IMPORTANT NOTES:
- The client may exercise its option(s) to extend the Statement of Work (SOW) beyond October 5, 2027, provided that the Master Service Agreement is extended. Any such extension shall be on the same terms, conditions, and covenants contained as those contained in the SOW.
**This procurement will include the option to extend the end date of the contract if there are unused effort days and no change to the ceiling amount, if the need arises.
***This contract will require the consultant to work up to 2 days per week in the office and the remaining days working remotely.
****Travel Requirements – The resource must be available to travel the same day or overnight in Ontario, as required. For this role, travel to school board locations across the province will be required. Travel expenses will be reimbursed according to the Ontario Travel, Meal and Hospitality Expenses Directive.
The Senior Technology Architect role requires knowledge, expertise, and experience in cybersecurity solutions, security operations (SecOps) practices, managed security services (MSS/MSSP), and next-generation network security. This resource will provide strategic coordination, planning support, and delivery oversight to Ontario K-12 school boards in the areas of cyber security incident management, operational resilience, and technology modernization. The role focuses on coordinating technical workplans, providing program tracking and oversight, supporting managed security service (MSS) onboarding, and managing cyber incident response processes as boards shift toward shared service models and modernized operations.
This resource is responsible for, but not limited to:
- Delivering solution and architecture guidance, training, and implementation support for next-generation networks, network protection, and cyber security technologies, including:
- Security Service Edge (SSE) / Secure Access Service Edge (SASE), including integration of network and security functions (SWG, CASB, ZTNA, FWaaS)
- SD-WAN and Software-defined Networking (SDN)
- Endpoint security (EPP, EDR, XDR)
- Advanced threat protection (IPS, IDS, NAC, DDoS)
- Identity and authentication solutions (passwordless, password-based, certificate-based, MFA)
- Incident Response and Incident Management (IR/IM) solutions
- Automated vulnerability management and patching
- User and Entity Behaviour Analytics (UEBA)
- Providing subject matter expertise in Network Operations Centre (NOC) and Security Operations Centre (SOC) technologies and tools, security analytics, and performance management, including:
- Use of SIEM, SOAR, telemetry, and analytics tools
- Development of SOC KPIs/KRIs and MSSP accountability metrics
- Application of threat-informed methodologies (e.g., MITRE ATT&CK)
- Coordinate and track technology modernization workplans across school boards, including timelines, milestones, and dependencies.
- Provide oversight of program activities, monitoring status, risks, issues, and actions across multiple initiatives.
- Maintain documentation and deliver progress reports and briefings to leadership and stakeholders.
- Collaborate with boards, vendors, and project teams to manage schedules, address risks, and close coordination gaps.
- Serve as a central coordination point to ensure alignment, consistency, and effective communication.
- Provide technical advisory support by interpreting requirements and bridging technical and non-technical stakeholders.
- Support MSS onboarding, including timelines, documentation, and stakeholder communication.
- Assist boards with operational readiness, transition planning, and go-live coordination.
- Identify and escalate readiness gaps and risks during implementation and transition phases.
- Coordinate cyber incident response activities, including communication, escalation, and reporting.
- Support development and maintenance of incident response and crisis communication plans.
- Monitor incident trends and support continuous improvement of response capabilities.
- Support proactive cybersecurity initiatives, including vulnerability management and risk prevention.
- Coordinate CVEM activities, including scanning, remediation tracking, prioritization, and reporting.
- Prepare vulnerability management metrics and reports for leadership.
- Develop and maintain documentation (e.g., architectures, playbooks, onboarding guides) to support secure operations.
- Monitor emerging cyber threats and technologies to inform security practices.
- Presenting to senior and executive management and external senior stakeholders, as needed.
- Providing regular status updates and project reports on assigned deliverables
- Taking a collaborative approach to solution definition, development, and implementation with multiple stakeholder groups with differing needs and expectations.
- Aligning with industry and legislative advancements at the federal, provincial/local level (e.g., Enhancing Digital Security and Trust Act, 2024 (EDSTA)).
- Delivering on other duties as assigned.
This work involves working in close partnership with various government departments, the K-12 education sector, telecommunications providers, and network and cyber security technology vendors to develop tailored approaches and implementation plans. To support various stakeholders, the resource must be available to perform hands-on configuration, troubleshooting and training at the client site. Therefore, the resource must be available to travel same day or overnight in Ontario, as needed.
The unit manager may assign other related board work for other unit or branch initiatives, as required.