Description:
The Senior Technology Architect role requires deep knowledge, expertise, and experience in cyber security solutions, security operations (SecOps) solutions and practices, automation and artificial intelligence (AI) in cyber security, managed security services, and next-generation network security. The resource also requires hands-on experience in analyzing, configuring, implementing, and troubleshooting cyber security models, automation solutions and threat detection, particularly within the education sector, preferably in the Ontario K–12 school board environment.
This resource is responsible for, but not limited to:
Delivering solution and architecture guidance, training, and implementation support for next-generation networks, network protection and cyber security technologies, including:
Security Service Edge (SSE) / Secure Access Service Edge (SASE) including integration of network and security functions – including Secure Web Gateway (SWG), Cloud Access Security Broker (CASB) and Zero-Trust Network Architecture, Firewall-as-a-service (FWaaS)
SD-WAN (Software-defined Wide Area Network) and Software-defined networking (SDN)
Endpoint protection platforms (EPP), endpoint detection and response (EDR), and extended detection and response (XDR) solutions
Advanced intrusion prevention systems (IPS), intrusion detection systems (IDS), Network access control and Distributed denial of service (DDoS) protection
Identity security and authentication solutions (passwordless, password-based, certificate-based, MFA)
Incident Response and Incident Management (IR and IM) solutions
Automated vulnerability and patching
User and Entity Behaviour Analytics (UEBA)
Providing technical guidance, delivering solution, training, and implementation support for hybrid cyber security operating models involving both in-house and outsourced MSSP (Managed Security Services Provider) capabilities, including:
MSSP integration and optimization
Security Operations functions and architecture
Threat detection and incident response
SIEM, SOAR, EDR/XDR, and threat intelligence platforms in a hybrid implementation
Automation and orchestration workflows
Governance, risk, and compliance in a hybrid (in-house and outsourced) security operations environment
Providing subject matter expertise in network operations centre (NOC) and security operations centre (SOC) technologies, services, and tools including, but not limited to:
Security Information and Event Management (SIEM)
Security Orchestration, Automation and Response (SOAR)
Lead the development and refinement of SOC performance metrics, including KPIs and KRIs, to ensure alignment with board-level security objectives and MSSP accountability frameworks.
Analyzing, configuring, and troubleshooting scalable, risk-informed cyber security and SecOps solutions across multiple boards, leveraging organizational frameworks, layered security controls, and AI-driven automation.
Defining and maintaining reference architectures that integrate SOAR and zero-trust principles to enable scalable threat detection and response, with awareness of emerging AI-driven capabilities.
Incorporating threat-informed design methodologies using MITRE ATT&CK Kill Chain analysis to shape detection and defense capabilities.
Providing strategic consultancy on the collective interests of boards in architectural governance, vendor engagement, and MSSP performance assessments, ensuring security strategies remain locally relevant and globally resilient.
Supporting the adoption and operationalization of shared security service models by defining roles and responsibilities, onboarding patterns, and governance structures across participating boards.
Facilitating insight-to-foresight collaboration with MSSPs by training stakeholders on the implications of security metrics, detection logic evolution, and continuous improvement loops.
Staying abreast of the cyber threat landscape and assessing new and emerging cyber security solutions and technology trends to provide subject matter expertise, guidance and advice on tactical and operational cyber security and network security practices.
Developing and maintaining detailed system documentation and technical specifications for various solutions and architectures—including blueprints, risk models, onboarding patterns, and technical guides—to support boards transitioning to secure, automated operational models.
Deliver targeted training to board IT and security teams on working effectively with MSPs/MSSPs, including shared roles, escalation protocols, and interpreting service-level metrics.
Presenting to senior and executive management and external senior stakeholders, as needed.
Providing regular status updates and project reports on assigned deliverables
Taking a collaborative approach to solution definition, development, and implementation with multiple stakeholder groups with differing needs and expectations.
Aligning with industry and legislative advancements at the federal, provincial/local level (e.g. Bill 194 / EDSTA).
