Verra Mobility processes nearly 165 million tolling transactions annually and operates photo enforcement infrastructure across 250+ North American municipalities - red-light cameras, speed sensors, school bus stop-arm systems. The threat surface spans embedded roadside hardware, transaction processing pipelines, and data flows connecting toll authorities, fleet operators, and rental car companies. Attack vectors include physical device compromise, API manipulation in payment systems, and exposure of PII across violation processing workflows.
The security stack runs on AWS with containerized workloads (Docker/Kubernetes), CI/CD through GitHub Actions and Jenkins, and infrastructure-as-code via Terraform. Detection layers include SIEM correlation, Grafana/Prometheus monitoring, and SOAR orchestration. Defensive controls: WAF at edges, zero-trust architecture with MFA and granular IAM, EPP on endpoints, CASB for cloud workloads, and DLP to gate sensitive data. Code security uses Veracode and SonarQube in the build pipeline.
The operational reality: securing IoT endpoints in public rights-of-way, hardening payment rails that touch 50+ toll authorities, and maintaining evidence integrity for legal proceedings. Python and Bash dominate automation; configuration management runs through Puppet and Chef. The domain demands regulatory compliance (payment card standards, municipal data mandates) alongside traditional enterprise security - think PCI-DSS meets physical tamper detection meets fleet telematics. Mission-critical uptime requirements and public sector scrutiny define the constraints.