Description:
The Senior Technology Architect role requires
deep knowledge, expertise and experience in next-generation network security,
cyber security solutions, security operations (SecOps), automation and
artificial intelligence (AI) in cyber security, and managed / shared security
services (MSS) models. The resource must have hands-on experience in designing,
developing and implementing cyber security architectures and solutions,
particularly within the education sector—preferably in the Ontario K–12 school
board environment.
This resource is responsible for, but not limited to:
- Leading
the end-to-end technical integration strategy and architecture
design for the Cyber Security Operating Model (CSOM) across
participating school boards.
- Providing
subject matter expertise and strategic advice on all aspects of
cyber security, network architecture, and modern security frameworks and
solutions such as:
- Zero
Trust Architecture (ZTA) and cloud security architecture
- MITRE
ATT&CK, D3FEND and ATLAS frameworks
- NIST
Cybersecurity Framework (CSF) v2 and CIS Controls v8
- Various
vendor platforms (e.g., Microsoft, AWS, Google)
- Security
operations (SecOps) and AI-Operations (AIOps) practices
- Leading AI-infused
transformation through design and implementation of intelligent
and autonomous security capabilities, including:
- SOAR
and Agentic AI solutions
- AI/ML-driven
analytics and threat detection
- User
and Entity Behaviour Analytics (UEBA)
- Automated
threat detection, response, and orchestration workflows
- Designing
and implementing hybrid cyber security operating models integrating
internal teams and Managed Security Service Providers (MSSPs),
including:
- MSS
strategy, onboarding, optimization and performance management
- Alignment
and integration of Security Information and Event Management (SIEM),
Security Orchestration, Automation and Response (SOAR), EDR/XDR, and
threat intelligence platforms
- School
board MSS readiness, transition planning, and governance models
- Security
operations architecture, threat detection, incident response, and
automation workflows
- Governance,
risk, and compliance in hybrid (in-house and outsourced) environments
- Designing
and delivering solution architecture, training, and implementation support
for next-generation network and cyber security technologies,
including:
- Security
Service Edge (SSE) / Secure Access Service Edge (SASE), including
integration of network and security functions such as Secure Web Gateway
(SWG), Cloud Access Security Broker (CASB), Zero Trust Network
Architecture (ZTNA), and Firewall-as-a-Service (FWaaS)
- SD-WAN
(Software-Defined Wide Area Network) and SDN (Software-Defined
Networking)
- dentity
and access management (passwordless, password-based, certificate-based,
and multi-factor authentication (MFA))
- Endpoint
security (Endpoint Protection Platforms (EPP), Endpoint Detection and
Response (EDR), and Extended Detection and Response (XDR))
- Advanced
threat protection (Intrusion Prevention Systems (IPS), Intrusion
Detection Systems (IDS), Network Access Control (NAC), and Distributed
Denial-of-Service (DDoS) protection)
- AI/ML-enabled
monitoring, analytics, and automation
- Incident
Response (IR) and Incident Management (IM)
- Vulnerability
management and patching automation
- Penetration
testing and automated red teaming
- Operational
Technology (OT) security
- Cloud
adoption and modernization strategies, including segmentation,
resilience, and data residency
- Developing
and maintaining enterprise reference architectures to ensure alignment
across infrastructure, security, and operational domains.
- Providing
subject matter expertise in Network Operations Centre (NOC) and
Security Operations Centre (SOC) technologies and tools,
including SIEM, SOAR, and network monitoring and management platforms.
- Supporting
school boards in transitioning from an internal SecOps model to a
hybrid managed security services (MSS) model, including:
- Strategic
advisory and implementation support
- Telemetry
and metrics design
- Internal
operations optimization
- MSS
integration and optimization
- Advising
on modernization strategies—including cloud adoption, network
segmentation, data residency, and distributed identity
models—ensuring alignment with provincial and education-sector
requirements.
- Leading
architecture and capability assessments across K–12 environments and MSSPs
to inform solution design and telemetry optimization.
- Developing strategic
technology roadmaps based on emerging cyber security trends,
threat landscape evolution, and industry best practices.
- Creating
and maintaining technical documentation and specifications,
including architecture designs, options analysis, and cost modelling.
- Maintaining
awareness of the evolving cyber threat landscape, particularly
within the K–12 sector, and applying insights to improve security posture
and practices.
- Presenting
to senior leadership and external stakeholders, as required.
- Providing
status reporting on deliverables and project progress.
- Collaborating
with diverse stakeholder groups to support solution definition, design,
and implementation.
- Aligning
with industry and legislative advancements at the federal and provincial
level (e.g., Enhancing Digital Security and Trust Act, 2024 (EDSTA))
- Delivering
on other duties as assigned.
