RQ11204 Technology Architect Senior
Job Summary
Description:
The Senior Technology Architect role requires deep knowledge expertise and experience in in cyber security solutions security operations (SecOps) solutions and practices automation and artificial intelligence (AI) in cyber security managed security services and next-generation network security. The resource also requires hands-on experience in analyzing configuring implementing and troubleshooting cyber security models automation solutions and threat detection particularly within the education sector preferably in the Ontario K12 school board environment.
This resource is responsible for but not limited to:
- Leading operational cyber defense guidance incident coordination monitoring maturity and integration with MSS/MDR providers including:
- Threat monitoring detection and analysis across network endpoint identity and cloud environments
- Incident response coordination escalation management and root cause analysis
- Security operations centre (SOC) coordination and operational alignment
- Establishing and enhancing cyber operational readiness (playbooks processes response validation)
- MSS onboarding integration and service adoption across boards
- Delivering solution guidance technical training and implementation support for next-generation network and security technologies including:
- Security Service Edge (SSE) / Secure Access Service Edge (SASE) including integration of network and security functions such as Secure Web Gateway (SWG) Cloud Access Security Broker (CASB) Zero Trust Network Architecture (ZTNA) and Firewall-as-a-Service (FWaaS)
- SD-WAN (Software-Defined Wide Area Network) and SDN (Software-Defined Networking)
- Identity and access management (passwordless password-based certificate-based and multi-factor authentication (MFA))
- Endpoint security (Endpoint Protection Platforms (EPP) Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR))
- Advanced threat protection (Intrusion Prevention Systems (IPS) Intrusion Detection Systems (IDS) Network Access Control (NAC) and Distributed Denial-of-Service (DDoS) protection)
- AI/ML-enabled monitoring analytics and automation
- Incident Response (IR) and Incident Management (IM)
- Vulnerability management and patching automation
- Penetration testing and automated red teaming
- Operational Technology (OT) security
- Providing technical guidance solution delivery training and implementation support for hybrid cyber security operating models integrating internal teams and Managed Security Service Providers (MSSPs) including:
- MSS strategy onboarding optimization and performance management
- Alignment and integration of Security Information and Event Management (SIEM) Security Orchestration Automation and Response (SOAR) EDR/XDR and threat intelligence platforms
- School board MSS readiness transition planning and governance models
- Security operations architecture threat detection incident response and automation workflows
- Governance risk and compliance in hybrid (in-house and outsourced) environments
- Providing subject matter expertise in Network Operations Centre (NOC) and Security Operations Centre (SOC) technologies and tools including SIEM SOAR and network monitoring and management platforms
- Managing and optimizing SecOps platforms (SIEM SOAR EDR/XDR CASB IDR vulnerability management) including:
- Telemetry ingestion log normalization and real-time correlation
- Development and maintenance of detection use cases
- Integration of threat intelligence into detection workflows
- Maintenance of security content (rules dashboards playbooks)
- Leading incident investigation and response activities including deep-dive analysis root cause determination and facilitation of cyber exercises to validate readiness
- Conducting baseline reviews vulnerability triage and collaborating with MSSPs to track and validate remediation efforts
- Driving MSS service optimization including operational reporting performance metrics and continuous improvement initiatives
- Delivering training operational guidance and stakeholder engagement across boards including threat response workflows defensive posture validation and cross-board threat sharing
- Presenting technical findings risk insights and strategic recommendations to senior leadership and external stakeholders
- Providing regular status updates and reporting on assigned deliverables milestones and performance metrics
- Applying collaborative approach to solution definition development and implementation with multiple stakeholder groups with differing needs and expectations.
- Aligning with industry and legislative advancements at the federal provincial/local level (e.g. Enhancing Digital Security and Trust Act 2024 (EDSTA)).
- Delivering on other duties as assigned.
This work involves working in close partnership with various government departments the K-12 education sector telecommunications providers and network and cyber security technology vendors to develop tailored approaches and implementation plans. To support various stakeholders the resource must be available to perform hands-on configuration troubleshooting and training at the client site. Therefore the resource must be available to travel same day or overnight in Ontario as needed.
