Sr. Director, Security (Chief Information Security Officer)

Miovision is a global industry leading company providing agencies and organizations modern tools to improve today’s traffic problems. We offer solutions that collect multimodal traffic data and uncover actionable insights, helping organizations get more out of their road network. The result: streets capable of moving more people – safely and efficiently – whether they are in a car, on a bus, on a bike or e-scooter, or walking. Since 2005, our systems have counted or assisted more than thirty billion vehicles around the world. With global headquarters in Kitchener, Canada, as well as operations in Germany, Serbia and the United States. For more information, visit miovision.com.
 

Position Summary:

Miovision is seeking a strategic and experienced Senior Director, Security (Chief Information Security Officer - CISO) to lead and significantly expand its security strategy across corporate systems, customer engagements, and product development, with a specialized focus on transportation security, encompassing Operational Technology (OT), Industrial Control Systems (ICS), and Connected Vehicle (V2X) environments. Crucially, this role will establish Miovision as a leader in transportation security on the national stage by actively engaging with key US regulatory bodies, including the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Transportation (DoT), and the Federal Communications Commission (FCC), as well as standards bodies like NIST and SAE International.

Located in Washington, DC (required) to facilitate direct engagement with these critical agencies, this role is responsible for the oversight, prioritization, and execution of security initiatives across Miovision’s entire ecosystem, ensuring the security of its transportation-focused solutions, supply chain, products, and enterprise operations. The CISO will be instrumental in shaping Miovision’s security posture to meet and exceed the evolving demands of transportation security, critical infrastructure protection best practices, and data privacy regulations, solidifying Miovision’s position as an industry leader in secure IoT and IIoT products and services for smart cities and transportation infrastructure.

This role will work closely with Sales, Product, Engineering, DevOps, IT, and Compliance teams to integrate security into all aspects of Miovision’s operations, ensuring customer trust, regulatory compliance, and business continuity. The CISO will also play a pivotal role in customer interactions during the sales cycle, supporting security-related inquiries and contributing to revenue growth by demonstrating Miovision’s security leadership. A key aspect of this role is to represent Miovision at industry events, conferences, and within regulatory forums, advocating for best practices in transportation security.

Security Leadership & Strategy

• Define, communicate, and execute Miovision’s comprehensive security strategy across corporate, product, and customer environments, with a primary focus on transportation security standards and regulations and alignment with agency guidelines (CISA, DoT, FCC).
• Build and lead a high-performing cross-functional security team, including internal experts and external consultants for specialized areas like transportation security, penetration testing, compliance, and incident response.
• Develop and manage security budgets, strategically aligning investments with company growth, evolving transportation security regulatory requirements, and strategic engagement with government bodies.
• Track and report security metrics and KPIs, with a focus on demonstrating the effectiveness of Miovision’s transportation security posture and compliance efforts to both internal and external stakeholders, including regulatory agencies.

Support for Sales & Customer Engagements

• Act as a trusted security advisor and subject matter expert in transportation security for Miovision’s customers, partners, and prospects during the sales cycle.
• Provide technical security expertise, specifically in transportation security, in customer meetings, RFP responses, contract negotiations, and security due diligence processes, highlighting Miovision's leadership in secure transportation solutions.
• Drive customer confidence by proactively sharing Miovision’s robust transportation security posture, relevant certifications, and industry best practices in transportation security.
• Ensure security considerations are a key enabler for business growth, helping to close high-value deals by demonstrating a competitive advantage in secure transportation solutions.

Product & IoT Security (Transportation Focus)

• Integrate security into all aspects of Miovision’s hardware and software products, specifically ensuring compliance with industry best practices and emerging standards in transportation IoT security.
• Lead OWASP Software Assurance Maturity Model (SAMM) adoption to embed security into product development lifecycles, with a strong emphasis on addressing transportation-specific security vulnerabilities.
• Oversee penetration testing, vulnerability management, and secure development lifecycle across Miovision One and other platforms, with a focus on scenarios relevant to transportation infrastructure and connected vehicle ecosystems.
• Collaborate proactively with Product and Engineering teams to address emerging security concerns in product roadmaps, particularly those related to the evolving threat landscape in transportation technology.

