Position: Security Analyst Position Type: Full-time, Permanent (Existing Vacancy) Location: Toronto, ON (Remote) The Company: Postmedia is a Canadian news media company representing more than 110 brands across multiple print, online and mobile platforms. Award-winning journalists and innovative product development teams bring engaging content to millions of people every week whenever and wherever they want it. This exceptional content, reach and scope offers advertisers and marketers compelling solutions to effectively reach target audiences. We are always on the lookout for talented individuals to join our team. The Opportunity: The Regina Leader-Post is seeking a talented photographer/multimedia journalist with exceptional photo and video skills to capture compelling visual stories that inform and engage our audiences, with emphasis on Regina and southern Saskatchewan. As part of a collaborative newsroom team - including reporters, editors, and digital specialists - you will cover breaking and non-breaking news, sports, entertainment, business and related events, and be enterprising to find other visuals that tell stories in their own right. The successful candidate will also find ways to creatively and proactively illustrate our needs. The emphasis is on timely visual content to enhance storytelling online and in print, while thriving in a fast-paced news environment with tight deadlines. What you’ll do: - Assist in the maintenance and documentation of security policies, procedures, and standards under the guidance of senior security team members. - Manage account lifecycle tasks (enable/disable accounts, approve access requests); enforce BYOD, MFA, and secure remote access. - Assist with IT audits by collecting documentation, preparing evidence, and supporting coordination with internal teams. - Provide security guidelines for employees traveling internationally (VPN usage, device protection). - Advise on security best practices, including safe handling of company devices and data protection during travel or remote work. - Participate in incident response activities by performing initial analysis, documentation, and evidence collection, escalating findings to senior analysts as required. - Support security awareness initiatives by assisting with content preparation, communications, and tracking participation. - Maintain up-to-date detailed knowledge of the IT Security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors. - Collaborate with IT leadership, privacy analysts, and external vendors to maintain security posture and resolve compliance issues. - Participate in the implementation of new security solutions, policies, standards, baselines guidelines and procedures to support those as established by Postmedia’s security goals and to actively work towards upholding those goals. - Assist with vulnerability scanning, risk assessments, and remediation tracking under defined processes and supervision. - Participate in the planning and design of the Business Continuity Plan and Disaster Recovery Plan. - Recommend additional security solutions or enhancements to existing security solutions to improve overall security. - Provide support as required for MSSP Level 2 and 3 Support for all in-place security solutions. - Maintain operational configurations and baselines for all in-place security solutions. - Learn to automate repetitive security tasks such as reporting, alert enrichment, and evidence collection using scripting and workflow tools. - Assist in the development and maintenance of security automation workflows under supervision. - Explore the use of AI-assisted tools for log analysis, reporting, and security operations in accordance with Postmedia governance and security standards. - Document automation workflows and contribute to continuous improvement initiatives. - Regular hours apply. Occasional after-hours support may be required for learning, shadowing, or supervised activities. - Perform other duties as assigned. Who you are: - One or more of the following certifications would be an asset: Security+, CySA+, or equivalent (or “working towards”) - Knowledge of endpoint detection and response (EDR), CASB, IDPS and other security related concepts. - Knowledge of security frameworks or standards such as CIS Top 20, NIST and ISO 27001, 27017, 27018. - Knowledge of GDPR, CASL, PIPEDA and PCI compliance requirements. - Understanding of IP, TCP/IP and other network administration protocols. - Understanding of Windows and Linux operating systems. - Exposure to scripting or automation using Python, PowerShell, Bash, or similar, with an interest in expanding automation and AI skills. - Ability to effectively prioritize and execute tasks. - Ability to conduct research into IT security issues and products. - Able to work independently on assigned tasks while seeking guidance and feedback as part of a collaborative team. - Team-oriented and skilled in working within a collaborative environment with strong communications skills. - Be naturally innovative and forward thinking when problem solving, be analytical and detail oriented. - Inherently demonstrate a high level of integrity, discretion, and trustworthiness. - Willingness to travel on occasion as required. Must-Haves: - Foundational understanding of information security concepts and frameworks, with a willingness to learn and develop deeper expertise. - Experience with identity and access management tools, firewalls, antivirus, IDS/IPS, endpoint security. - Familiarity with VPNs, MFA, and cloud security solutions. - Experience conducting vulnerability assessments and penetration tests. - Excellent communication and documentation skills. - Ability to manage multiple tasks in a fast-paced environment. Compensation: Employment offers presented to the selected candidate are based on a combination of qualifications, experience, responsibilities of the role and the candidate's location. Base Salary: $45,000-$60,000 We thank in advance all applicants for their interest, however only those candidates under consideration will be contacted. Only candidates legally eligible to work in Canada will be considered. No phone calls or agencies please. Postmedia Network Inc. is committed to providing accommodations for people with disabilities in all areas of the hiring process. If you require accommodation during the hiring process, please make your needs known in advance. Accommodation requests will be provided on an individual basis. Postmedia Network Inc. is committed to employment equity and an inclusive barrier-free selection process and work environment. Postmedia Network Inc. encourages applications from women, indigenous peoples, persons with disabilities and members of visible minorities.

