IMPORTANT NOTES:
- The client may exercise its option(s) to extend the Statement of Work (SOW) beyond October 5, 2027, provided that the Master Service Agreement is extended. Any such extension shall be on the same terms, conditions, and covenants contained as those contained in the SOW.
**This procurement will include the option to extend the end date of the contract if there are unused effort days and no change to the ceiling amount, if the need arises.
***This contract will require the consultant to work up to 2 days per week in the office and the remaining days working remotely.
****Travel Requirements – The resource must be available to travel the same day or overnight in Ontario, as required. For this role, travel to school board locations across the province will be required. Travel expenses will be reimbursed according to the Ontario Travel, Meal and Hospitality Expenses Directive.
The Senior Technology Architect role requires deep knowledge, expertise, and experience in in cyber security solutions, security operations (SecOps) solutions and practices, automation and artificial intelligence (AI) in cyber security, managed security services, and next-generation network security. The resource also requires hands-on experience in analyzing, configuring, implementing, and troubleshooting cyber security models, automation solutions and threat detection, particularly within the education sector, preferably in the Ontario K–12 school board environment.
This resource is responsible for, but not limited to:
- Providing technical leadership and guidance on cyber security architecture, security operations, AI-enabled security, and next-generation network technologies.
- Designing, implementing, and supporting security solutions including Cloud Security, Identity Security, Endpoint Security, SASE/SSE, SIEM, SOAR, and XDR.
- Developing and implementing AI-enabled security capabilities, including security automation, AI agents, Large Language Models (LLMs), Retrieval-Augmented Generation (RAG), and autonomous security operations.
- Supporting integration of AI platforms with security technologies including SIEM, SOAR, threat intelligence, vulnerability management, and identity security platforms.
- Assisting with the development, testing, and deployment of AI-based security use cases, playbooks, and operational workflows.
- Assisting in the development of AI integration tools for pre-emptive security, namely Threat intelligence and Vulnerability insight
- Providing subject matter expertise, tactical and operational advice, consultancy, and training on all aspects of cyber security, AI-enabled security, and network solutions such as:
- Cyber security solutions to protect, detect, and respond to cyber threats
- Cloud security solutions
- Using MITRE ATT&CK, D3FEND, and ATLAS frameworks in security operations
- AI-assisted SecOps practices, including agentic AI, autonomous security operations, and human-in-the-loop controls
- AI governance, responsible AI adoption, and risk-informed use of AI in cyber security
- Various vendor-specific cyber security, AI, and network solutions
- Designing, implementing, and integrating security technologies, telemetry pipelines, orchestration tools, and automated workflows supporting SecOps and MSS service integration, including:
- SIEM/SOAR/Agentic AI integration and engineering support
- Telemetry ingestion, normalization, and correlation pipelines
- Security tooling integration across hybrid environments
- Automation of MSS workflows and operational processes
- Executing and maintaining continuous automated red teaming (CART) platforms (e.g., SCYTHE, Caldera, AttackIQ), and integrating outputs into detection tuning, control validation, and playbook optimization
- Monitoring and reporting on security operations performance, including development of dashboards, KPIs/KRIs, and MSSP performance metrics to support continuous improvement
- Collaborating with MSSPs and internal stakeholders to optimize workflows, improve detection logic, and support service modernization toward AI-enabled operating models
- Delivering technical training, stakeholder engagement, and operational guidance to support cyber resilience and continuous improvement.
- Presenting technical findings, risk insights, and strategic recommendations to senior leadership and stakeholders
- Providing regular status updates and project reporting on deliverables, milestones, and performance outcomes
- Applying a collaborative approach to solution design, development, and implementation across diverse stakeholder groups
- Aligning with industry and legislative advancements at the federal, provincial/local level (e.g., Enhancing Digital Security and Trust Act, 2024 (EDSTA)).
- Delivering on other duties as assigned.
This work involves working in close partnership with various government departments, the K-12 education sector, telecommunications providers, and network and cyber security technology vendors to develop tailored approaches and implementation plans. To support various stakeholders, the resource must be available to perform hands-on configuration, troubleshooting and training at the client site. Therefore, the resource must be available to travel same day or overnight in Ontario, as needed.
The unit manager may assign other related board work for other unit or branch initiatives, as required.