Delivering on other duties as assigned.
This work involves working in close partnership with various government departments, the K-12 education sector, telecommunications providers, and network and cyber security technology vendors to develop tailored approaches and implementation plans. To support various stakeholders, the resource must be available to perform hands-on configuration, troubleshooting and training at the client site. Therefore, the resource must be available to travel same day or overnight in Ontario, as needed.
The unit manager may assign other related board work for other unit or branch initiatives, as required.
Requirements
Experience and Skill Set Requirements:
Skill Set Requirements:
Cyber Security and Network Security Expertise:
10+ years in cyber security solutions and next-generation network security, with a focus on hands-on implementation, configuration, and troubleshooting.
5+ years of experience deploying and implementing secure architectures and automation workflows, preferably within Ontario K–12 school boards.
5+ years of experience in network security within advanced SDN environments—preferably in Ontario K–12 school boards.
Proven hands-on experience deploying and implementing the following solutions and technologies, preferably for Ontario K-12 school boards:
Cloud-based security (SSE/SASE including SWG, CASB, FWaaS, ZTNA)
Zero-trust architecture (ZTA)
Cloud security architecture (e.g. Azure, AWS, Google Cloud)
MITRE ATT&CK, D3FEND, and ATLAS frameworks
NIST Cybersecurity Framework (CSF) v2, CIS Controls v8
AI/ML-driven cyber security and agentic AI-based automation
Security automation (static and dynamic) and playbook development
Endpoint security solutions (EPP, EDR, XDR)
Advanced IPS/IDS, DDoS protection, and network access control
Identity security and authentication (passwordless, password-based, certificate-based, 2FA, MFA)
Incident response and incident management (IR/IM)
Automated vulnerability management and patching
User and Entity Behaviour Analytics (UEBA)
Penetration testing and automated red teaming
OT security
Strong knowledge of layered security controls and risk-informed cybersecurity models (NIST CSF v2, CIS Controls v8).
Demonstrated ability to assess and evaluate emerging cybersecurity technologies through pilots and proof-of-concepts.
Security Operations and Metrics:
Experience developing observability dashboards and managing KPIs/KRIs to measure MSSP performance and automation maturity.
Ability to translate operational metrics into strategic insights for continuous service improvement.
Experience leading maturity assessments and roadmaps for automation adoption across hybrid security operations.
Proven experience designing and implementing hybrid (internal and outsourced) security operations models.
Integration and optimization of security solutions between internal teams and MSSPs.
Expertise in SIEM, SOAR, EDR/XDR, and threat intelligence platforms in hybrid environments.
Development and tuning of automation and orchestration workflows.
Governance, risk, and compliance in hybrid security operations.
Strong knowledge of MSSP, MDR, and SOCaaS models.
Awareness of AI/ML-driven cybersecurity trends and their potential impact on TDIR, without requiring hands-on implementation.
Training, Collaboration & Stakeholder Engagement:
5+ years of experience presenting to senior and executive management and external stakeholders.
5+ years’ coordinating and leading complex technical work with multiple IT teams, internal and external stakeholders.
5+ years of experience preparing written materials (e.g., status reports, recommendations, briefing notes) and experience maintaining security content (rules, dashboards, playbooks) across shared platforms.
5+ years of experience delivering cyber security upskilling training to IT and security teams.
Industry Certifications / Relevant Degrees:
Relevant vendor certifications or equivalent work experience.
Bachelor’s degree in computer science, cyber security, or a related field.
Postgraduate degree (e.g., M.Sc. and/or Ph.D.) in computer science, cyber security or engineering is preferred.
Cyber security certification(s). Preference is Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Cloud Security Professional (CCSP). Other examples include Certified Ethical Hacker (CEH), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC).
Public Sector Experience:
Knowledge of Government of Ontario standards (e.g., GO-ITS) and relevant legislation (e.g., Bill 194 / EDSTA).
5+ years’ hands-on experience working in the K-12 education sector, with Ontario K-12 school boards, in particular with school board network, network security and cyber security.