Position: Security Analyst Position Type: Full-time, Permanent (Existing Vacancy) Location: Toronto, ON (Remote) The Company: Postmedia is a Canadian news media company representing more than 110 brands across multiple print, online and mobile platforms. Award-winning journalists and innovative product development teams bring engaging content to millions of people every week whenever and wherever they want it. This exceptional content, reach and scope offers advertisers and marketers compelling solutions to effectively reach target audiences. We are always on the lookout for talented individuals to join our team. The Opportunity: The Regina Leader-Post is seeking a talented photographer/multimedia journalist with exceptional photo and video skills to capture compelling visual stories that inform and engage our audiences, with emphasis on Regina and southern Saskatchewan. As part of a collaborative newsroom team - including reporters, editors, and digital specialists - you will cover breaking and non-breaking news, sports, entertainment, business and related events, and be enterprising to find other visuals that tell stories in their own right. The successful candidate will also find ways to creatively and proactively illustrate our needs. The emphasis is on timely visual content to enhance storytelling online and in print, while thriving in a fast-paced news environment with tight deadlines. What you’ll do: - Assist in the maintenance and documentation of security policies, procedures, and standards under the guidance of senior security team members. - Manage account lifecycle tasks (enable/disable accounts, approve access requests); enforce BYOD, MFA, and secure remote access. - Assist with IT audits by collecting documentation, preparing evidence, and supporting coordination with internal teams. - Provide security guidelines for employees traveling internationally (VPN usage, device protection). - Advise on security best practices, including safe handling of company devices and data protection during travel or remote work. - Participate in incident response activities by performing initial analysis, documentation, and evidence collection, escalating findings to senior analysts as required. - Support security awareness initiatives by assisting with content preparation, communications, and tracking participation. - Maintain up-to-date detailed knowledge of the IT Security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors. - Collaborate with IT leadership, privacy analysts, and external vendors to maintain security posture and resolve compliance issues. - Participate in the implementation of new security solutions, policies, standards, baselines guidelines and procedures to support those as established by Postmedia’s security goals and to actively work towards upholding those goals. - Assist with vulnerability scanning, risk assessments, and remediation tracking under defined processes and supervision. - Participate in the planning and design of the Business Continuity Plan and Disaster Recovery Plan. - Recommend additional security solutions or enhancements to existing security solutions to improve overall security. - Provide support as required for MSSP Level 2 and 3 Support for all in-place security solutions. - Maintain operational configurations and baselines for all in-place security solutions. - Learn to automate repetitive security tasks such as reporting, alert enrichment, and evidence collection using scripting and workflow tools. - Assist in the development and maintenance of security automation workflows under supervision. - Explore the use of AI-assisted tools for log analysis, reporting, and security operations in accordance with Postmedia governance and security standards. - Document automation workflows and contribute to continuous improvement initiatives. - Regular hours apply. Occasional after-hours support may be required for learning, shadowing, or supervised activities. - Perform other duties as assigned. Who you are: - One or more of the following certifications would be an asset: Security+, CySA+, or equivalent (or “working towards”) - Knowledge of endpoint detection and response (EDR), CASB, IDPS and other security related concepts. - Knowledge of security frameworks or standards such as CIS Top 20, NIST and ISO 27001, 27017, 27018. - Knowledge of GDPR, CASL, PIPEDA and PCI compliance requirements. - Understanding of IP, TCP/IP and other network administration protocols. - Understanding of Windows and Linux operating systems. - Exposure to scripting or automation using Python, PowerShell, Bash, or similar, with an interest in expanding automation and AI skills. - Ability to effectively prioritize and execute tasks. - Ability to conduct research into IT security issues and products. - Able to work independently on assigned tasks while seeking guidance and feedback as part of a collaborative