Technology Architect 9515

Foilcon

  • Toronto, ON
  • Permanent
  • Full-time
  • 29 days ago
Job Description:HM Note: This hybrid contract role is three (3) days in office. Candidates resume must include first and last name. Candidate must be able to travel within OntarioDescription:The Senior Technology Architect role requires deep knowledge, expertise, and experience in in cyber security solutions, security operations (SecOps) solutions and practices, automation and artificial intelligence (AI) in cyber security, managed security services, and next-generation network security. The resource also requires hands-on experience in analyzing, configuring, implementing, and troubleshooting cyber security models, automation solutions and threat detection, particularly within the education sector, preferably in the Ontario K–12 school board environment.This resource is responsible for, but not limited to:
  • Providing subject matter expertise, tactical, and operational advice, consultancy, and training on all aspects of cyber security and network solutions such as:
  • Cyber security solutions to protect, detect and respond to cyber threats
  • Zero-trust architecture (ZTA) solutions
  • Cloud security solutions
  • Use of MITRE ATT&CK, D3FEND and ATLAS frameworks in security operations
  • Various vendor specific cyber security and network solutions
  • Security operation (SecOps) and AI-Operations (AIOps) practices
  • Delivering solution and architecture guidance, training, and implementation support for next-generation networks, network protection and cyber security technologies, including:
  • Security service edge (SSE) / secure access service edge (SASE) including integration of network and security functions – including secure web gateway (SWG), cloud access security broker (CASB) and zero-trust network architecture, firewall-as-a-service (FWaaS)
  • SD-WAN (software-defined wide area network) and software-defined networking (SDN)
  • AI and machine learning (ML)-driven network and security technologies
  • Endpoint protection platforms (EPP), endpoint detection and response (EDR), and extended detection and response (XDR) solutions
  • Advanced intrusion prevention systems (IPS), intrusion detection systems (IDS), network access control and distributed denial of service (DDoS) protection
  • Identity security and authentication solutions (passwordless, password-based, certificate-based, MFA)
  • Incident Response and Incident Management (IR and IM) solutions
  • Automated vulnerability and patching
  • User and Entity Behaviour Analytics (UEBA)
  • Penetration testing and automated red teaming
  • Operation technology (OT) security
  • Providing technical guidance, delivering solution, training, and implementation support for strategic integration of hybrid cyber security operating models involving both in-house and outsourced MSSP (managed security services provider) capabilities, including:
  • Oversight of MSSP integration and optimization
  • Security operations architecture planning
  • Threat detection and incident response
  • Security Information and Event Management (SIEM), Security Orchestration, Automation and Response (SOAR), EDR/XDR, and threat intelligence platforms in a hybrid implementation
  • Automation and orchestration workflows
  • Governance, risk, and compliance in a hybrid (in-house and outsourced) security operations environment
  • Providing subject matter expertise in network operations centre (NOC) and security operations centre (SOC) technologies, services, and tools including, but not limited to:
  • Security Information and Event Management (SIEM)
  • Security Orchestration, Automation and Response (SOAR)
  • Strategic use of telemetry and analytics tools to support architectural decisions
  • Designing and implementing end-to-end security automation workflows using SOAR platforms (e.g., Microsoft Sentinel, Cortex XSOAR), including bi-directional integrations, telemetry ingestion, and orchestration of real-time response actions.
  • Provide expertise on integrating advanced AI in cyber security, including agentic AI and autonomous security, to support automation maturity and organizational readiness.
  • Deploying agentic AI-based automation for incident response, phishing mitigation, access control, and exposure management across distributed environments.
  • Developing observability dashboards and managing security metrics (KPIs/KRIs) to measure automation effectiveness, operational maturity, and MSSP accountability.
  • Executing and maintaining continuous automated red teaming (CART) platforms (e.g., SCYTHE, Caldera, AttackIQ) and integrating red team outputs into detection tuning and playbook updates.
  • Applying data science and ML techniques to security telemetry for anomaly detection, triage automation, and prioritization scoring.
  • Collaborating with MSSPs and internal teams to operationalize AI-human workflows, improve detection logic, and support continuous improvement loops.
  • Providing subject matter expertise in the development and delivery of technical training courses, including working on automation and autonomous systems, to board IT and cyber security staff in support of boards’ cyber resilience efforts.
  • Presenting to senior and executive management and external senior stakeholders, as needed.
  • Providing regular status updates and project reports on assigned deliverables
  • Taking a collaborative approach to solution definition, development, and implementation with multiple stakeholder groups with differing needs and expectations.
