Salary
$116 - $121 / hour
Location
Toronto, ON
Posted
Jul 4, 2026
Role overview
Job Title: Technology Architect (Assessments) - Senior
Location: Toronto, Ontario
Work Model: Hybrid
Duration: 12 months
Security Clearance: CRJMC
Submission Deadline: 2026-07-08, 12:00 p.m. EST
Must Haves
Cyber Security and Privacy 55%
- 10+ years of experience in cyber security programs, frameworks, standards, and regulatory compliance, preferably within the public or broader public sector.
- 10+ years of experience conducting cyber security assessments, including:
- Threat Risk Assessments (TRAs)
- Cyber Security Risk Assessments
- Cyber security GRC program assessments
- 10+ years of experience evaluating technical and administrative controls; developing findings, risk logs, and reports; and preparing actionable, risk-based remediation plans.
- Experience applying maturity models (e.g., NIST-based models, CMMI, or equivalent) to assess cyber security capabilities.
- Advanced experience in data analytics and statistical analysis to analyze raw data and compilate meaningful insights and visuals.
- 10+ years of experience applying industry-standard cyber security frameworks, including:
- NIST Cybersecurity Framework (CSF) v1.1 and v2.0
- CIS Critical Security Controls v8
- ISO/IEC 27001
- COBIT
- Demonstrated experience working with NIST CSF v2.0 is preferred.
- 10+ years of experience applying privacy frameworks such as:
- NIST Privacy Framework
- ISO/IEC 27701
- Strong knowledge of privacy and cyber security considerations related to Internet of Things (IoT) environments.
- Strong knowledge of privacy and cyber security considerations related to the use of Large Language Models (LLMs) and Artificial Intelligence (AI tools).
- Strong knowledge of applicable privacy legislation and regulatory requirements, including:
- Municipal Freedom of Information and Protection of Privacy Act (MFIPPA)
- Canadian Privacy Act
- General Data Protection Regulation (GDPR)
- Enhancing Digital Security and Trust Act, 2024 (EDSTA)
Communication Skills and Experience 25%
- 10+ years of experience presenting complex technical concepts, assessment findings, and risk insights to executive leadership, management teams, and diverse stakeholders.
- 10+ years of experience preparing clear, structured written deliverables, including:
- Cyber security and privacy assessment reports
- Remediation plans and recommendations
- Status reports and briefing materials
- Demonstrated ability to translate technical findings into clear, actionable insights tailored to non-technical audiences.
Industry Certifications / Relevant Degrees 15%
- One or more recognized cyber security certifications:
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Privacy certifications such as:
- Certified Information Privacy Professional (CIPP)
- Certified Information Privacy Manager (CIPM)
- Certified Information Privacy Technologist (CIPT)
- Post-secondary education in information security, computer science, information systems, or a related discipline is preferred.
Public Sector Experience 5%
- Knowledge of Government of Ontario standards, policies, and directives (e.g., GO-ITS, EDSTA).
- Minimum 5+ years of experience working within the K 12 education sector, preferably with Ontario school boards.
- Experience supporting or assessing school board environments, including network infrastructure, network security, and cyber security controls.
Description / Responsibilities / Skills
Project Description
The Cyber Resilience Strategy and Oversight Services (CRSOS) unit provides strategic vision, leadership and support for the development and implementation of modernized I&IT solutions in the public education sector and associated stakeholders.
Responsibilities of the CRSOS unit include:
- Developing vision and implementation strategy for evolving network technology platforms in the K-12 sector.
- Working closely with stakeholder partners to assist in achieving sector and ministry strategic goals and objectives through innovative network and network security solutions.
- Acquiring intelligence for the sector through developing and managing relationships with sector organizations and network/network security organizations such as telecommunications service providers and network technology and service providers.
Responsibilities
The Senior Technology Architect brings extensive expertise in cyber security and privacy controls to strengthen the cyber resilience of Ontario K 12 school boards.
This role focuses on identifying vulnerabilities, cyber posture maturity gaps, guiding remediation, and enhancing protection for school boards' digital environments.
The architect leads assessments, develops tailored action plans, and provides hands-on implementation guidance and support to improve the risk posture of school boards.
The resource is responsible for, but not limited to:
- Leading and conducting comprehensive cyber security and privacy assessments across Ontario K 12 school boards, including Threat Risk Assessments (TRA) and Cyber Security Risk Assessments.
- Preparing detailed assessment reports and presenting findings, risk insights, and remediation plans to school board leadership and stakeholders.
- Developing board-specific actionable remediation plans to address identified gaps, mitigate risks and improve overall cyber resilience of K-12 school boards individually and sector-wide.
- Providing hands-on practical subject matter expertise and implementation guidance and support to enhance school board cyber protection capabilities.
- Supporting school boards in completing cyber security assessments by providing guidance, clarifications, and tailored assistance.
- Reviewing and validating submitted assessment responses; tracking progress, identifying issues, and conducting follow-ups to support remediation.
- Contributing to the development, validation, and enhancement of sector tools and frameworks.
- Maintaining risk logs, remediation plans, and technical documentation.
- Collaborating with ministry, school board and sector third-party cyber security personnel.
- Advising on findings, root cause analysis and mitigation strategies following security or privacy incidents.
- Supporting the development and operationalization of cyber security controls, policies, and playbooks tailored to the K 12 education environment.
- Engaging with internal and external stakeholders, including school board leadership, IT teams, and government partners.
- Delivering presentations, briefings, and consultation sessions.
- Monitoring and reporting on project deliverables.
- Staying up to date with evolving cyber threats, privacy regulations, and sector-specific risks.
- Managing and delivering multiple concurrent cyber security engagements.
- Delivering on other duties as assigned.
This work involves working in close partnership with various government departments, the K-12 education sector, telecommunications providers, and network and cyber security technology vendors to develop tailored approaches and implementation plans.
The resource must be available to perform hands-on configuration, troubleshooting and training at the client site and be available to travel same day or overnight in Ontario, as needed.