Regulatory Compliance & Risk Management (Transportation Security Focus)

• Oversee ISO 27001 re-certification and ensure ongoing compliance with SOC 2, GDPR, PIPEDA, FedRAMP, and other applicable standards, with a critical focus on incorporating relevant transportation security regulations and guidelines.
• Manage cybersecurity governance, risk management, and compliance (GRC) programs, ensuring adherence to internal and external security policies, and specifically addressing compliance requirements related to transportation security mandates.
• Lead incident response exercises, ensuring readiness for a wide range of cybersecurity threats, including those specific to transportation infrastructure and connected systems.
• Establish and maintain Zero Trust security architecture and identity and access management (IAM) strategies, aligning with best practices and recommendations from agencies like CISA and DoT for critical infrastructure security.

Participation in Standards Bodies & Industry Leadership (Transportation & Critical Infrastructure Security)

• Represent Miovision as a recognized thought leader in national and international transportation and critical infrastructure security standards bodies, engaging with organizations such as DoT, CISA, FCC, NIST, and SAE International.
• Collaborate with Departments of Transportation (DOTs), municipalities, and regulatory agencies to shape transportation security policies and best practices.
• Advocate for secure smart city and transportation infrastructure by participating in industry working groups and government initiatives.
• Build and maintain relationships with relevant federal and state agencies to ensure Miovision stays at the forefront of transportation security.

• 15+ years of leadership experience in cybersecurity, with a focus on transportation security, critical infrastructure, or related fields.
• Experience working with government agencies or regulatory bodies (e.g., CISA, DoT, FCC, NIST) on cybersecurity and critical infrastructure protection.
• Strong background in cloud security, IoT security, and enterprise security architecture.
• Familiarity with security frameworks such as ISO 27001, SOC 2, NIST Cybersecurity Framework, and Zero Trust principles.
• Proven ability to support sales teams and engage customers, including government entities, by articulating security value propositions.
• Extensive experience in secure product development, working with software and hardware teams to embed security into engineering processes. Must have demonstrable experience applying secure development practices to transportation-related technologies, connected vehicle systems (V2X), Operational Technology (OT), Industrial Control Systems (ICS), and IoT/IIoT environments. Experience securing AI/ML systems in safety-critical applications is highly preferred.
• Strong stakeholder engagement and communication skills, with experience presenting to executives, regulators, and industry forums.
• Relevant security certifications (e.g., CISSP, CISM, GIAC) and cloud security expertise are preferred.
• AWS Security Certification or equivalent cloud security expertise is a plus.

Note: We do offer flexible onsite and remote work options. Our Benefits are designed to reflect this and include:  

• Comprehensive health benefits starting on day one
• RRSP Matching Plan 
• Variable Incentive Plan 
• Mio-Days: We extend all three-day weekends to four-days and provide a Holiday Shutdown in December  
• Virtual Healthcare Service providing employees and their families access to healthcare providers 24/7
• Internet subsidy and a remote work allowance 
• Enhanced paternity and maternity leaves
• Unlimited vacation policy
• Wellness offerings (Fitness, Mindfulness)

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Please indicate if you require accommodation on your application, and our team will work with you to meet your accessibility needs.

PLEASE BE AWARE OF FRAUD: Applicants interested in applying for roles at Miovision should apply directly via the details provided on our careers page. We communicate directly with applicants and will not request banking information, payment, or fees during any point of the recruitment process. We do not conduct interviews via text message. If you suspect that a third party is impersonating Miovision or requesting payment for recruitment on behalf of Miovision, please alert us via recruitment@miovision.com.

To all recruitment agencies: Miovision does not accept agency solicitation or resumes. Please do not forward resumes to our HR alias e-mail address, to any Miovision employee, or to other Miovision e-mail addresses. Miovision will not pay any fees related to unsolicited resumes.