1-year contract (250 business days) - 3 possible extensions
Hybrid - 2 days onsite / 3 days remotes - 777 Bay St.
Security Level: CRJMC
MUST HAVE:
10 years of experience in cyber security programs frameworks standards and regulatory compliance preferably within the public or broader public sector.
10 years of experience conducting cyber security assessments including:
Threat Risk Assessments (TRAs)
Cyber Security Risk Assessments
Cyber security GRC program assessments
10 years of experience evaluating technical and administrative controls; developing findings risk logs and reports; and preparing actionable risk-based remediation plans.
Experience applying maturity models (e.g. NIST-based models CMMI or equivalent) to assess cyber security capabilities
10 years of experience applying industry-standard cyber security frameworks including:
NIST Cybersecurity Framework (CSF) v1.1 and v2.0
CIS Critical Security Controls v8
ISO/IEC 27001
10 years of experience preparing clear structured written deliverables including:
Cyber security and privacy assessment reports
Remediation plans and recommendations
Nice-to-have:
Demonstrated experience working with NIST CSF v2.0 is preferred
10 years of experience presenting complex technical concepts assessment findings and risk insights to executive leadership management teams and diverse stakeholders.
One or more recognized cyber security certifications:
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Privacy certifications such as:
Certified Information Privacy Professional (CIPP)
Certified Information Privacy Manager (CIPM)
Certified Information Privacy Technologist (CIPT)
Knowledge of Government of Ontario standards policies and directives (e.g. GO-ITS EDSTA).
Description:
The Senior Technology Architect brings extensive expertise in cyber security and privacy controls to strengthen the cyber resilience of Ontario K12 school boards. This role focuses on identifying vulnerabilities cyber posture maturity gaps guiding remediation and enhancing protection for school boards digital environments. The architect leads assessmentsdevelops tailored action plans and provides hands-on implementation guidance and support to improve the risk posture of school boards.
This resource is responsible for but not limited to:
Leading and conducting comprehensive cyber security and privacy assessments across Ontario K12 school boards including Threat Risk Assessments (TRA) and Cyber Security Risk Assessments
Preparing detailed assessment reports and present findings risk insights and remediation plans to school board leadership and stakeholders.
Developing board-specific actionable remediation plans to address identified gaps mitigate risks and improve overall cyber resilience of K-12 school boards individually and sector-wide
Providing hands-on practical subject matter expertise and implementation guidance and support to enhance school board cyber protection capabilities including:
Strengthening existing cyber security controls
Identifying selecting and implementing new cyber security controls
Enhancing privacy safeguards with a focus on minors as a priority
Complying with any applicable legislation current and upcoming
Aligning with sector-specific standards and best practices
Right-sizing recommendations and solutions to the K-12 education sector
Supporting school boards in completing cyber security assessments by providing guidance clarifications and tailored assistance.
Reviewing and validating submitted assessment responses; track progress identify issues and conduct follow-ups to support remediation.
Contributing to the development validation and enhancement of sector tools and frameworks (Cybersecurity and Privacy Assessment Tool (CPAT) and other self-assessment tools user guides and reporting outputs).
Maintaining risk logs remediation plans and technical documentation to support transparency and continuous improvement.
Collaborating with ministry school board and sector third-party cyber security personnel to share knowledge assist with upskilling IT teams and guide implementation of recommended controls.
Advising on findings root cause analysis and mitigation strategies following security or privacy incidents ensuring lessons learned are translated into improved practices.
Supporting the development and operationalization of cyber security controls policies and playbooks tailored to the K12 education environment.
Engaging with internal and external stakeholders including school board leadership IT teams and government partners to ensure alignment with broader cyber security initiatives and legislative requirements (e.g. EDSTA).
Delivering presentations briefings and consultation sessions to communicate findings recommendations and progress updates.
Monitoring and reporting on project deliverables providing regular status updates and ensuring timely completion of assigned tasks.
Staying up to date with evolving cyber threats privacy regulations and sector-specific risks and incorporate this knowledge into engagements and recommendations.
Managing and delivering multiple concurrent cyber security engagements across diverse school board environments prioritizing and maintaining high-quality deliverables under tight timelines.
Delivering on other duties as assigned.
This work involves working in close partnership with various government departments the K-12 education sector telecommunications providers and network and cyber security technology vendors to develop tailored approaches and implementation plans. To support various stakeholders the resource must be available to perform hands-on configuration troubleshooting and training at the client site. Therefore the resource must be available to travel same day or overnight in Ontario as needed.
AI Disclaimer: Source Code may use artificial intelligence (AI) tools to assist in certain aspects of its recruiting and business operations.
Note: The higher end of the range is intended for absolutely exceptional candidates who meet all must-have requirements and most or all nice-to-have qualifications. The client will evaluate candidates based on both rate expectations and overall skill set when shortlisting.
INCORPORATED RATE RANGE (7.25 billable hours per day)
$110.55/hr - $132.74/hr Inc.
