Seeking a Senior Technology Architect with 10+ years of hands-on experience in cybersecurity and next-generation network security, preferably in Ontario K–12 school board environments. Expertise required in cloud-based security (SSE/SASE, ZTNA), SIEM/SOAR, EDR/XDR, zero-trust architecture, MITRE ATT&CK, and hybrid SecOps models. Must demonstrate strong skills in automation, security metrics (KPIs/KRIs), MSSP oversight, and AI-driven threat detection strategies. Experience with OT security, NIST CSF, and delivering cybersecurity training is essential. Postgraduate education and certifications like CISSP, CISM, or CCSP are preferred. Travel across Ontario and 3-day onsite work per week are mandatory.

 

Description
IMPORTANT NOTES:

*This procurement will include the option to extend the end date of the contract if there are unused effort days and no change to the ceiling amount, if the need arises.

** This contract will require the consultant to work up-to 3 days per week in the office and the remaining days working remotely.

***Travel Requirements - The resources must be available to travel the same day or overnight in Ontario, as required. For this role, travel to school board locations across the province will be required. Travel expenses will be reimbursed according to the Ontario Travel, Meal and Hospitality Expenses Directive.

 

The Senior Technology Architect role requires deep knowledge, expertise, and experience in cyber security solutions, security operations (SecOps) solutions and practices, automation and artificial intelligence (AI) in cyber security, managed security services, and next-generation network security. The resource also requires hands-on experience in analyzing, configuring, implementing, and troubleshooting cyber security models, automation solutions and threat detection, particularly within the education sector, preferably in the Ontario K–12 school board environment.

 

This resource is responsible for, but not limited to:

 

·      Delivering solution and architecture guidance, training, and implementation support for next-generation networks, network protection and cyber security technologies, including:

o  Security Service Edge (SSE) / Secure Access Service Edge (SASE) including integration of network and security functions – including Secure Web Gateway (SWG), Cloud Access Security Broker (CASB) and Zero-Trust Network Architecture, Firewall-as-a-service (FWaaS)

o  SD-WAN (Software-defined Wide Area Network) and Software-defined networking (SDN)

o  Endpoint protection platforms (EPP), endpoint detection and response (EDR), and extended detection and response (XDR) solutions

o  Advanced intrusion prevention systems (IPS), intrusion detection systems (IDS), Network access control and Distributed denial of service (DDoS) protection

o  Identity security and authentication solutions (passwordless, password-based, certificate-based, MFA)

o  Incident Response and Incident Management (IR and IM) solutions

o  Automated vulnerability and patching

o  User and Entity Behaviour Analytics (UEBA)

 

·      Providing technical guidance, delivering solution, training, and implementation support for hybrid cyber security operating models involving both in-house and outsourced MSSP (Managed Security Services Provider) capabilities, including:

o  MSSP integration and optimization

o  Security Operations functions and architecture

o  Threat detection and incident response

o  SIEM, SOAR, EDR/XDR, and threat intelligence platforms in a hybrid implementation

o  Automation and orchestration workflows

o  Governance, risk, and compliance in a hybrid (in-house and outsourced) security operations environment

 

·      Providing subject matter expertise in network operations centre (NOC) and security operations centre (SOC) technologies, services, and tools including, but not limited to:

o  Security Information and Event Management (SIEM)

o  Security Orchestration, Automation and Response (SOAR)

 

·      Lead the development and refinement of SOC performance metrics, including KPIs and KRIs, to ensure alignment with board-level security objectives and MSSP accountability frameworks.

 

·      Analyzing, configuring, and troubleshooting scalable, risk-informed cyber security and SecOps solutions across multiple boards, leveraging organizational frameworks, layered security controls, and AI-driven automation.

 

·      Defining and maintaining reference architectures that integrate SOAR and zero-trust principles to enable scalable threat detection and response, with awareness of emerging AI-driven capabilities.

 

·      Incorporating threat-informed design methodologies using MITRE ATT&CK Kill Chain analysis to shape detection and defense capabilities.

 

·      Providing strategic consultancy on the collective interests of boards in architectural governance, vendor engagement, and MSSP performance assessments, ensuring security strategies remain locally relevant and globally resilient.

 

·      Supporting the adoption and operationalization of shared security service models by defining roles and responsibilities, onboarding patterns, and governance structures across participating boards.

 

·      Facilitating insight-to-foresight collaboration with MSSPs by training stakeholders on the implications of security metrics, detection logic evolution, and continuous improvement loops.

 

·      Staying abreast of the cyber threat landscape and assessing new and emerging cyber security solutions and technology trends to provide subject matter expertise, guidance and advice on tactical and operational cyber security and network security practices.

 

·      Developing and maintaining detailed system documentation and technical specifications for various solutions and architectures—including blueprints, risk models, onboarding patterns, and technical guides—to support boards transitioning to secure, automated operational models.

 

·      Deliver targeted training to board IT and security teams on working effectively with MSPs/MSSPs, including shared roles, escalation protocols, and interpreting service-level metrics.