This work involves working in close partnership with sector
technical IT leads (e.g., school board IT leads), to develop tailored
approaches and implementation plans. To support various stakeholders, the
resource must be available to perform hands-on configuration, troubleshooting
and training at the client site. Therefore, the resource must be available to
travel same day or overnight in Ontario, as needed.
The unit manager may assign other related board work for other
unit or branch initiatives, as required.
Requirements
Experience and Skill Set Requirements:
Must Haves:
- 10+ years of experience in cyber security and
next-generation network security, with a strong focus on architecture design,
integration, strategic planning, and implementation.
- 5+ years of experience designing and implementing secure,
enterprise-wide architectures across cloud, network, identity, and security
operations domains,
- Cloud-delivered security architectures (SSE/SASE, including
SWG, CASB, FWaaS, ZTNA)
- Zero Trust Architecture (ZTA)
- Cloud security architectures (Microsoft, AWS, Google)
- AI/ML-driven cyber security capabilities and automation
- Endpoint security solutions (EPP, EDR, XDR)
- Vulnerability management and patching automation
- Proven experience designing and implementing hybrid
(internal and outsourced) security operations models
- Strong knowledge of managed security service delivery
models, including MSSP, MDR, and SOC-as-a-Service (SOCaaS).
- 5+ years of experience with network infrastructure (LAN/WAN,
VPN, VLAN) and core components (switches, routers, firewalls)
- 5+ years of experience with SDN and SD-WAN technologies
(e.g., Fortinet, Cisco Meraki, Palo Alto)
- 10+ years of experience providing advisory services to
senior leadership and executive stakeholders.
- 5+ years of experience leading complex, cross-functional
technical initiatives involving multiple internal and external stakeholders.
- Experience developing strategic cyber security and network
technology roadmaps and modernization strategies.
- 5+ years of experience advising organizations on adoption of
managed security service models (fully outsourced, co-managed, hybrid).
- Preferred certifications include:
- CISSP (Certified Information Systems Security Professional)
- CISM (Certified Information Security Manager)
- CCSP (Certified Cloud Security Professional)
- Other relevant certifications such as CEH, CISA, CRISC
Nice to have:
- preferably within Ontario K–12 school boards.
- MITRE ATT&CK, D3FEND, and ATLAS frameworks
- User and Entity Behaviour Analytics (UEBA)
- Penetration testing and automated red teaming
- preferably within Ontario’s K–12 education sector.
- Experience establishing governance models and evaluating
MSSP performance and service delivery.
- Postgraduate degree (e.g., M.Sc. and/or Ph.D.) in computer science, cyber security or
engineering is preferred.
- 5+ years’ hands-on experience working in the K-12 education
sector, with Ontario K-12 school boards, in particular with school board network, network
security and cyber security.
Skill Set Requirements:
Cyber security,
network security and architecture expertise:
- 10+ years of
experience in cyber security and next-generation network security, with a
strong focus on architecture design, integration, strategic planning, and
implementation.
- 5+ years of
experience designing and implementing secure, enterprise-wide architectures
across cloud, network, identity, and security operations
domains, preferably within Ontario K–12 school boards.
- 5+ years of
experience in advanced network security, including software-defined
environments (SDN/SD-WAN), preferably within Ontario K–12 school boards.
- Proven hands-on
experience designing, implementing, and integrating the following solutions and
technologies:
- Cloud-delivered
security architectures (SSE/SASE, including SWG, CASB, FWaaS, ZTNA)
- Zero Trust
Architecture (ZTA)
- Cloud security
architectures (Microsoft, AWS, Google)
- MITRE ATT&CK,
D3FEND, and ATLAS frameworks
- NIST Cybersecurity
Framework (CSF) v2 and CIS Controls v8
- AI/ML-driven cyber
security capabilities and automation
- Security
orchestration, automation, and playbook development
- Endpoint security
solutions (EPP, EDR, XDR)
- Advanced threat
protection (IDS/IPS, DDoS protection, Network Access Control)
- Identity and access
management (passwordless, certificate-based, MFA/2FA)
- Incident response
and incident management (IR/IM)
- Vulnerability
management and patching automation
- User and Entity
Behaviour Analytics (UEBA)
- Penetration testing
and automated red teaming
- Operational
Technology (OT) security
- Proven experience
designing and implementing hybrid (internal and outsourced) security operations
models, including:
- Integration and
optimization of internal security teams and managed security service providers
(MSSPs)
- Security operations
architecture in hybrid environments
- Threat detection
and incident response in co-managed models
- Integration of
SIEM, SOAR, EDR/XDR, and threat intelligence platforms
- Automation and
orchestration workflows
- Governance, risk,
and compliance in hybrid security operations environments
- Strong knowledge of
managed security service delivery models, including MSSP, MDR, and
SOC-as-a-Service (SOCaaS).
- Strong knowledge of
federated and multi-tenant security architectures.
- Demonstrated
ability to evaluate and assess emerging cyber security technologies through
pilots and proof-of-concepts.
