Summary
Seeking a Senior Technology Architect with 10+ years’ experience in cyber security and advanced network security, ideally within Ontario’s K–12 school board environment. This hybrid role demands expertise in SSE/SASE, SD-WAN, SIEM/SOAR, EDR/XDR, and AI/ML-driven threat detection. Candidate must have hands-on experience configuring secure networks, managing hybrid SecOps models, conducting vulnerability analysis, and delivering cybersecurity training. Strong knowledge of frameworks (NIST CSF, MITRE ATT&CK), automation workflows, and compliance (e.g., Bill 194) is essential. Must possess certifications such as CISSP/CISM/CCSP and be available for travel across Ontario. Public sector and education sector experience is strongly preferred.
Description
IMPORTANT NOTES:
*The Statement of Work (SOW) through VOR (Tender-12075) shall expire on April 5, 2026. The client will exercise its option(s) to extend the SOW beyond April 5, 2026, for up to one (1) year. Such extension(s) will be allowable only if the Master Service Agreement is extended beyond April 5, 2026, and be upon the same terms, conditions and covenants contained in the SOW.
**This procurement will include the option to extend the end date of the contract if there are unused effort days and no change to the ceiling amount, if the need arises.
*** This contract will require the consultant to work up-to 3 days per week in the office and the remaining days working remotely.
****Travel Requirements - The resources must be available to travel the same day or overnight in Ontario, as required. For this role, travel to school board locations across the province will be required. Travel expenses will be reimbursed according to the Ontario Travel, Meal and Hospitality Expenses Directive.
The Senior Technology Architect role requires deep knowledge, expertise, and experience in in cyber security solutions, security operations (SecOps) solutions and practices, automation and artificial intelligence (AI) in cyber security, managed security services, and next-generation network security. The resource also requires hands-on experience in analyzing, configuring, implementing, and troubleshooting cyber security models, automation solutions and threat detection, particularly within the education sector, preferably in the Ontario K–12 school board environment.
This resource is responsible for, but not limited to:
· Delivering solution and architecture guidance, training, and implementation support for next-generation networks, network protection and cyber security technologies, including:
o Security service edge (SSE) / secure access service edge (SASE) including integration of network and security functions – including secure web gateway (SWG), cloud access security broker (CASB) and zero-trust network architecture, firewall-as-a-service (FWaaS)
o SD-WAN (software-defined wide area network) and software-defined networking (SDN)
o AI and machine learning (ML)-driven network and security technologies
o Endpoint protection platforms (EPP), endpoint detection and response (EDR), and extended detection and response (XDR) solutions
o Advanced intrusion prevention systems (IPS), intrusion detection systems (IDS), network access control and distributed denial of service (DDoS) protection
o Identity security and authentication solutions (passwordless, password-based, certificate-based, MFA)
o Incident Response and Incident Management (IR and IM) solutions
o Automated vulnerability and patching
o User and Entity Behaviour Analytics (UEBA)
o Penetration testing and automated red teaming
o Operation technology (OT) security
· Providing technical guidance, delivering solution, training, and implementation support for hybrid cyber security operating models involving both in-house and outsourced MSSP (managed security services provider) capabilities, including:
o MSSP integration and optimization
o Security operations functions and architecture
o Threat detection and incident response
o Security Information and Event Management (SIEM), Security Orchestration, Automation and Response (SOAR), EDR/XDR, and threat intelligence platforms in a hybrid implementation
o Automation and orchestration workflows
o Governance, risk, and compliance in a hybrid (in-house and outsourced) security operations environment
· Providing subject matter expertise in network operations centre (NOC) and security operations centre (SOC) technologies, services, and tools including, but not limited to:
o Security Information and Event Management (SIEM)
o Security Orchestration, Automation and Response (SOAR)
o Network traffic analyzer, network performance monitoring and network configuration management tools
· Managing and optimizing SIEM, SOAR, EDR/XDR, cloud access security broker (CASB), incident detection and response (IDR) and vulnerability management systems as part of the boards’ SecOps infrastructure.
· Developing, testing, and maintaining threat detection use cases across identity, endpoint, email, network, and cloud environments.
· Leading the analysis for complex incidents, conducting deep-dive investigations and root-cause analysis.
· Providing support for telemetry ingestion, log normalization and real-time correlation of security insights.
· Delivering training and operational guidance to board IT and security teams on threat response workflows and defensive posture validation.
· Providing subject matter expertise, consultancy, and advice on advanced networking technologies (SD-WAN, SASE, ZTNA, NDR) and their convergence with security tools, ensuring seamless observability and controls.
· Conducting baseline reviews, vulnerability triage, and collaborating with managed security service providers (MSSP) to track remediation efforts.
· Maintaining security content (rules, dashboards, playbooks) across shared toolsets and platforms.
· Supporting cross-board threat sharing, ensuring local detection benefit the broader board ecosystem.
· Providing subject matter expertise in the development and delivery of technical training courses to support boards’ cyber resilience efforts.
· Presenting to senior and executive management and external senior stakeholders, as needed.
