RQ09515 - Technology Architect - Senior

About the job RQ09515 - Technology Architect - Senior The Senior Technology Architect role requires deep knowledge, expertise, and experience in cyber security solutions, security operations (SecOps) solutions and practices, automation and artificial intelligence (AI) in cyber security, managed security services, and next‑generation network security. The resource also requires hands‑on experience in analyzing, configuring, implementing, and troubleshooting cyber security models, automation solutions and threat detection, particularly within the education sector, preferably in the Ontario K12 school board environment. Responsibilities Providing subject‑matter expertise, tactical, operational advice, consultancy, and training on all aspects of cyber security and network solutions such as: Cyber security solutions to protect, detect, and respond to cyber threats. Zero‑trust architecture (ZTA) solutions. Cloud security solutions. Use of MITRE ATT&CK, D3FEND and ATLAS frameworks in security operations. Various vendor‑specific cyber security and network solutions. Security operations (SecOps) and AI‑operations (AIOps) practices. Delivering solution and architecture guidance, training, and implementation support for next‑generation networks, network protection and cyber security technologies, including: Security service edge (SSE)/secure access service edge (SASE), including integration of network and security functions such as secure web gateway (SWG), cloud access security broker (CASB) and zero‑trust network architecture, firewall‑as‑a‑service (FWaaS). SD‑WAN (software‑defined wide area network) and software‑defined networking (SDN). AI and machine learning (ML)‑driven network and security technologies. Endpoint protection platforms (EPP), endpoint detection and response (EDR), and extended detection and response (XDR) solutions. Advanced intrusion prevention systems (IPS), intrusion detection systems (IDS), network access control and distributed denial‑of‑service (DDoS) protection. Identity security and authentication solutions (passwordless, password‑based, certificate‑based, MFA). Incident response and incident management (IR & IM) solutions. Automated vulnerability and patching. User and entity behaviour analytics (UEBA). Penetration testing and automated red teaming. Operation technology (OT) security. Providing technical guidance, delivering solution, training, and implementation support for strategic integration of hybrid cyber security operating models involving both in‑house and outsourced MSSP (managed security services provider) capabilities, including: Oversight of MSSP integration and optimisation. Security operations architecture planning. Threat detection and incident response. Security Information and Event Management (SIEM), Security Orchestration, Automation and Response (SOAR), EDR/XDR, and threat intelligence platforms in a hybrid implementation. Automation and orchestration workflows. Governance, risk, and compliance in a hybrid (in‑house and outsourced) security operations environment. Providing subject‑matter expertise in network operations centre (NOC) and security operations centre (SOC) technologies, services, and tools, including, but not limited to: Security Information and Event Management (SIEM). Security Orchestration, Automation and Response (SOAR). Strategic use of telemetry and analytics tools to support architectural decisions. Designing and implementing end‑to‑end security automation workflows using SOAR platforms (e.g., Microsoft Sentinel, Cortex XSOAR), including bi‑directional integrations, telemetry ingestion, and orchestration of real‑time response actions. Providing expertise on integrating advanced AI in cyber security, including agentic AI and autonomous security, to support automation maturity and organisational readiness. Deploying agentic AI‑based automation for incident response, phishing mitigation, access control, and exposure management across distributed environments. Developing observability dashboards and managing security metrics (KPIs/KRIs) to measure automation effectiveness, operational maturity, and MSSP accountability. Executing and maintaining continuous automated red‑team (CART) platforms (e.g., SCYTHE, Caldera, AttackIQ) and integrating red‑team outputs into detection tuning and playbook updates. Applying data science and ML techniques to security telemetry for anomaly detection, triage automation, and prioritisation scoring. Collaborating with MSSPs and internal teams to operationalise AI‑human workflows, improve detection logic, and support continuous improvement loops. Providing subject‑matter expertise in the development and delivery of technical training courses, including working on automation and autonomous systems to board IT and cyber security staff in support of boards cyber resilience efforts. Presenting to senior and executive management and external senior stakeholders, as needed. Providing regular status updates and project reports on assigned deliverables. Taking a collaborative approach to solution definition, development, and implementation with multiple stakeholder groups with differing needs and expectations. Aligning with industry and legislative advancements at the federal, provincial/local level (e.g., Bill 194 / Enhancing Digital Security and Trust Act, 2024 (EDSTA)). Delivering on other duties as assigned. This work involves working in close partnership with various government departments, the K‑12 education sector, telecommunications providers, and network and cyber security technology vendors to develop tailored approaches and implementation plans. To support various stakeholders, the resource must be available to perform hands‑on configuration, troubleshooting and training at the client site. Therefore, the resource must be available to travel same day or overnight in Ontario, as needed. The unit manager may assign other related board work for other unit or branch initiatives, as required. Experience & Skill Set Requirements Cyber security Architecture, Threat Management & Network 40% 10+ years in cyber security solutions and next‑generation network security, with a focus on hands‑on implementation, configuration, and troubleshooting. 