Technology Architect - Senior

Assignment : RQ09512 - Technology Architect - Senior

Start Date : End Date :

Office Location : Toronto Ontario

Organization : Community Services Cluster

Ministry : Ministry of Public and Business Service Delivery and Procurement

Business Days : 160.00

Extension # of Days : 115.00

Hybrid : 3 Days onsite / 2 days remote

MUST HAVES : Please see the Highlighted Criteria above in the Experience and Skillset Requirements

Notes : The Statement of Work (SOW) through VOR (Tender-12075) shall expire on April 5 2026. The client will exercise its option(s) to extend the SOW beyond April 5 2026 for up to one (1) year. Such extension(s) will be allowable only if the Master Service Agreement is extended beyond April 5 2026 and be upon the same terms conditions and covenants contained in the SOW. This procurement will include the option to extend the end date AA1 of the contract if there are unused effort days and no change to the ceiling amount if the need arises. This contract will require the consultant to work up to 3 days per week in the office and the remaining days working remotely. Travel Requirements - The resource must be available to travel the same day or overnight in Ontario as required. For this role travel to school board locations across the province will be required. Travel expenses will be reimbursed according to the Ontario Travel Meal and Hospitality Expenses Directive.

Role Focus : The Senior Technology Architect role requires deep knowledge, expertise and experience in next-generation network security, cyber security solutions, security operations (SecOps), automation and artificial intelligence (AI) in cyber security and managed / shared security services (MSS) models. The resource must have hands-on experience in designing, developing and implementing cyber security architectures and solutions, particularly within the education sector, preferably in the Ontario K-12 school board environment.

This resource is responsible for but not limited to :

• Providing subject matter expertise, strategic, tactical and operational advice, consultancy and training on all aspects of cyber security AA2 and network architectures frameworks and solutions such as :
• Cyber security solutions to protect, detect and respond to cyber threats
• Zero-trust architecture (ZTA)
• Cloud security architecture
• MITRE ATT&CK, D3FEND and ATLAS framework
• Various vendor specific cyber security and network architectures (e.g. Microsoft Azure, Google, AWS)
• NIST Cybersecurity Framework (CSF) v2, CIS Controls v8
• Security operation (SecOps) and AI-Operations (AIOps) practices

• Designing, delivering, solution and architecture guidance, training and implementation support for next-generation networks, network protection and cyber security technologies including :
• Security service edge (SSE) / secure access service edge (SASE) including integration of network and security functions including secure web gateway (SWG), cloud access security broker (CASB) and zero-trust network architecture, firewall-as-a-service (FWaaS)
• SD-WAN (software-defined wide area network) and software-defined networking (SDN)
• AI and machine learning (ML)-driven network and security technologies
• Endpoint protection platforms (EPP), endpoint detection and response (EDR) and extended detection and response (XDR) solutions
• Advanced intrusion prevention systems (IPS), intrusion detection systems (IDS), network access control and DDoS protection
• Identity security and authentication solutions (passwordless, password-based, certificate-based, multi-factor authentication (MFA))
• Incident Response and Incident Management (IR and IM) solutions
• Automated vulnerability and patching
• User and Entity Behaviour Analytics (UEBA)
• Penetration testing and automated red teaming
• Operation technology (OT) security

Designing and implementing hybrid cyber security operating models involving both in-house and outsourced MSSP capabilities including :

• MSSP integration and optimization
• Security operations functions and architecture
• Threat detection and incident response
• SIEM, SOAR, EDR / XDR and threat intelligence platforms in a hybrid implementation
• Automation and orchestration workflows
• Governance, risk and compliance in a hybrid security operations environment
• Leading the design and implementation of automated and autonomous solutions such as SOAR and Agentic AI-based solutions for threat and incident response, phishing mitigation, access control and exposure management across complex distributed environments

Providing subject matter expertise in NOC and SOC technologies, services and tools including :

• Security Information and Event Management (SIEM)
• Security Orchestration Automation and Response (SOAR)
• Network Traffic Analyzer, Network Performance Monitoring and Network Configuration Management Tools

Guiding and supporting boards with their transition from a primarily internal SecOps model to a hybrid (internal and outsourced) managed security services (MSS) model including :

