Senior Security Specialist

Job description

Miovision’s mission is to provide the foundation for tomorrow’s smart cities by transforming the way traffic networks are managed today. Backed by the world’s most advanced traffic AI, Miovision’s innovations in traffic signal planning and operations have made it possible for cities to improve the transportation experience for drivers, cyclists and pedestrians since 2005. With offices in Kitchener, Canada and Cologne, Germany, Miovision serves over 17,000 municipalities worldwide. For more information, visit www.miovision.com

Position Summary:

Miovision is seeking a technically skilled and collaborative Senior Security Specialist to strengthen the organization’s security posture across enterprise systems, cloud platforms, and customer-facing applications. This individual will play a critical role in ensuring the security and integrity of Miovision’s digital infrastructure and transportation-focused solutions by leading key initiatives in enterprise security architecture, cloud and application security, and incident response.

Reporting to the Senior Director, Security (CISO), the Senior Security Specialist will be responsible for designing and implementing security controls, driving the secure software development lifecycle, and coordinating incident response activities across both product and corporate domains. The role will act as a hands-on subject matter expert for Miovision’s security platforms and will lead the evaluation and adoption of new technologies to improve Miovision’s security ecosystem.

This role will work cross-functionally with Engineering, DevOps, IT, and Compliance to embed best-in-class security practices across Miovision’s product and operational lifecycles. In addition, the Senior Security Specialist will be a key resource during external audits, vendor risk reviews, customer due diligence processes, and security-related RFP responses, ensuring Miovision meets and exceeds the expectations of its customers, regulatory frameworks, and internal stakeholders.

With a proactive and detail-oriented approach, the Senior Security Specialist will ensure Miovision’s enterprise, cloud, and application environments are secure, resilient, and aligned with industry standards and frameworks such as ISO 27001, SOC 2, and NIST. This role is critical to Miovision’s ongoing commitment to delivering secure, scalable, and trusted smart transportation solutions to customers and communities around the world.

Key Accountabilities:

Enterprise Security Architecture

• Develop and maintain a comprehensive enterprise security architecture aligned with business objectives and compliance requirements
• Collaborate with IT to ensure consistent and robust security architecture across all environments
• Administer and optimize Zscaler ZIA/ZPA , EDR , Email Security and SIEM platforms
• Evaluate new technologies and solutions for integration into the security ecosystem

Cloud & Application Security Leadership

• Lead the definition, implementation, and continual improvement of a secure product development lifecycle across Miovision’s cloud services and applications.
• Develop and lead adoption of security standards and best practices for defining and creating secure solutions, including SAMM Assessments , threat modeling, SAST/DAST/SCA and secure code reviews
• Collaborate with Engineering and DevOps teams to provide security consultation and guidance for cloud infrastructure and application development including vulnerability management
• Administration and Deployment of Cloud Security (CNAPP) and Application security tools
• Identify security gaps and propose solutions to remediate risks
• Track and report security metrics and KPIs, demonstrating the effectiveness of security controls and improvement initiatives
• Manage penetration test coordination, including remediation planning and report triage

Incident Response & Security Operations

• Serve as primary security incident responder for Cloud, Product and Application security incidents
• Support Corporate Security Incident Response as a secondary responder when needed
• Coordinate cross-functional response teams during security incidents

Compliance & Risk Management

• Serve as Cloud, Product, and Application Security SME for various external/internal audits, including ISO 27001 and SOC2
• Execute internal audits to maintain compliance with various frameworks
• Perform risk assessments for new software vendors from procurement.

Vendor & Technology Management

• Maintain relationships with security vendors and consultants
• Coordinate security initiatives and contract management with vendors
• Manage relationship with Managed Security Service Providers (MSSP) including contract management, SLA monitoring and performance evaluation

Sales & Customer Support

• Provide technical security expertise in customer meetings, RFP responses, and security due diligence processes.
• Support RevOps and sales team with security documentation and expertise during customer engagements

Skills/Qualifications:

• 10+ years of cybersecurity experience with 5+ years specializing in application and cloud security
• Expert knowledge of secure development frameworks (OWASP), application security practices, and DevSecOps methodologies
• Proven experience with AWS, Kubernetes, and GitLab environments
• Proficiency with vulnerability management tools and cloud/application security platforms
• Demonstrated ability managing cloud/application vulnerabilities, SAMM assessments and third-party penetration testing
• Track record implementing security automation and CI/CD pipeline security integration
• Extensive experience supporting ISO 27001 and SOC 2 compliance frameworks
• Skilled in Enterprise Security architecture, Zero Trust implementation and Secure Service Edge deployment
• Strong incident response background including EDR and Email Security platform management
• Experience supporting customer RFPs and conducting comprehensive risk assessments
• Exceptional communication skills for translating security concepts across technical and business audiences
• CISSP and AWS Security Specialist certifications preferred

Perks and Benefits:

Note: We do offer flexible onsite and remote work options. Our Benefits are designed to reflect this and include:

• Comprehensive health benefits starting on day one
• RRSP Matching Plan
• Variable Incentive Plan
• Mio-Days: We extend all three-day weekends to four-days and provide a Holiday Shutdown in December
• Virtual Healthcare Service providing employees and their families access to healthcare providers ²⁴⁄₇
• Internet subsidy and a remote work allowance
• Enhanced paternity and maternity leaves
• Unlimited vacation policy
• Wellness offerings (Fitness, Mindfulness)

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Please indicate if you require accommodation on your application, and our team will work with you to meet your accessibility needs.

PLEASE BE AWARE OF FRAUD: Applicants interested in applying for roles at Miovision should apply directly via the details provided on our careers page. We communicate directly with applicants and will not request banking information, payment, or fees during any point of the recruitment process. We do not conduct interviews via text message. If you suspect that a third party is impersonating Miovision or requesting payment for recruitment on behalf of Miovision, please alert us via [email protected].

To all recruitment agencies: Miovision does not accept agency solicitation or resumes. Please do not forward resumes to our HR alias e-mail address, to any Miovision employee, or to other Miovision e-mail addresses. Miovision will not pay any fees related to unsolicited resumes.