The unit manager may assign other related board work for other unit or branch initiatives as required.
Requirements
Experience and Skill Set Requirements:
Must Haves:
- 5 years of experience with network infrastructure (LAN/WAN VPN VLAN) and network hardware (switches routers firewalls)
- 5 years of experience with software-defined networking technologies (SDN/SD-WAN) (e.g. Fortinet Meraki Palo Alto Aruba)
- Experience integrating networking and security architectures (e.g. SASE ZTNA NDR)
- 10 years of experience in cyber security and next-generation network security
- 5 years of experience implementing enterprise security architectures and automation workflows
- Proven experience with:
- SSE/SASE architectures (SWG CASB FWaaS ZTNA)
- Endpoint security (EPP EDR XDR)
- Advanced threat protection (IPS IDS NAC DDoS protection)
- Identity and access management (passwordless MFA certificate-based authentication)
- Strong understanding of layered security models and frameworks (e.g. NIST CSF v2 CIS Controls v8)
- Extensive experience managing and optimizing SecOps platforms including SIEM SOAR EDR/XDR CASB IDR and vulnerability management tools
- Strong experience in detection engineering
- Proven experience in incident response including deep-dive investigations root cause analysis and escalation management
- Expertise in telemetry ingestion log normalization and real-time correlation of security events
- 5 years of experience coordinating and leading complex multi-stakeholder technical initiatives
- 5 years of experience preparing technical documentation and communications (e.g. reports briefings recommendations)
- Experience supporting cross-organizational collaboration and knowledge sharing (e.g. threat intelligence sharing)
- Bachelors degree in computer science cyber security or a related field.
- Industry-recognized security certifications preferred
Nice to have:
- 3 years of experience supporting Ontario K12 school board network environments (WAN LAN Wi-Fi internet delivery)
- Experience supporting MSSP onboarding transition planning and operational readiness in multi-organization environments
- Postgraduate degree (e.g. . and/or Ph.D.) in computer science cyber security or engineering is preferred.
- Knowledge of Government of Ontario standards (e.g. GO-ITS) and applicable legislation (e.g. Enhancing Digital Security and Trust Act 2024 (EDSTA))
- 5 years of experience working in the Ontario public sector with at least 3 years supporting K12 school board network and cybersecurity environments
Skill Set Requirements:
Network and Network Security:
- 5 years of experience with network infrastructure (LAN/WAN VPN VLAN) and network hardware (switches routers firewalls)
- 5 years of experience with software-defined networking technologies (SDN/SD-WAN) (e.g. Fortinet Meraki Palo Alto Aruba)
- 3 years of experience supporting Ontario K12 school board network environments (WAN LAN Wi-Fi internet delivery)
- 2 years of experience with network monitoring and management tools (e.g. SolarWinds FortiManager Panorama)
- 2 years of experience with traffic analysis and diagnostic tools (e.g. PRTG Wireshark)
- 2 years of experience working with network telemetry and logging formats (e.g. Syslog IPFix NetFlow)
- 2 years of experience configuring and troubleshooting network protocols (e.g. MPLS VPLS VLAN Trunking Protocol)
- Experience conducting network performance analysis load testing and risk assessments
- Experience evaluating emerging network technologies through pilots and proof-of-concepts
- Experience integrating networking and security architectures (e.g. SASE ZTNA NDR)
Cyber Security Expertise:
- 10 years of experience in cyber security and next-generation network security
- 5 years of experience implementing enterprise security architectures and automation workflows preferably within Ontario K12 environments
- Proven experience with:
- SSE/SASE architectures (SWG CASB FWaaS ZTNA)
- Endpoint security (EPP EDR XDR)
- Advanced threat protection (IPS IDS NAC DDoS protection)
- Identity and access management (passwordless MFA certificate-based authentication)
- Incident Response and Incident Management (IR/IM) platforms
- Automated vulnerability management and patching solutions
- UEBA and threat behaviour analytics
- Penetration testing and automated red teaming tools
- Operational Technology (OT) security and IT/OT convergence
- AI/ML-enabled security monitoring analytics and automation
- Strong understanding of layered security models and frameworks (e.g. NIST CSF v2 CIS Controls v8)
- Familiarity with MITRE ATT&CK D3FEND and ATLAS frameworks
- Experience evaluating emerging cybersecurity technologies through pilots and proof-of-concepts
Security Operations and Threat Detection:
