• Analyze and respond to cybersecurity attacks • Identify, assess and prioritize security events • Investigate new attack techniques • Develop effective defense strategies in collaboration with the team • Improve detection mechanisms and optimize the service, e.g., through automation and incident enrichment • Provide active support to customers on security-related matters

The rate of pay for this position will depend on the successful candidate’s work location and qualifications, including relevant education, work experience, skills, and competencies. Annual Rate: $117,700.00 - $196,200.00 for Waltham, MA location Benefit Overview: This position offers a comprehensive benefits package including medical, dental, and vision insurance, a 401(k) with company match, paid time off, parental leave and potential for performance-based bonuses depending on company and individual performance. PURPOSE AND SCOPE: Fresenius Medical Care’s Cyber Security Operations Center (CSOC) is seeking a highly experienced Principal Analyst The Principal Cyber Security Analyst specializing in Digital Forensics serves as the senior technical authority for forensic investigations across the enterprise. This role leads complex incident response cases, conducts advanced forensic analysis of endpoints, servers, cloud environments, and networks, and provides strategic insight to reduce organizational risk. The Principal Analyst acts as the highestlevel escalation point for investigative matters and mentors other analysts in evidence handling, methodology, and tooling. This is a U.S.-based remote position supporting Fresenius Medical Care’s global Cyber Security Operations Center. PRINCIPAL DUTIES AND RESPONSIBILITIES: - Lead enterpriselevel forensic investigations involving malware, insider threats, credential compromise, data exfiltration, fraud, and targeted attacks. - Act as technical commander during priority incidents, directing scoping, containment, eradication, and rootcause analysis in partnership with IR, IT, and Cloud teams. - Conduct rootcause, impact, and attribution analysis for major cyber events; drive corrective and preventive actions. - Lead postincident reviews and oversee closure of remediation tasks, translating findings into hardening and control improvements. - Develop and maintain forensic methodologies, chainofcustody procedures, and evidencehandling standards. - Serve as the primary liaison with Legal, Privacy, HR, and external law enforcement during escalated or sensitive investigations. - Correlate forensic artifacts with threatintelligence insights to identify adversaries, campaigns, and TTPs. - Establish and maintain forensicreadiness strategies, including tooling optimization, logging enhancements, and dataretention standards. - Develop lightweight tools and scripts (Python/PowerShell) for artifact parsing, timeline generation, triage capabilities, and cloudlog normalization. ​ PHYSICAL DEMANDS AND WORKING CONDITIONS: - The physical demands and work environment characteristics represent those typically encountered while performing essential duties. Reasonable accommodation may be made as needed. This is a remote role with availability expected during core hours and during escalations as required. ​ SUPERVISION: - Provides technical leadership and mentorship to threat engineers and SOC analysts globally. Does not directly manage staff. ​ EDUCATION: - Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent professional experience). ​ EXPERIENCE AND REQUIRED SKILLS: - 10+ years in Incident Response/DFIR, including leadership of complex, enterprise scale investigations. - Cloud & Identity: Sentinel/Splunk, Microsoft 365/Azure logs, AWS/GCP logging, Entra/Okta audit trails. - Network: Zeek, Suricata, Brim/Wireshark, PCAP/flow analytics. - Experience in evidence handling, legal hold/eDiscovery coordination, and working with Legal/HR/Privacy. - Mastery of Windows and Linux internals, authentication flows, common persistence/mechanisms, and lateral movement TTPs. - Proficient in Python or PowerShell for automation and artifact analysis. - Excellent written and verbal communication—able to brief executives clearly under time pressure. ​ Preferred: - Industry certifications (one or more): GCFA, GCFE, GNFA, GREM, GCIH, CISA, CISSP, Azure Security, AWS Security. - Experience with Zero Trust controls, identity threat detection, and SaaS forensics (O365, Google Workspace). - Familiarity with EPSS/SSVC, threat modeling, and purpleteam/ATT&CK evaluation practices. - Background in regulated environments (e.g., healthcare, financial services, manufacturing) and associated audit expectations. ​ Fresenius Medical Care maintains a drug-free workplace in accordance with applicable federal and state laws. Fresenius Medical Care is an equal opportunity employer and does not discriminate on the basis of race, color, religion, sexual orientation, gender identity, parental status, national origin, age, disability, military service, or other non-merit-based factors

Position: Security Analyst Position Type: Full-time, Permanent (Existing Vacancy) Location: Toronto, ON (Remote) The Company: Postmedia is a Canadian news media company representing more than 110 brands across multiple print, online and mobile platforms. Award-winning journalists and innovative product development teams bring engaging content to millions of people every week whenever and wherever they want it. This exceptional content, reach and scope offers advertisers and marketers compelling solutions to effectively reach target audiences. We are always on the lookout for talented individuals to join our team. The Opportunity: This is an ideal role for a recent college or university graduate with a strong passion for IT and Cybersecurity. We’re looking for someone eager to learn, experiment, and grow. In this highly hands‑on, practical environment, you’ll shadow experienced team members, build foundational security skills, and develop into a future Senior Security Analyst. This role is perfect for someone curious, communicative, and brings