team. - Team-oriented and skilled in working within a collaborative environment with strong communications skills. - Be naturally innovative and forward thinking when problem solving, be analytical and detail oriented. - Inherently demonstrate a high level of integrity, discretion, and trustworthiness. - Willingness to travel on occasion as required. Must-Haves: - Foundational understanding of information security concepts and frameworks, with a willingness to learn and develop deeper expertise. - Experience with identity and access management tools, firewalls, antivirus, IDS/IPS, endpoint security. - Familiarity with VPNs, MFA, and cloud security solutions. - Experience conducting vulnerability assessments and penetration tests. - Excellent communication and documentation skills. - Ability to manage multiple tasks in a fast-paced environment. Compensation: Employment offers presented to the selected candidate are based on a combination of qualifications, experience, responsibilities of the role and the candidate's location. Base Salary: $45,000-$60,000 We thank in advance all applicants for their interest, however only those candidates under consideration will be contacted. Only candidates legally eligible to work in Canada will be considered. No phone calls or agencies please. Postmedia Network Inc. is committed to providing accommodations for people with disabilities in all areas of the hiring process. If you require accommodation during the hiring process, please make your needs known in advance. Accommodation requests will be provided on an individual basis. Postmedia Network Inc. is committed to employment equity and an inclusive barrier-free selection process and work environment. Postmedia Network Inc. encourages applications from women, indigenous peoples, persons with disabilities and members of visible minorities. #Li-remote

The HIPAA Subject Matter Expert supports the Health and Human Services (HHS), Office for Civil Rights (OCR) promoting the right to access health information and protection of the privacy and security of this information. These highly trained and highly skilled consultants and analysts are integral to the success and performance of OCR and to further OCR’s mission. Chickasaw Nation Industries, Inc. serves as a holding company with multiple subsidiaries engaged in several lines of business (Technology, Infrastructure & Engineering, Health, Manufacturing, Public Safety, Consulting, and Transportation) for the federal government and commercial enterprises. A portion of our profits is used to support Chickasaw citizens. We are proud to support the economic development and long-term viability of the Chickasaw Nation and its people. CNI offers premium benefits eligible on the first day of hire to full time employees; (Medical - Dental – Vision), Company Life Insurance, Short-Term and Long-Term Disability Insurance, 401(K) Immediate Vesting, Professional Development Assistance, Legal Aid Assistance Program, Family Planning / Fertility Assistance, Personal Time Off, and Observance of Federal Holidays. As a federal contractor, CNI is a drug-free workplace and adheres to the Federal Controlled Substance Act. ESSENTIAL REQUIREMENTS - Preference will be given to candidates with relevant industry certifications from CISSP, CISM, CIPP/CIPT/CIPT. - Ten (10) years of relevant cybersecurity experience is preferred. - Experience in auditing and generating audit reports is required. - Fundamental knowledge of basic systems analysis. - Knowledge of a broad range of relevant computer systems, applications, and/or related equipment. - Knowledge of computer security procedures and protocol. - Basic knowledge of advanced operating system, network, or application management tasks. - Knowledge of current technological developments/trends in area of expertise. - Knowledge of federal copyright laws as they pertain to the use of computer software. - Ability to integrate emerging technologies and applications into current environment and to identify technical specifications to meet user needs including operating system and network or application configuration. - Ability to identify technical specifications to meet user needs including operating system and network or application configuration. - Skills in planning, organizing, and adapting within a multi-tasking environment. - Strong interpersonal skills, flexibility, and customer service orientation. - Ability to gather facts and data for technical proposals and to expand upon them or develop alternatives and to evaluate emerging technologies and identify their potential impact within the existing environment. - Ability to evaluate emerging technologies and identify their potential impact within the existing environment. - Ability to analyze complex computer problems and provide solutions. - Ability to communicate effectively, both orally and in writing. - Ability