- Extensive experience managing and optimizing SecOps platforms including SIEM SOAR EDR/XDR CASB IDR and vulnerability management tools
- Strong experience in detection engineering including development tuning and lifecycle management of threat detection use cases across identity endpoint email network and cloud environments
- Proven experience in incident response including deep-dive investigations root cause analysis and escalation management
- Experience supporting MSSP onboarding transition planning and operational readiness in multi-organization environments
- Experience designing and implementing hybrid security operations models including:
- MSSP integration optimization and performance management
- Governance risk and compliance in hybrid environments
- Automation and orchestration of security workflows
- Expertise in telemetry ingestion log normalization and real-time correlation of security events
- Familiarity with SOC/NOC tools including network traffic analyzers performance monitoring and configuration management solutions
Training Collaboration & Stakeholder Engagement:
- 5 years of experience presenting to senior and executive management and external stakeholders
- 5 years of experience coordinating and leading complex multi-stakeholder technical initiatives
- 5 years of experience preparing technical documentation and communications (e.g. reports briefings recommendations)
- 5 years of experience delivering cybersecurity training and upskilling programs to IT and security teams
- Experience supporting cross-organizational collaboration and knowledge sharing (e.g. threat intelligence sharing)
Industry Certifications / Relevant Degrees:
- Bachelors degree in computer science cyber security or a related field.
- Postgraduate degree (e.g. . and/or Ph.D.) in computer science cyber security or engineering is preferred.
- Relevant vendor certifications or equivalent work experience.
- Industry-recognized security certifications preferred including:
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Certified Cloud Security Professional (CCSP)
- Other examples include Certified Ethical Hacker (CEH) Certified Information Systems Auditor (CISA) Certified in Risk and Information Systems Control (CRISC).
Public Sector Experience:
- Knowledge of Government of Ontario standards (e.g. GO-ITS) and applicable legislation (e.g. Enhancing Digital Security and Trust Act 2024 (EDSTA))
- 5 years of experience working in the Ontario public sector with at least 3 years supporting K12 school board network and cybersecurity environments
Required Skills:
Experience and Skill Set Requirements: Must Haves: 5 years of experience with network infrastructure (LAN/WAN VPN VLAN) and network hardware (switches routers firewalls) 5 years of experience with software-defined networking technologies (SDN/SD-WAN) (e.g. Fortinet Meraki Palo Alto Aruba) Experience integrating networking and security architectures (e.g. SASE ZTNA NDR) 10 years of experience in cyber security and next-generation network security 5 years of experience implementing enterprise security architectures and automation workflows Proven experience with: SSE/SASE architectures (SWG CASB FWaaS ZTNA) Endpoint security (EPP EDR XDR) Advanced threat protection (IPS IDS NAC DDoS protection) Identity and access management (passwordless MFA certificate-based authentication) Strong understanding of layered security models and frameworks (e.g. NIST CSF v2 CIS Controls v8) Extensive experience managing and optimizing SecOps platforms including SIEM SOAR EDR/XDR CASB IDR and vulnerability management tools Strong experience in detection engineering Proven experience in incident response including deep-dive investigations root cause analysis and escalation management Expertise in telemetry ingestion log normalization and real-time correlation of security events 5 years of experience coordinating and leading complex multi-stakeholder technical initiatives 5 years of experience preparing technical documentation and communications (e.g. reports briefings recommendations) Experience supporting cross-organizational collaboration and knowledge sharing (e.g. threat intelligence sharing) Bachelors degree in computer science cyber security or a related field. Industry-recognized security certifications preferred Nice to have: 3 years of experience supporting Ontario K12 school board network environments (WAN LAN Wi-Fi internet delivery) Experience supporting MSSP onboarding transition planning and operational readiness in multi-organization environments Postgraduate degree (e.g. . and/or Ph.D.) in computer science cyber security or engineering is preferred. Knowledge of Government of Ontario standards (e.g. GO-ITS) and applicable legislation (e.g. Enhancing Digital Security and Trust Act 2024 (EDSTA)) 5 years of experience working in the