·      Presenting to senior and executive management and external senior stakeholders, as needed.

 

·      Providing regular status updates and project reports on assigned deliverables

 

·      Taking a collaborative approach to solution definition, development, and implementation with multiple stakeholder groups with differing needs and expectations.

 

·      Aligning with industry and legislative advancements at the federal, provincial/local level (e.g. Bill 194 / EDSTA).

 

·      Delivering on other duties as assigned.

This work involves working in close partnership with various government departments, the K-12 education sector, telecommunications providers, and network and cyber security technology vendors to develop tailored approaches and implementation plans. To support various stakeholders, the resource must be available to perform hands-on configuration, troubleshooting and training at the client site. Therefore, the resource must be available to travel same day or overnight in Ontario, as needed.

 

The unit manager may assign other related board work for other unit or branch initiatives, as required. 

Skills
Experience and Skill Set Requirements
TOTAL OF 100% 

NOTE:

·      MUST HAVE

·      NICE TO HAVE

 

Cyber Security and Network Security Expertise – 40%  

·      10+ years in cyber security solutions and next-generation network security, with a focus on hands-on implementation, configuration, and troubleshooting.

·      5+ years of experience deploying and implementing secure architectures and automation workflows, preferably within Ontario K–12 school boards.

·      5+ years of experience in network security within advanced SDN environments—preferably in Ontario K–12 school boards.

·      Proven hands-on experience deploying and implementing the following solutions and technologies, preferably for Ontario K-12 school boards:

o  Cloud-based security (SSE/SASE including SWG, CASB, FWaaS, ZTNA)

o  Zero-trust architecture (ZTA)

o  Cloud security architecture (e.g. Azure, AWS, Google Cloud)

o  MITRE ATT&CK, D3FEND, and ATLAS frameworks

o  NIST Cybersecurity Framework (CSF) v2, CIS Controls v8

o  AI/ML-driven cyber security and agentic AI-based automation

o  Security automation (static and dynamic) and playbook development

o  Endpoint security solutions (EPP, EDR, XDR)

o  Advanced IPS/IDS, DDoS protection, and network access control

o  Identity security and authentication (passwordless, password-based, certificate-based, 2FA, MFA)

o  Incident response and incident management (IR/IM)

o  Automated vulnerability management and patching

o  User and Entity Behaviour Analytics (UEBA)

o  Penetration testing and automated red teaming

o  OT security

·      Strong knowledge of layered security controls and risk-informed cybersecurity models (NIST CSF v2, CIS Controls v8).

·      Demonstrated ability to assess and evaluate emerging cybersecurity technologies through pilots and proof-of-concepts.

 

Security Operations and Metrics – 35%

·      Experience developing observability dashboards and managing KPIs/KRIs to measure MSSP performance and automation maturity.

·      Ability to translate operational metrics into strategic insights for continuous service improvement.

·      Experience leading maturity assessments and roadmaps for automation adoption across hybrid security operations.

·      Proven experience designing and implementing hybrid (internal and outsourced) security operations models.

o  Integration and optimization of security solutions between internal teams and MSSPs.

o  Expertise in SIEM, SOAR, EDR/XDR, and threat intelligence platforms in hybrid environments.

o  Development and tuning of automation and orchestration workflows.

o  Governance, risk, and compliance in hybrid security operations.

o  Strong knowledge of MSSP, MDR, and SOCaaS models.

·      Awareness of AI/ML-driven cybersecurity trends and their potential impact on TDIR, without requiring hands-on implementation.

 

Training, Collaboration & Stakeholder Engagement – 10%

·      5+ years of experience presenting to senior and executive management and external stakeholders.

·      5+ years’ coordinating and leading complex technical work with multiple IT teams, internal and external stakeholders. 

·      5+ years of experience preparing written materials (e.g., status reports, recommendations, briefing notes) and experience maintaining security content (rules, dashboards, playbooks) across shared platforms.

·      5+ years of experience delivering cyber security upskilling training to IT and security teams.

 

 

 Industry Certifications / Relevant Degrees – 10%  

·      Relevant vendor certifications or equivalent work experience. 

·      Bachelor’s degree in computer science, cyber security, or a related field.

·      Postgraduate degree (e.g., M.Sc. and/or Ph.D.) in computer science, cyber security or engineering is preferred.

·      Cyber security certification(s). Preference is Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Cloud Security Professional (CCSP). Other examples include Certified Ethical Hacker (CEH), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC). 

 Public Sector Experience – 5%  

·      Knowledge of Government of Ontario standards (e.g., GO-ITS) and relevant legislation (e.g., Bill 194 / EDSTA).

·      5+ years’ hands-on experience working in the K-12 education sector, with Ontario K-12 school boards, in particular with school board network, network security and cyber security. 

Supplier Comments
Maximum Number of Submissions - 3 (three)

Hybrid - - Candidate MUST work 3 days onsite and 2 days remote

MUST HAVES:

Please see the Highlighted Criteria above in the Experience and Skillset Requirements