Role Description In our ‘always on’ world, we believe it’s essential to have a genuine connection with the work you do. Are you excited by a challenge? Driven by learning and growth? Then joining Vistance Networks’ cybersecurity program may be the right next step for you. In this role, you will serve both as a Lead Engineer performing SME-level technical work, and as a People Leader supervising a team of about five other security engineers. The foundation for success in this role is being organized and disciplined. As a senior security professional, you know that there is always more to do than resources available, and that you have to pace yourself and your team – that security is an endurance race, not a sprint. Our core security controls consist of tools like: - SIEM - EDR - MDR - SASE - Email Security - e-Discovery - IAM - PAM - Attack Surface Management You will lead the team to scale through quality documentation, centralized workspaces, clever use of automation, and a strong sense of prioritization. You will also manage and run the engineering and SOC on-call. We’re looking for someone with deep technical expertise and successfully led small teams through large-scale, complex engineering initiatives. You should have strong, hands-on experience with Managed Detection and Response (MDR) technologies, ideally serving as the primary technical lead or key partner in managing that service. In addition to your technical background, we’re seeking proven experience coordinating work across global time zones and effectively partnering with offshore engineering teams, particularly in India, while providing the leadership needed to keep projects aligned and moving forward. Vistance Networks’ security team takes pride in protecting the people, processes, and technologies that serve our customers, and their customers – the billions of people our products and services help to connect each day. Join us and pursue your personal best! Qualifications - Bachelors Degree and 10+ years of professional experience, demonstrating increasing responsibility and success in each role. - Previous roles in information security engineering, security operations, cybersecurity, and/or identity & access management. - Solid working understanding of all of these domains, even if you specialize in fewer of them. - Exceptional organizational, analytical, and critical thinking skills. - Previous experience as a consultant, especially for a major consulting firm, would be considered a plus. - Naturally inclined to champion security best practices across the organization, promoting awareness and enabling others to work securely. - Successful candidates will be asked to create and present a 3-5 page PowerPoint slide deck for 30 minutes as part of the final selection process. Requirements - Serve as a Lead Engineer responsible for information security tools and processes, including core controls like SIEM, EDR, MDR, SASE, Email Security, e-Discovery, IAM, PAM, and Attack Surface Management. - Take responsibility for the company’s security stack and ensure it is effective, efficient, and available 24 x 7 x 365. - Oversee the relationship with our outsourced Managed Detection and Response (MDR) provider and Incident Response (IR) retainer provider. - Ensure effective and smooth handoffs between the internal team and the provider. - Ensure 24 x 7 x 365 internal support and coordination with the MDR provider. - Engage with colleagues throughout the IT and Business Unit organizations to consult on the information security aspects of proposed and approved projects and IT initiatives. - Lead a team of ~5 information security engineers. - Recruit, hire, develop, and retain a talented, engaged team of security professionals to operate the core security controls and work with the MDR and IR providers to manage cybersecurity threats. - Create effective written, visual, and presented communications appropriate for a variety of technical and non-technical stakeholders. Benefits - Comprehensive benefits package, including medical, dental, and vision plans. - Life and accidental death insurance. - 401(k) plan. - Participation in the Company’s Incentive Plan. - Eligible for eleven paid holidays in a full calendar year. - Two weeks of paid vacation (prorated based on start date). - Other leave options available.