  • Aligning with industry and legislative advancements at the federal, provincial/local level (e.g. Bill 194 / Enhancing Digital Security and Trust Act, 2024 (EDSTA)).
  • Delivering on other duties as assigned.
This work involves working in close partnership with various government departments, the K-12 education sector, telecommunications providers, and network and cyber security technology vendors to develop tailored approaches and implementation plans. To support various stakeholders, the resource must be available to perform hands-on configuration, troubleshooting and training at the client site. Therefore, the resource must be available to travel same day or overnight in Ontario, as needed.The unit manager may assign other related board work for other unit or branch initiatives, as required.SkillsExperience and Skill Set RequirementsTOTAL OF 100%NOTE:· MUST HAVE· NICE TO HAVECyber security Architecture, Threat Management & Network – 40%· 10+ years in cyber security solutions and next-generation network security, with a focus on hands-on implementation, configuration, and troubleshooting.· 5+ years of experience in network security within advanced SDN environments—preferably in Ontario K–12 school boards.· Proven hands-on experience deploying and implementing the following solutions and technologies, preferably for Ontario K-12 school boards:o Cloud-based security (SSE/SASE including SWG, CASB, FWaaS, ZTNA)o Zero-trust architecture (ZTA)o Cloud security architecture (e.g. Azure, AWS, Google Cloud)o MITRE ATT&CK, D3FEND, and ATLAS frameworkso NIST Cybersecurity Framework (CSF) v2, CIS Controls v8o AI/ML-driven cyber security and agentic AI-based automationo Security automation (static and dynamic) and playbook developmento Endpoint security solutions (EPP, EDR, XDR)o Advanced IPS/IDS, DDoS protection, and NACo Identity security and authentication (passwordless, password-based, certificate-based, 2FA, MFA)o Incident response and incident management (IR/IM)o Automated vulnerability management and patchingo User and Entity Behaviour Analytics (UEBA), OT securityo Penetration testing and automated red teaming· Strong knowledge of layered security controls and risk-informed cyber security models (NIST CSF v2, CIS Controls v8).· Demonstrated ability to assess and evaluate emerging cyber security technologies through pilots and proof-of-concepts.Automation, AI & Autonomous Security – 25%· 5+ years of experience deploying secure architectures and automation workflows, preferably within Ontario K–12 school boards.· Hands-on experience with SOAR playbook design, bi-directional integrations, and AIOps-driven incident response.· Experience with Continuous Automated Red Teaming (CART) platforms (e.g., SCYTHE, Caldera, AttackIQ) and integrating red team outputs into detection tuning and MSSP metrics.· Proficiency in applying data science and ML to cyber security telemetry, including anomaly detection, scoring algorithms, and observability dashboards.· Familiarity with security data lakes and log analytics platforms (e.g., Azure Data Explorer, Splunk, ELK).· Understanding of AI governance, explainability, and ethical deployment of autonomous systems.Security Operations, Managed Services & Compliance – 10%· Proven hands-on experience designing and implementing hybrid (internal and outsourced) security operations, including:o Strategic oversight of MSSP integration and optimizationo High-level threat detection and incident response planningo SIEM, SOAR, EDR/XDR, and threat intelligence platformso Automation and orchestration workflowso Governance, risk, and compliance in hybrid environments· Strong knowledge of MSSP, MDR, and SOCaaS models.· Experience guiding the integration of SecOps platforms into broader cyber security architecture and automation frameworks.· Experience developing and tuning detection use cases across identity, endpoint, email, network, and cloud environments.· Familiarity with telemetry ingestion, log normalization, and real-time correlationTraining, Collaboration & Stakeholder Engagement – 10%· 5+ years of experience presenting to senior and executive management and external stakeholders.· 5+ years’ coordinating and leading complex technical work with multiple IT teams, internal and external stakeholders.· 5+ years of experience preparing written materials (e.g., status reports, recommendations, briefing notes) and experience maintaining security content (rules, dashboards, playbooks) across shared platforms.· 5+ years of experience delivering cyber security upskilling training to IT and security teams.Industry Certifications / Relevant Degrees – 10%· Bachelor’s degree in computer science, cyber security, or a related field.· Postgraduate degree (e.g., . and/or Ph.D.) in computer science, cyber security or engineering is preferred.· Relevant vendor certifications or equivalent work experience.· Cyber security certification(s). Preference is Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Cloud Security Professional (CCSP). Other examples include Certified Ethical Hacker (CEH), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC).Public Sector Experience – 5%· Knowledge of Government of Ontario standards (e.g., GO-ITS) and relevant legislation (e.g., Bill 194 / EDSTA).· 5+ years’ hands-on experience working in the K-12 education sector, with Ontario K-12 school boards, in particular with school board network, network security and cyber security.

Foilcon