- Strong knowledge of
IoT security and data capture/telemetry mechanisms.
Network
Technology:
- 5+ years of experience
with network infrastructure (LAN/WAN, VPN, VLAN) and core components (switches,
routers, firewalls) preferably within Ontario’s K–12 education sector.
- 5+ years of
experience with SDN and SD-WAN technologies (e.g., Fortinet, Cisco Meraki, Palo
Alto) preferably within Ontario’s K–12 education sector.
- 3+ years of
experience with SSE/SASE technologies (e.g., Netskope, Zscaler, Prisma SASE,
Cato).
- 5+ years of
experience with network monitoring, traffic analysis, and management tools
(e.g., SolarWinds, FortiManager, PRTG, Panorama, Wireshark).
- 3+ years of
experience with network telemetry and logging formats (e.g., Syslog, NetFlow,
IPFIX).
- 5+ years of
experience configuring and troubleshooting network protocols (e.g., MPLS, VPLS,
VLAN trunking).
- Experience
evaluating emerging network technologies through pilots and proof-of-concepts.
Strategic
Advisory and Architecture Leadership:
- 10+ years of experience
providing advisory services to senior leadership and executive stakeholders.
- 5+ years of
experience leading complex, cross-functional technical initiatives involving
multiple internal and external stakeholders.
- 5+ years of
experience preparing and delivering technical and executive-level documentation
(e.g., architecture designs, reports, recommendations, briefings).
- Experience
developing strategic cyber security and network technology roadmaps and
modernization strategies.
- Experience aligning
security and network architectures with federal, provincial, and K–12
regulatory and compliance requirements.
- Strong expertise in
secure solution design, including telemetry, monitoring, and metrics
frameworks.
- 5+ years of
experience advising organizations on adoption of managed security service
models (fully outsourced, co-managed, hybrid).
- Experience
establishing governance models and evaluating MSSP performance and service
delivery.
- Experience delivering
training and knowledge transfer to technical teams.
Industry
Certifications / Relevant Degrees:
- Relevant vendor
certifications or equivalent work experience.
- Postgraduate degree
(e.g., M.Sc. and/or Ph.D.) in
computer science, cyber security or engineering is preferred.
- Preferred
certifications include:
- CISSP (Certified
Information Systems Security Professional)
- CISM (Certified
Information Security Manager)
- CCSP (Certified
Cloud Security Professional)
- Other relevant certifications
such as CEH, CISA, CRISC
Public Sector
Experience:
- Knowledge of
Government of Ontario standards (e.g., GO-ITS) and relevant policies and
legislation (e.g., EDSTA).
- 5+ years’ hands-on
experience working in the K-12 education sector, with Ontario K-12 school
boards, in particular with school board network, network security and cyber
security.
Skills Required
- 10+ years of experience in cyber security and next-generation network security, focused on architecture design, integration, strategic planning, and implementation
- 5+ years designing and implementing secure, enterprise-wide architectures across cloud, network, identity, and security operations domains
- Hands-on experience with cloud-delivered security architectures (SSE/SASE including SWG, CASB, FWaaS, ZTNA)
- Experience with Zero Trust Architecture (ZTA)
- Cloud security architectures across Microsoft, AWS, and Google
- AI/ML-driven cyber security capabilities and automation (SOAR, Agentic AI, analytics, UEBA)
- Endpoint security solutions experience (EPP, EDR, XDR)
- Vulnerability management and patching automation experience
- Proven experience designing and implementing hybrid (internal and outsourced) security operations models and MSSP integration
- Strong knowledge of managed security service delivery models (MSSP, MDR, SOC-as-a-Service)
- 5+ years of experience with network infrastructure (LAN/WAN, VPN, VLAN) and core components (switches, routers, firewalls)
- 5+ years of experience with SDN and SD-WAN technologies (examples: Fortinet, Cisco Meraki, Palo Alto)
- 3+ years experience with SSE/SASE technologies (examples: Netskope, Zscaler, Prisma SASE, Cato)
- 5+ years experience preparing/delivering technical and executive-level documentation and advising senior leadership
- 5+ years leading complex, cross-functional technical initiatives involving multiple stakeholders
- Experience developing strategic cyber security and network technology roadmaps and modernization strategies
- Ability to provide hands-on configuration, troubleshooting and training onsite; available to travel same day or overnight in Ontario as needed
- Preferred certifications: CISSP, CISM, CCSP, CEH, CISA, CRISC
- Postgraduate degree (M.Sc. or Ph.D.) in computer science, cyber security or engineering
- Hands-on experience in the K-12 education sector, preferably Ontario school boards
What We Do
Maarut Inc. is a Canadian company specializing in IT services, technology staffing, and software development, dedicated to assisting businesses with digital transformation and solving business challenges through technology.