• Providing strategic advice and implementation guidance and support
• Designing secure solutions including telemetry and metrics management
• Internal security operations optimization
• MSS integration and optimization
• Advising on modernization strategies including cloud adoption, network segmentation, data residency and distributed identity models ensuring alignment with provincial and educational compliance requirements
• Leading critical architecture and capability assessments across school boards AA3 and MSSP boundaries to inform secure solution design and effective telemetry management
• Developing strategic technology roadmaps based on new and emerging cyber security and network security architecture solutions, technology trends and industry analysis
• Creating / updating documentation and technical specifications for various solutions and architecture including options analysis, costing analysis on cyber security, network security and network architectures
• Staying abreast of the evolving cyber threat landscape as applicable to the K-12 education sector to provide subject matter expertise guidance and advice on tactical and operational cyber security and network security practices
• Presenting to senior and executive management and external senior stakeholders as needed
• Providing status and project status reports on all deliverables assigned
• Taking a collaborative approach to solution definition, development and implementation with multiple stakeholder groups with differing needs and expectations
• Aligning with industry and legislative advancements at the federal, provincial / local level (e.g. Bill 194 / EDSTA)
• Delivering on other duties as assigned
• Availability to perform hands-on configuration, troubleshooting and training at the client site, including travel within Ontario as needed
• The unit manager may assign other related board work for other unit or branch initiatives as required

Skills

Experience and Skill Set Requirements

NOTE : MUST HAVE

NICE TO HAVE

• Cyber security, network security and architecture expertise 50%
• 10 years in cyber security solutions and next generation network security with a focus on architecture, design, strategic planning and implementation
• 5 years of experience designing and implementing secure architectures, preferably within Ontario K-12 school boards
• 5 years of experience in network security within advanced SDN environments, preferably in Ontario K-12 school boards

Proven hands-on experience deploying and implementing the following solutions and technologies, preferably for Ontario K-12 school boards :

• Cloud-based security (SSE / SASE including SWG, CASB, FWaaS, ZTNA)
• Zero-trust architecture (ZTA)
• Cloud security architecture (e.g. Azure, AWS, Google Cloud)
• MITRE ATT&CK, D3FEND and ATLAS frameworks
• NIST CSF v2, CIS Controls v8
• AI / ML-driven cyber security and agentic AI-based automation
• Security automation and playbook development
• Endpoint security solutions (EPP, EDR, XDR)
• Advanced IPS/IDS, DDoS protection and network access control
• Identity security and authentication (passwordless, password-based, certificate-based, MFA)
• Incident response and incident management (IR/IM)
• Automated vulnerability management and patching
• UEBA
• Penetration testing and automated red teaming
• OT security

Proven hands-on experience designing and implementing hybrid (internal and outsourced) security operations solutions and practices including :

• Integrating and optimizing security solutions and operations practices between internal security team and outsourced MSSP
• Security solutions and practices in a hybrid security operation model
• Threat detection and incident response practices in a hybrid model
• SIEM, SOAR, EDR / XDR and threat intelligence platforms in a hybrid implementation
• Automation and orchestration workflows in a hybrid model
• Governance, risk and compliance in a hybrid environment
• Knowledge of MSSP, MDR, SOCaaS models

Network Technology 20%

• 5 years with network infrastructure (LAN/WAN/VPN/VLAN) and components
• 5 years with SDN/SD-WAN technologies
• 3 years with SSE / SASE technologies
• 5 years implementing WAN and LAN/WLAN solutions in Ontario K-12 sector
• 5 years with network monitoring and management tools
• 3 years with data logging formats
• 5 years configuring/troubleshooting network protocols

Strategic Advisory and Architecture Leadership 15%

• 5 years presenting to senior and executive management
• 5 years coordinating and leading complex technical work with multiple IT teams
• 5 years preparing written materials for different audiences
• 5 years delivering cyber security upskilling training
• Experience developing strategic roadmaps and modernization strategies
• Experience aligning strategies with compliance requirements
• Strong knowledge on secure solution design and telemetry management
• 5 years advising on managed security services models in hybrid security operations
• Governance models and performance evaluation of MSSPs

Industry Certifications / Relevant Degrees 10%

• Relevant vendor certifications or equivalent experience
• Postgraduate degree in CS, cyber security or engineering is preferred
• Cyber security certifications such as CISSP, CISM, CCSP, CEH, CISA, CRISC

Public Sector Experience 5%

• Knowledge of Government of Ontario standards (GO-ITS) and policies
• 5 years hands-on experience in the K-12 sector with Ontario school boards

Key Skills

Abinitio, Change Management, Exploration, Building Maintenance, Civil Quality Control, Catia

Employment Type : Full-time

Experience : years

Vacancy : 1