to communicate technical information to non-technical personnel. - Ability to develop and deliver presentations. KEY DUTIES AND RESPONSIBILITIES Essential duties and responsibilities include the following. Other duties may be assigned. - Reviews security and privacy complaints, data breach notification and cybersecurity incident reports and other correspondence and evidence to determine whether complaints, self-reported breaches or breach notification reports indicate non-compliance with the HIPAA Security Rule. Reviews data provided by the healthcare organizations across the nation to assess the overall impact of security and privacy incidents. - Evaluates and determines the technical sufficiency of submissions from HIPAA covered entities and business associates in response to data and documentation requests (i.e. Assessing reports related to security baselines, penetration tests, vulnerability assessments, and digital forensics). - Documents processes, standard operating procedures and system requirements; develops reports summarizing the analysis along with formulating recommendations for OCR to consider for future action. - Develops written reports with technical security analyses, summaries, and recommendations for action, reports on root causes of problems, efficiency, and support needs. - Provides expertise in the development and evaluation of health information privacy policies and technologies, specifically regarding protected health information; deidentified/re-identified health information; limited data sets. - Provides subject matter expert analysis, evaluation, and recommendations based on national security standards (NIST), industry best practices from the International Organization for Standardization and implementation specifications of the HIPAA - Security Rule. - Provides DIN designing, implementing, and managing information security, data protection, and risk management programs, including policies, procedures, and controls for protected health information based on HIPAA requirements. - Provides advisory expertise in the areas of risk analyses, vulnerability assessments, incident response, security architecture, physical security, business continuity and disaster recovery, enterprise mobility, threat intelligence and analysis, security awareness and - online safety, and resolution of highly complex security projects and issues. - Works well with programmers, developers, content managers, and other key personnel in an interactive development situation. EDUCATION/EXPERIENCE Minimum educational experience is a Bachelor’s degree from an accredited university with the focus on Cybersecurity, Computer Science, Information Sciences, or other comparable fields of Study. PHYSICAL DEMANDS Work is primarily performed in an office environment. Regularly required to sit. Regularly required use hands to finger, handle, or feel, reach with hands and arms to handle objects and operate tools, computer, and/or controls. Required to speak and hear. Occasionally required to stand, walk and stoop, kneel, crouch, or crawl. Must frequently lift and/or move up to 10 pounds and occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this job include close vision, distance vision, depth perception, and ability to adjust focus. Exposed to general office noise with computers printers and light traffic. The physical demands described here are representative of those that must be met by an employee to perform successfully the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this job. EOE including disability/vet. The estimated pay range for this role is $125K to $135K, with the final offer contingent on location, skillset, and experience. CNI offers a comprehensive benefits package that includes: - Medical - Dental - Vision - 401(k) - Family Planning/Fertility Assistance - STD/LTD/Basic Life/AD&D - Legal-Aid Program - Employee Assistance Program (EAP) - Paid Time Off (PTO) – (11) Federal Holidays - Training and Development Opportunities Your application submission will be considered for all potential employment opportunities with Chickasaw Nation Industries (CNI). #INDCNI

• The Sr. Security Analyst serves a critical function on the security team preparing for, responding to, and investigating cyber events. • Using diligence, flexibility, and creativity to respond to a range of threat types. • Triaging and remediating threats based on threat intelligence and active analysis of log data. • Participation in all phases of incident response through containment, eradication, and recovery. • Using host and network forensic techniques to investigate anomalies. • Verifying information through non-technical investigative techniques like interviews with persons of interest. • Performing root cause analysis and advising stakeholders on defense strategies. • Drafting documentation for team playbooks and advising on prevention practices.