5+ years of experience in network security within advanced SDN environmentsp, preferably in Ontario K12 school boards. Proven hands‑on experience deploying and implementing the following solutions and technologies, preferably for Ontario K‑12 school boards: Cloud‑based security (SSE/SASE including SWG, CASB, FWaaS, ZTNA) Zero‑trust architecture (ZTA) Cloud security architecture (e.g. Azure, AWS, Google Cloud) MITRE ATT&CK, D3FEND, and ATLAS frameworks NIST Cybersecurity Framework (CSF) v2, CIS Controls v8 AI/ML‑driven cyber security and agentic AI‑based automation Security automation (static and dynamic) and playbook development Endpoint security solutions (EPP, EDR, XDR) Advanced IPS/IDS, DDoS protection, and NAC Identity security and authentication (passwordless, password‑based, certificate‑based, 2FA, MFA) Incident response and incident management (IR/IM) Automated vulnerability management and patching User and Entity Behaviour Analytics (UEBA), OT security Penetration testing and automated red teaming Strong knowledge of layered security controls and risk‑informed cyber security models (NIST CSF v2, CIS Controls v8). Demonstrated ability to assess and evaluate emerging cyber security technologies through pilots and proof‑of‑concepts. Automation, AI & Autonomous Security 25% 5+ years of experience deploying secure architectures and automation workflows, preferably within Ontario K12 school boards. Hands‑on experience with SOAR playbook design, bi‑directional integrations, and AIOps‑driven incident response. Experience with Continuous Automated Red Teaming (CART) platforms (e.g., SCYTHE, Caldera, AttackIQ) and integrating red‑team outputs into detection tuning and MSSP metrics. Proficiency in applying data science and ML to cyber security telemetry, including anomaly detection, scoring algorithms, and observability dashboards. Familiarity with security data lakes and log analytics platforms (e.g., Azure Data Explorer, Splunk, ELK). Understanding of AI governance, explainability, and ethical deployment of autonomous systems. Security Operations, Managed Services & Compliance 10% Proven hands‑on experience designing and implementing hybrid (internal and outsourced) security operations, including: Strategic oversight of MSSP integration and optimisation. High‑level threat detection and incident response planning. SIEM, SOAR, EDR/XDR, and threat intelligence platforms. Automation and orchestration workflows. Governance, risk, and compliance in hybrid environments. Strong knowledge of MSSP, MDR, and SOCaaS models. Experience guiding the integration of SecOps platforms into broader cyber security architecture and automation frameworks. Experience developing and tuning detection use cases across identity, endpoint, email, network, and cloud environments. Familiarity with telemetry ingestion, log normalization, and real‑time correlation. Training, Collaboration & Stakeholder Engagement 10% 5+ years of experience presenting to senior and executive management and external stakeholders. 5+ years coordinating and leading complex technical work with multiple IT teams, internal and external stakeholders. 5+ years of experience preparing written materials (e.g., status reports, recommendations, briefing notes) and experience maintaining security content (rules, dashboards, playbooks) across shared platforms. 5+ years of experience delivering cyber security upskilling training to IT and security teams. Industry Certifications / Relevant Degrees 10% Bachelors degree in computer science, cyber security, or a related field. Postgraduate degree (e.g., M.Sc. and/or Ph.D.) in computer science, cyber security, or engineering is preferred. Relevant vendor certifications or equivalent work experience. Cyber security certification(s). Preference is Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Cloud Security Professional (CCSP). Other examples include Certified Ethical Hacker (CEH), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC). Public Sector Experience 5% Knowledge of Government of Ontario standards (e.g., GO‑ITS) and relevant legislation (e.g., Bill 194 / EDSTA). 5+ years hands‑on experience working in the K‑12 education sector, with Ontario K‑12 school boards, in particular with school board network, network security and cyber security. Must Have 10+ years in cyber security solutions and next‑generation network security, with focus on hands‑on implementation, configuration, and troubleshooting. 5+ years of experience in network security within advanced SDN environmentsp preferable in Ontario K12 school boards. Proven hands‑on experience deploying and implementing the following solutions and technologies, preferably for Ontario K‑12 school boards: Cloud‑based security (SSE/SASE including SWG, CASB, FWaaS, ZTNA). Zero‑trust architecture (ZTA). Cloud security architecture (e.g. Azure, AWS, Google Cloud). MITRE ATT&CK, D3FEND, and ATLAS frameworks. NIST Cybersecurity Framework (CSF) v2, CIS Controls v8. AI/ML‑driven cyber security and agentic AI‑based automation. Security automation (static and dynamic) and playbook development. Endpoint security solutions (EPP, EDR, XDR). Advanced IPS/IDS, DDoS protection, and NAC. Identity security and authentication (passwordless, password‑based, certificate‑based, 2FA, MFA). Incident response and incident management (IR/IM). Automated vulnerability management and patching. User and Entity Behaviour Analytics (UEBA), OT security. Proven hands‑on experience designing and implementing hybrid (internal and outsourced) security operations, including: Strategic oversight of MSSP integration and optimisation. High‑level threat detection and incident response planning. SIEM, SOAR, EDR/XDR, and threat intelligence platforms. Automation and orchestration workflows. Governance, risk, and compliance in hybrid (in‑house and outsourced) security operations environment. "IsExpired":false} #J-18808-Ljbffr