T4 RATE RANGE (7.25 billable hours per day)
$88.44/hr - $106.19/hr T4
RQ11202 - Sr. Technology Architect 1-year contract (250 business days) - 3 possible extensions Hybrid - 2 days onsite / 3 days remotes - 777 Bay St. Security Level: CRJMC MUST HAVE: 10 years of experience in cyber security programs frameworks standards and regulatory compliance preferably within t...
RQ11202 - Sr. Technology Architect
1-year contract (250 business days) - 3 possible extensions
Hybrid - 2 days onsite / 3 days remotes - 777 Bay St.
Security Level: CRJMC
MUST HAVE:
10 years of experience in cyber security programs frameworks standards and regulatory compliance preferably within the public or broader public sector.
10 years of experience conducting cyber security assessments including:
Threat Risk Assessments (TRAs)
Cyber Security Risk Assessments
Cyber security GRC program assessments
10 years of experience evaluating technical and administrative controls; developing findings risk logs and reports; and preparing actionable risk-based remediation plans.
Experience applying maturity models (e.g. NIST-based models CMMI or equivalent) to assess cyber security capabilities
10 years of experience applying industry-standard cyber security frameworks including:
NIST Cybersecurity Framework (CSF) v1.1 and v2.0
CIS Critical Security Controls v8
ISO/IEC 27001
10 years of experience preparing clear structured written deliverables including:
Cyber security and privacy assessment reports
Remediation plans and recommendations
Nice-to-have:
Demonstrated experience working with NIST CSF v2.0 is preferred
10 years of experience presenting complex technical concepts assessment findings and risk insights to executive leadership management teams and diverse stakeholders.
One or more recognized cyber security certifications:
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Privacy certifications such as:
Certified Information Privacy Professional (CIPP)
Certified Information Privacy Manager (CIPM)
Certified Information Privacy Technologist (CIPT)
Knowledge of Government of Ontario standards policies and directives (e.g. GO-ITS EDSTA).
Description:
The Senior Technology Architect brings extensive expertise in cyber security and privacy controls to strengthen the cyber resilience of Ontario K12 school boards. This role focuses on identifying vulnerabilities cyber posture maturity gaps guiding remediation and enhancing protection for school boards digital environments. The architect leads assessmentsdevelops tailored action plans and provides hands-on implementation guidance and support to improve the risk posture of school boards.
This resource is responsible for but not limited to:
Leading and conducting comprehensive cyber security and privacy assessments across Ontario K12 school boards including Threat Risk Assessments (TRA) and Cyber Security Risk Assessments
Preparing detailed assessment reports and present findings risk insights and remediation plans to school board leadership and stakeholders.
Developing board-specific actionable remediation plans to address identified gaps mitigate risks and improve overall cyber resilience of K-12 school boards individually and sector-wide
Providing hands-on practical subject matter expertise and implementation guidance and support to enhance school board cyber protection capabilities including:
Strengthening existing cyber security controls
Identifying selecting and implementing new cyber security controls
Enhancing privacy safeguards with a focus on minors as a priority
Complying with any applicable legislation current and upcoming
Aligning with sector-specific standards and best practices
Right-sizing recommendations and solutions to the K-12 education sector
Supporting school boards in completing cyber security assessments by providing guidance clarifications and tailored assistance.
Reviewing and validating submitted assessment responses; track progress identify issues and conduct follow-ups to support remediation.
Contributing to the development validation and enhancement of sector tools and frameworks (Cybersecurity and Privacy Assessment Tool (CPAT) and other self-assessment tools user guides and reporting outputs).
Maintaining risk logs remediation plans and technical documentation to support transparency and continuous improvement.
Collaborating with ministry school board and sector third-party cyber security personnel to share knowledge assist with upskilling IT teams and guide implementation of recommended controls.
Advising on findings root cause analysis and mitigation strategies following security or privacy incidents ensuring lessons learned are translated into improved practices.
Supporting the development and operationalization of cyber security controls policies and playbooks tailored to the K12 education environment.
Engaging with internal and external stakeholders including school board leadership IT teams and government partners to ensure alignment with broader cyber security initiatives and legislative requirements (e.g. EDSTA).
Delivering presentations briefings and consultation sessions to communicate findings recommendations and progress updates.
Monitoring and reporting on project deliverables providing regular status updates and ensuring timely completion of assigned tasks.
Staying up to date with evolving cyber threats privacy regulations and sector-specific risks and incorporate this knowledge into engagements and recommendations.
Managing and delivering multiple concurrent cyber security engagements across diverse school board environments prioritizing and maintaining high-quality deliverables under tight timelines.
Delivering on other duties as assigned.
This work involves working in close partnership with various government departments the K-12 education sector telecommunications providers and network and cyber security technology vendors to develop tailored approaches and implementation plans. To support various stakeholders the resource must be available to perform hands-on configuration troubleshooting and training at the client site. Therefore the resource must be available to travel same day or overnight in Ontario as needed.
AI Disclaimer: Source Code may use artificial intelligence (AI) tools to assist in certain aspects of its recruiting and business operations.
Note: The higher end of the range is intended for absolutely exceptional candidates who meet all must-have requirements and most or all nice-to-have qualifications. The client will evaluate candidates based on both rate expectations and overall skill set when shortlisting.
INCORPORATED RATE RANGE (7.25 billable hours per day)