About Miovision: At Miovision, we’re unlocking transportation networks that move you. Our vision and mission is to enable smart, fast, safe communities that simply flow, as we drive the Intelligent Mobility Revolution. Backed by the world’s most advanced traffic AI, Miovision’s innovations in traffic signal planning and operations are making it possible for cities to improve the transportation experience for drivers, cyclists and pedestrians. Our values drive us. They’re at the core of everything we do. If they align with yours, proceed through the GREEN light! - All in to win: We're driven by a winning mindset, approaching every challenge with intensity, clarity, and speed. - One Miovision: We succeed as one team, uniting diverse talents, building on trust, and putting our shared mission before ego. - Be better every day: We're committed to continuous growth, staying curious, building mastery, and embracing challenges as learning opportunities. - Make it happen: We are proactive and results-driven, taking ownership, acting with urgency, and focusing on solutions that deliver real impact. - Earn the customer: We are deeply customer-centric, focused on earning our customers' partnership every day by delivering exceptional experiences that drive their success. Position Summary: At Miovision, we are building the future of smart transportation, and we need a vigilant Security Analyst to keep our systems out of gridlock and safe from oncoming threats. Consider this role the ultimate traffic control center for our cybersecurity. Reporting directly to our CISO, you’ll strengthen our threat detection, incident response, and security program enhancements. We need a proactive professional who can navigate complex intersections between Security, IT, and Engineering without stalling. You will steer advanced monitoring, detour potential vulnerabilities, and accelerate on operationalizing our security controls (ISO 27001, SOC 2, NIST). If you are ready to merge your technical expertise with high-impact strategic initiatives and help us build a secure Miovision, this role is for you! Objectives and Responsibilities: - Vulnerability Management: Proactively hunt down, analyze, and patch system weak spots before they become a problem. - Incident Response: Act as the calm, collected, and decisive first responder when the digital alarms ring, leading security investigations. - Log Ingestion: Turn mountains of raw data logs into digestible, actionable insights to keep our defenses sharp. - Threat Intelligence: Stay three steps ahead of bad actors by keeping your ear to the ground and analyzing the latest tactics in the cybersecurity underworld. - Cloud Security: Champion secure practices to keep our cloud infrastructure and enterprise environments locked down tight and operating flawlessly. - Tabletop Exercises: Design and facilitate engaging "doomsday" scenarios to ensure our teams are battle-tested and ready for anything. - Security Metrics: Track, measure, and report on our security posture, utilizing data to continuously level up our operations and tooling. The Ideal Profile: - The Experience: You bring solid hands-on experience from cybersecurity, IT security, or technical support roles, and you know your way around the digital block. - The Knowledge Base: You have a firm, practical grasp of core security concepts—malware, phishing, threat actors, encryption, and firewalls are part of your daily vocabulary. - The Tech Stack: You are highly comfortable navigating cloud environments (AWS is our favorite) and have hands-on familiarity with modern security tooling (e.g., Tenable, Sumo Logic). - The Frameworks: You have had exposure to industry gold-standard frameworks such as NIST CSF, ISO 27001, or SOC 2. - The Communicator: You possess stellar written and verbal communication skills, with the unique ability to translate complex security risks into plain language for cross-functional teams. - The Mindset: You are intensely curious, highly organized, and always eager to learn the next big thing to stay sharp in a rapidly evolving field. - The Team Player: You are highly capable of making independent, confident decisions, but you shine just as brightly when mentoring junior team members and collaborating with a squad. Your Rewards & Well-being: We invest in our team with benefits designed for modern life and true work-life balance. - Comprehensive Coverage: Your well-being is covered from day one with comprehensive health benefits, 24/7 virtual healthcare access, and dedicated wellness programs. - Financial Future: Build for tomorrow with our RRSP/401K Matching Plan and share in the company's success through our Variable Incentive Plan. - Time to Recharge: Truly unplug with our unique Mio-Days and flexible vacation policy. - Work & Life Support: We support you with flexible work options, an internet subsidy, a remote work allowance, and enhanced leave for new parents. Sound like your next adventure? Apply now and let's start building together! We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Please indicate if you require accommodation on your application, and our team will work with you to meet your accessibility needs. Miovision may use artificial intelligence (AI) to assist in the hiring process for tasks such as helping to identify qualified candidates, taking meeting notes, creating summaries, and streamlining administrative work. These tools are one of several factors considered in the hiring process and do not replace human judgement. We do not use AI to make any final hiring or interview decisions. PLEASE BE AWARE OF FRAUD: Applicants interested in applying for roles at Miovision should apply directly via the details provided on our careers page. We communicate directly with applicants and will not request banking information, payment, or fees during any point of the recruitment process. We do not conduct interviews via text message. If you suspect that a third party is impersonating Miovision or requesting payment for recruitment on behalf of Miovision, please alert us via recruitment@miovision.com. To all recruitment agencies: Miovision does not accept agency solicitation or resumes. Please do not forward resumes to our HR alias e-mail address, to any Miovision employee, or to other Miovision e-mail addresses. Miovision will not pay any fees related to unsolicited resumes.

• Support the maintenance of a comprehensive security compliance program aligned with laws, regulations, and industry best practices. • Maintain and optimize key programs like Third Party Risk Management and Security Awareness Training. • Apply expertise in GDPR, HIPAA, PCI DSS, NIST 800-171/CMMC, ISO 27001, SOC2, and FedRAMP controls as well as U.S. state privacy regulations to ensure practices remain compliant and up to date. • Support internal audits, partnering with stakeholders to remediate findings. • Support external audits (e.g., SOC 2) through preparation and planning, monitoring and remediation coordination, documentation and follow-up tracking. • Bring a structured, methodical approach to assisting with cross-functional project implementation. • Stay current on emerging threats, regulations, and security best practices to strengthen compliance posture.

• Assist in the implementation of technical security requirements defined by Serve’s Cyber Security Program. • Implement security hardening standards and continuous assessment criteria for Serve’s IT and product infrastructure stack. • Work with IT Service Engineering and Product Engineering teams to further develop and maintain a secure architecture framework within Google cloud environment. • Assist in the implementation and monitoring of build and runtime security measures for Google cloud infrastructure. • Implement or further tune existing security tooling to prevent or detect hardware and software vulnerabilities and common security misconfigurations. • Assist with managing enterprise EDR Platforms as an administrator, creating detection rules, automating response workflows, conducting event correlation and performing incident root cause analysis. • Conduct research on emerging vulnerabilities, threats, IOCs, IOAs, TTPs working to develop controls and build countermeasures as a response. • Perform security reviews on Serve products and services to assess the adoption and implementation of secure design principles. • Conduct comprehensive vulnerability assessments on cloud infrastructure and enterprise business systems, providing clear recommendations and guidance on remediation and providing support for implementation of mitigating actions as required. • Partner with cross-functional technology teams to strengthen enterprise-wide detection, security orchestration, automation, and response capabilities. • Contribute to Serve’s Security Awareness Program by building out content, conducting phishing simulation exercises and providing follow up actions to strengthen org-wide security awareness. • Participate in Cyber Security on-call rotation as a security subject matter expert as required.

• Analyze and respond to cybersecurity attacks • Identify, assess and prioritize security events • Investigate new attack techniques • Develop effective defense strategies in collaboration with the team • Improve detection mechanisms and optimize the service, e.g., through automation and incident enrichment • Provide active support to customers on security-related matters