IT/Security‑focused extracurricular, co‑op, or personal project experience. If you’re motivated, adaptable, and ready to shape your career as a security professional, we’d love to meet you. What you’ll do: - Assist in the maintenance and documentation of security policies, procedures, and standards under the guidance of senior security team members. - Manage account lifecycle tasks (enable/disable accounts, approve access requests); enforce BYOD, MFA, and secure remote access. - Assist with IT audits by collecting documentation, preparing evidence, and supporting coordination with internal teams. - Provide security guidelines for employees traveling internationally (VPN usage, device protection). - Advise on security best practices, including safe handling of company devices and data protection during travel or remote work. - Participate in incident response activities by performing initial analysis, documentation, and evidence collection, escalating findings to senior analysts as required. - Support security awareness initiatives by assisting with content preparation, communications, and tracking participation. - Maintain up-to-date detailed knowledge of the IT Security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors. - Collaborate with IT leadership, privacy analysts, and external vendors to maintain security posture and resolve compliance issues. - Participate in the implementation of new security solutions, policies, standards, baselines guidelines and procedures to support those as established by Postmedia’s security goals and to actively work towards upholding those goals. - Assist with vulnerability scanning, risk assessments, and remediation tracking under defined processes and supervision. - Participate in the planning and design of the Business Continuity Plan and Disaster Recovery Plan. - Recommend additional security solutions or enhancements to existing security solutions to improve overall security. - Provide support as required for MSSP Level 2 and 3 Support for all in-place security solutions. - Maintain operational configurations and baselines for all in-place security solutions. - Learn to automate repetitive security tasks such as reporting, alert enrichment, and evidence collection using scripting and workflow tools. - Assist in the development and maintenance of security automation workflows under supervision. - Explore the use of AI-assisted tools for log analysis, reporting, and security operations in accordance with Postmedia governance and security standards. - Document automation workflows and contribute to continuous improvement initiatives. - Regular hours apply. Occasional after-hours support may be required for learning, shadowing, or supervised activities. - Perform other duties as assigned. Who you are: - One or more of the following certifications would be an asset: Security+, CySA+, or equivalent (or “working towards”) - Knowledge of endpoint detection and response (EDR), CASB, IDPS and other security related concepts. - Knowledge of security frameworks or standards such as CIS Top 20, NIST and ISO 27001, 27017, 27018. - Knowledge of GDPR, CASL, PIPEDA and PCI compliance requirements. - Understanding of IP, TCP/IP and other network administration protocols. - Understanding of Windows and Linux operating systems. - Exposure to scripting or automation using Python, PowerShell, Bash, or similar, with an interest in expanding automation and AI skills. - Ability to effectively prioritize and execute tasks. - Ability to conduct research into IT security issues and products. - Able to work independently on assigned tasks while seeking guidance and feedback as part of a collaborative team. - Team-oriented and skilled in working within a collaborative environment with strong communications skills. - Be naturally innovative and forward thinking when problem solving, be analytical and detail oriented. - Inherently demonstrate a high level of integrity, discretion, and trustworthiness. - Willingness to travel on occasion as required. Must-Haves: - Foundational understanding of information security concepts and frameworks, with a willingness to learn and develop deeper expertise. - Experience with identity and access management tools, firewalls, antivirus, IDS/IPS, endpoint security. - Familiarity with VPNs, MFA, and cloud security solutions. - Experience conducting vulnerability assessments and penetration tests. - Excellent communication and documentation skills. - Ability to manage multiple tasks in a fast-paced environment. Compensation: Employment offers presented to the selected candidate are based on a combination of qualifications, experience, responsibilities of the role and the candidate's location. Base Salary: $50,000-$60,000 We thank in advance all applicants for their interest, however only those candidates under consideration will be contacted. Only candidates legally eligible to work in Canada will be considered. No phone calls or agencies please. Postmedia Network Inc. is committed to providing accommodations for people with disabilities in all areas of the hiring process. If you require accommodation during the hiring process, please make your needs known in advance. Accommodation requests will be provided on an individual basis. Postmedia Network Inc. is committed to employment equity and an inclusive barrier-free selection process and work environment. Postmedia Network Inc. encourages applications from women, aboriginal peoples, persons with disabilities and members of visible minorities. #LI-Remote #LI-KC1