About Miovision: At Miovision, we’re unlocking transportation networks that move you. Our vision and mission is to enable smart, fast, safe communities that simply flow, as we drive the Intelligent Mobility Revolution. Backed by the world’s most advanced traffic AI, Miovision’s innovations in traffic signal planning and operations are making it possible for cities to improve the transportation experience for drivers, cyclists and pedestrians. Our values drive us. They’re at the core of everything we do. If they align with yours, proceed through the GREEN light! - All in to win: We're driven by a winning mindset, approaching every challenge with intensity, clarity, and speed. - One Miovision: We succeed as one team, uniting diverse talents, building on trust, and putting our shared mission before ego. - Be better every day: We're committed to continuous growth, staying curious, building mastery, and embracing challenges as learning opportunities. - Make it happen: We are proactive and results-driven, taking ownership, acting with urgency, and focusing on solutions that deliver real impact. - Earn the customer: We are deeply customer-centric, focused on earning our customers' partnership every day by delivering exceptional experiences that drive their success. Position Summary: At Miovision, we are building the future of smart transportation, and we need a vigilant Security Analyst to keep our systems out of gridlock and safe from oncoming threats. Consider this role the ultimate traffic control center for our cybersecurity. Reporting directly to our CISO, you’ll strengthen our threat detection, incident response, and security program enhancements. We need a proactive professional who can navigate complex intersections between Security, IT, and Engineering without stalling. You will steer advanced monitoring, detour potential vulnerabilities, and accelerate on operationalizing our security controls (ISO 27001, SOC 2, NIST). If you are ready to merge your technical expertise with high-impact strategic initiatives and help us build a secure Miovision, this role is for you! Objectives and Responsibilities: - Vulnerability Management: Proactively hunt down, analyze, and patch system weak spots before they become a problem. - Incident Response: Act as the calm, collected, and decisive first responder when the digital alarms ring, leading security investigations. - Log Ingestion: Turn mountains of raw data logs into digestible, actionable insights to keep our defenses sharp. - Threat Intelligence: Stay three steps ahead of bad actors by keeping your ear to the ground and analyzing the latest tactics in the cybersecurity underworld. - Cloud Security: Champion secure practices to keep our cloud infrastructure and enterprise environments locked down tight and operating flawlessly. - Tabletop Exercises: Design and facilitate engaging "doomsday" scenarios to ensure our teams are battle-tested and ready for anything. - Security Metrics: Track, measure, and report on our security posture, utilizing data to continuously level up our operations and tooling. The Ideal Profile: - The Experience: You bring solid hands-on experience from cybersecurity, IT security, or technical support roles, and you know your way around the digital block. - The Knowledge Base: You have a firm, practical grasp of core security concepts—malware, phishing, threat actors, encryption, and firewalls are part of your daily vocabulary. - The Tech Stack: You are highly comfortable navigating cloud environments (AWS is our favorite) and have hands-on familiarity with modern security tooling (e.g., Tenable, Sumo Logic). - The Frameworks: You have had exposure to industry gold-standard frameworks such as NIST CSF, ISO 27001, or SOC 2. - The Communicator: You possess stellar written and verbal communication skills, with the unique ability to translate complex security risks into plain language for cross-functional teams. - The Mindset: You are intensely curious, highly organized, and always eager to learn the next big thing to stay sharp in a rapidly evolving field. - The Team Player: You are highly capable of making independent, confident decisions, but you shine just as brightly when mentoring junior team members and collaborating with a squad. Your Rewards & Well-being: We invest in our team with benefits designed for modern life and true work-life balance. - Comprehensive Coverage: Your well-being is covered from day one with comprehensive health benefits, 24/7 virtual healthcare access, and dedicated wellness programs. - Financial Future: Build for tomorrow with our RRSP/401K Matching Plan and share in the company's success through our Variable Incentive Plan. - Time to Recharge: Truly unplug with our unique Mio-Days and flexible vacation policy. - Work & Life Support: We support you with flexible work options, an internet subsidy, a remote work allowance, and enhanced leave for new parents. Sound like your next adventure? Apply now and let's start building together! We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Please indicate if you require accommodation on your application, and our team will work with you to meet your accessibility needs. Miovision may use artificial intelligence (AI) to assist in the hiring process for tasks such as helping to identify qualified candidates, taking meeting notes, creating summaries, and streamlining administrative work. These tools are one of several factors considered in the hiring process and do not replace human judgement. We do not use AI to make any final hiring or interview decisions. PLEASE BE AWARE OF FRAUD: Applicants interested in applying for roles at Miovision should apply directly via the details provided on our careers page. We communicate directly with applicants and will not request banking information, payment, or fees during any point of the recruitment process. We do not conduct interviews via text message. If you suspect that a third party is impersonating Miovision or requesting payment for recruitment on behalf of Miovision, please alert us via recruitment@miovision.com. To all recruitment agencies: Miovision does not accept agency solicitation or resumes. Please do not forward resumes to our HR alias e-mail address, to any Miovision employee, or to other Miovision e-mail addresses. Miovision will not pay any fees related to unsolicited resumes.

• Support the maintenance of a comprehensive security compliance program aligned with laws, regulations, and industry best practices. • Maintain and optimize key programs like Third Party Risk Management and Security Awareness Training. • Apply expertise in GDPR, HIPAA, PCI DSS, NIST 800-171/CMMC, ISO 27001, SOC2, and FedRAMP controls as well as U.S. state privacy regulations to ensure practices remain compliant and up to date. • Support internal audits, partnering with stakeholders to remediate findings. • Support external audits (e.g., SOC 2) through preparation and planning, monitoring and remediation coordination, documentation and follow-up tracking. • Bring a structured, methodical approach to assisting with cross-functional project implementation. • Stay current on emerging threats, regulations, and security best practices to strengthen compliance posture.

• Assist in the implementation of technical security requirements defined by Serve’s Cyber Security Program. • Implement security hardening standards and continuous assessment criteria for Serve’s IT and product infrastructure stack. • Work with IT Service Engineering and Product Engineering teams to further develop and maintain a secure architecture framework within Google cloud environment. • Assist in the implementation and monitoring of build and runtime security measures for Google cloud infrastructure. • Implement or further tune existing security tooling to prevent or detect hardware and software vulnerabilities and common security misconfigurations. • Assist with managing enterprise EDR Platforms as an administrator, creating detection rules, automating response workflows, conducting event correlation and performing incident root cause analysis. • Conduct research on emerging vulnerabilities, threats, IOCs, IOAs, TTPs working to develop controls and build countermeasures as a response. • Perform security reviews on Serve products and services to assess the adoption and implementation of secure design principles. • Conduct comprehensive vulnerability assessments on cloud infrastructure and enterprise business systems, providing clear recommendations and guidance on remediation and providing support for implementation of mitigating actions as required. • Partner with cross-functional technology teams to strengthen enterprise-wide detection, security orchestration, automation, and response capabilities. • Contribute to Serve’s Security Awareness Program by building out content, conducting phishing simulation exercises and providing follow up actions to strengthen org-wide security awareness. • Participate in Cyber Security on-call rotation as a security subject matter expert as required.