • Manage staffing, including recruitment, supervision, scheduling, development, evaluation, and disciplinary actions. • Develop and maintain an educational environment where the knowledge and performance of the group are constantly advancing. • Perform staff performance appraisals. • Ensure timely reporting of security control gaps and vulnerabilities to the customer. • Prepare reporting of metrics and trending of SLA & KPIs to the customer and client support staff. • Stay abreast of evolving risks, new developments in the security industry, and industry best practices in risk management, threat analysis, and threat response techniques. • Attend info security-related events and network with industry peers to inform engineering and operations processes of effective risk mitigation strategies for attacks. • Oversee team’s production of threat intelligence reports that communicate the results of the analyses to the respective audience. • Responsible for the joint team effort to normalize data from vulnerability assessment, penetration test, incident response, and application security project deliverables. • Establish and maintain regular written and in-person communications with the organization’s executives, other group heads regarding pertinent activities. • Develop and mentor staff through open communication, training and development opportunities, and performance management processes; build and maintain employee morale and motivation.

• Identify, investigate, and remediate threats – both internal and external. • Understand threats, attacks, and malware to develop enterprise detections and protections. • Perform security control maintenance in the form of detection tuning, control policy updates, and automations. • Reporting of metrics and summaries of weekly investigations/ ticket tracking is required. • Leverage by senior level analysts for more complex investigations and duties.