· Providing regular status updates and project reports on assigned deliverables.
· Taking a collaborative approach to solution definition, development, and implementation with multiple stakeholder groups with differing needs and expectations.
· Aligning with industry and legislative advancements at the federal, provincial/local level (e.g. Bill 194 / Enhancing Digital Security and Trust Act, 2024 (EDSTA)).
· Delivering on other duties as assigned.
This work involves working in close partnership with various government departments, the K-12 education sector, telecommunications providers, and network and cyber security technology vendors to develop tailored approaches and implementation plans. To support various stakeholders, the resource must be available to perform hands-on configuration, troubleshooting and training at the client site. Therefore, the resource must be available to travel same day or overnight in Ontario, as needed.
The unit manager may assign other related board work for other unit or branch initiatives, as required.
Skills
Experience and Skill Set Requirements
TOTAL OF 100%
NOTE:
· MUST HAVE
· NICE TO HAVE
Network and Network Security – 25%
· 5+ years of experience with network infrastructure (LAN/WAN, VPN, VLAN) and hardware (switches, routers, firewalls).
· 5+ years of experience with SDN/SD-WAN technologies (e.g., Fortinet, Meraki, Palo Alto, Aruba).
· 3+ years of experience with Ontario K–12 school board networks (WAN, LAN, Wi-Fi, internet delivery).
· 2+ years of experience with network monitoring and management tools (e.g., SolarWinds, FortiManager, Panorama).
· 2+ years of experience with traffic analysis tools (e.g., PRTG, Wireshark).
· 2+ years of experience with data logging formats (e.g., Syslog, IPFix, NetFlow).
· 2+ years of experience configuring and troubleshooting network protocols (e.g., MPLS, VPLS, VLAN Trunking Protocol).
· Experience conducting network load testing, performance analysis, and risk assessments.
· Experience evaluating emerging network technologies through pilots and proof-of-concepts.
Cyber Security Expertise – 25%
· 10+ years of experience in cyber security and next-generation network security.
· 5+ years of experience deploying secure architectures and automation workflows, preferably within Ontario K–12 school boards.
· Proven experience with:
· SSE/SASE (SWG, CASB, FWaaS, ZTNA)
· AI/ML-driven security technologies
· Endpoint security (EPP, EDR, XDR)
· Advanced IPS/IDS, DDoS protection, NAC
· Identity and access management (passwordless, MFA, certificate-based)
· Incident Response and Management (IR/IM)
· Automated vulnerability management and patching
· UEBA and threat behavior analytics
· Penetration testing and automated red teaming
· OT security and IT/OT convergence
· Familiarity with MITRE ATT&CK, D3FEND, ATLAS frameworks.
· Strong understanding of layered security controls and risk-informed models (e.g., NIST CSF v2, CIS Controls v8).
· Experience evaluating emerging cybersecurity technologies through pilots and proof-of-concepts.
Security Operations and Threat Detection – 25%
· Experience managing and optimizing SIEM, SOAR, EDR/XDR, CASB, IDR, and vulnerability management platforms.
· Proven ability to develop and maintain threat detection use cases across identity, endpoint, email, network, and cloud.
· Experience conducting deep-dive investigations, root-cause analysis, and incident response.
· Experience designing and implementing hybrid security operations models:
· MSSP integration and optimization
· Governance, risk, and compliance in hybrid environments
· Automation and orchestration workflows
· Expertise in telemetry ingestion, log normalization, and real-time correlation.
· Familiarity with NOC/SOC tools such as network traffic analyzers, network performance monitoring, and configuration management tools.
· Awareness of AI/ML-driven trends in threat detection and response.
Training, Collaboration & Stakeholder Engagement – 10%
· 5+ years of experience presenting to senior and executive management and external stakeholders.
· 5+ years’ coordinating and leading complex technical work with multiple IT teams, internal and external stakeholders.
· 5+ years of experience preparing written materials (e.g., status reports, recommendations, briefing notes) and experience maintaining security content (rules, dashboards, playbooks) across shared platforms.
· 5+ years of experience delivering cyber security upskilling training to IT and security teams.
Industry Certifications / Relevant Degrees – 10%
· Bachelor’s degree in computer science, cyber security, or a related field.
· Postgraduate degree (e.g., M.Sc. and/or Ph.D.) in computer science, cyber security or engineering is preferred.
· Relevant vendor certifications or equivalent work experience.
· Cyber security certification(s). Preference is Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Cloud Security Professional (CCSP). Other examples include Certified Ethical Hacker (CEH), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC).
Public Sector Experience – 5%
· Knowledge of Government of Ontario standards (e.g., GO-ITS) and relevant legislation (e.g., Bill 194 / EDSTA).
· 5+ years of hands-on experience working in the Ontario K–12 education sector, particularly with school board network and cyber security environments.
Supplier Comments
Maximum Number of Submissions - 2 (wo)
Hybrid - - Candidate MUST work 3 days onsite and 2 days remote
MUST HAVES:
Please see the Highlighted Criteria above in the Experience and Skillset Requirements