Position: Security Analyst Position Type: Full-time, Permanent (Existing Vacancy) Location: Toronto, ON (Remote) The Company: Postmedia is a Canadian news media company representing more than 110 brands across multiple print, online and mobile platforms. Award-winning journalists and innovative product development teams bring engaging content to millions of people every week whenever and wherever they want it. This exceptional content, reach and scope offers advertisers and marketers compelling solutions to effectively reach target audiences. We are always on the lookout for talented individuals to join our team. The Opportunity: This is an ideal role for a recent college or university graduate with a strong passion for IT and Cybersecurity. We’re looking for someone eager to learn, experiment, and grow. In this highly hands‑on, practical environment, you’ll shadow experienced team members, build foundational security skills, and develop into a future Senior Security Analyst. This role is perfect for someone curious, communicative, and brings IT/Security‑focused extracurricular, co‑op, or personal project experience. If you’re motivated, adaptable, and ready to shape your career as a security professional, we’d love to meet you. What you’ll do: - Assist in the maintenance and documentation of security policies, procedures, and standards under the guidance of senior security team members. - Manage account lifecycle tasks (enable/disable accounts, approve access requests); enforce BYOD, MFA, and secure remote access. - Assist with IT audits by collecting documentation, preparing evidence, and supporting coordination with internal teams. - Provide security guidelines for employees traveling internationally (VPN usage, device protection). - Advise on security best practices, including safe handling of company devices and data protection during travel or remote work. - Participate in incident response activities by performing initial analysis, documentation, and evidence collection, escalating findings to senior analysts as required. - Support security awareness initiatives by assisting with content preparation, communications, and tracking participation. - Maintain up-to-date detailed knowledge of the IT Security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors. - Collaborate with IT leadership, privacy analysts, and external vendors to maintain security posture and resolve compliance issues. - Participate in the implementation of new security solutions, policies, standards, baselines guidelines and procedures to support those as established by Postmedia’s security goals and to actively work towards upholding those goals. - Assist with vulnerability scanning, risk assessments, and remediation tracking under defined processes and supervision. - Participate in the planning and design of the Business Continuity Plan and Disaster Recovery Plan. - Recommend additional security solutions or enhancements to existing security solutions to improve overall security. - Provide support as required for MSSP Level 2 and 3 Support for all in-place security solutions. - Maintain operational configurations and baselines for all in-place security solutions. - Learn to automate repetitive security tasks such as reporting, alert enrichment, and evidence collection using scripting and workflow tools. - Assist in the development and maintenance of security automation workflows under supervision. - Explore the use of AI-assisted tools for log analysis, reporting, and security operations in accordance with Postmedia governance and security standards. - Document automation workflows and contribute to continuous improvement initiatives. - Regular hours apply. Occasional after-hours support may be required for learning, shadowing, or supervised activities. - Perform other duties as assigned. Who you are: - One or more of the following certifications would be an asset: Security+, CySA+, or equivalent (or “working towards”) - Knowledge of endpoint detection and response (EDR), CASB, IDPS and other security related concepts. - Knowledge of security frameworks or standards such as CIS Top 20, NIST and ISO 27001, 27017, 27018. - Knowledge of GDPR, CASL, PIPEDA and PCI compliance requirements. - Understanding of IP, TCP/IP and other network administration protocols. - Understanding of Windows and Linux operating systems. - Exposure to scripting or automation using Python, PowerShell, Bash, or similar, with an interest in expanding automation and AI skills. - Ability to effectively prioritize and execute tasks. - Ability to conduct research into IT security issues and products. - Able to work independently on assigned tasks while seeking guidance and feedback as part of a collaborative team. - Team-oriented and skilled in working within a collaborative environment with strong communications skills. - Be naturally innovative and forward thinking when problem solving, be analytical and detail oriented. - Inherently demonstrate a high level of integrity, discretion, and trustworthiness. - Willingness to travel on occasion as required. Must-Haves: - Foundational understanding of information security concepts and frameworks, with a willingness to learn and develop deeper expertise. - Experience with identity and access management tools, firewalls, antivirus, IDS/IPS, endpoint security. - Familiarity with VPNs, MFA, and cloud security solutions. - Experience conducting vulnerability assessments and penetration tests. - Excellent communication and documentation skills. - Ability to manage multiple tasks in a fast-paced environment. Compensation: Employment offers presented to the selected candidate are based on a combination of qualifications, experience, responsibilities of the role and the candidate's location. Base Salary: $50,000-$60,000 We thank in advance all applicants for their interest, however only those candidates under consideration will be contacted. Only candidates legally eligible to work in Canada will be considered. No phone calls or agencies please. Postmedia Network Inc. is committed to providing accommodations for people with disabilities in all areas of the hiring process. If you require accommodation during the hiring process, please make your needs known in advance. Accommodation requests will be provided on an individual basis. Postmedia Network Inc. is committed to employment equity and an inclusive barrier-free selection process and work environment. Postmedia Network Inc. encourages applications from women, aboriginal peoples, persons with disabilities and members of visible minorities. #LI-Remote #LI-KC1