Ontario public sector with at least 3 years supporting K12 school board network and cybersecurity environments Skill Set Requirements: Network and Network Security: 5 years of experience with network infrastructure (LAN/WAN VPN VLAN) and network hardware (switches routers firewalls) 5 years of experience with software-defined networking technologies (SDN/SD-WAN) (e.g. Fortinet Meraki Palo Alto Aruba) 3 years of experience supporting Ontario K12 school board network environments (WAN LAN Wi-Fi internet delivery) 2 years of experience with network monitoring and management tools (e.g. SolarWinds FortiManager Panorama) 2 years of experience with traffic analysis and diagnostic tools (e.g. PRTG Wireshark) 2 years of experience working with network telemetry and logging formats (e.g. Syslog IPFix NetFlow) 2 years of experience configuring and troubleshooting network protocols (e.g. MPLS VPLS VLAN Trunking Protocol) Experience conducting network performance analysis load testing and risk assessments Experience evaluating emerging network technologies through pilots and proof-of-concepts Experience integrating networking and security architectures (e.g. SASE ZTNA NDR) Cyber Security Expertise: 10 years of experience in cyber security and next-generation network security 5 years of experience implementing enterprise security architectures and automation workflows preferably within Ontario K12 environments Proven experience with: SSE/SASE architectures (SWG CASB FWaaS ZTNA) Endpoint security (EPP EDR XDR) Advanced threat protection (IPS IDS NAC DDoS protection) Identity and access management (passwordless MFA certificate-based authentication) Incident Response and Incident Management (IR/IM) platforms Automated vulnerability management and patching solutions UEBA and threat behaviour analytics Penetration testing and automated red teaming tools Operational Technology (OT) security and IT/OT convergence AI/ML-enabled security monitoring analytics and automation Strong understanding of layered security models and frameworks (e.g. NIST CSF v2 CIS Controls v8) Familiarity with MITRE ATT&CK D3FEND and ATLAS frameworks Experience evaluating emerging cybersecurity technologies through pilots and proof-of-concepts Security Operations and Threat Detection: Extensive experience managing and optimizing SecOps platforms including SIEM SOAR EDR/XDR CASB IDR and vulnerability management tools Strong experience in detection engineering including development tuning and lifecycle management of threat detection use cases across identity endpoint email network and cloud environments Proven experience in incident response including deep-dive investigations root cause analysis and escalation management Experience supporting MSSP onboarding transition planning and operational readiness in multi-organization environments Experience designing and implementing hybrid security operations models including: MSSP integration optimization and performance management Governance risk and compliance in hybrid environments Automation and orchestration of security workflows Expertise in telemetry ingestion log normalization and real-time correlation of security events Familiarity with SOC/NOC tools including network traffic analyzers performance monitoring and configuration management solutions Training Collaboration & Stakeholder Engagement: 5 years of experience presenting to senior and executive management and external stakeholders 5 years of experience coordinating and leading complex multi-stakeholder technical initiatives 5 years of experience preparing technical documentation and communications (e.g. reports briefings recommendations) 5 years of experience delivering cybersecurity training and upskilling programs to IT and security teams Experience supporting cross-organizational collaboration and knowledge sharing (e.g. threat intelligence sharing) Industry Certifications / Relevant Degrees: Bachelors degree in computer science cyber security or a related field. Postgraduate degree (e.g. . and/or Ph.D.) in computer science cyber security or engineering is preferred. Relevant vendor certifications or equivalent work experience. Industry-recognized security certifications preferred including: Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Certified Cloud Security Professional (CCSP) Other examples include Certified Ethical Hacker (CEH) Certified Information Systems Auditor (CISA) Certified in Risk and Information Systems Control (CRISC). Public Sector Experience: Knowledge of Government of Ontario standards (e.g. GO-ITS) and applicable legislation (e.g. Enhancing Digital Security and Trust Act 2024 (EDSTA)) 5 years of experience working in the Ontario public sector with at least 3 years supporting K12 school board network and cybersecurity environments