- Providing subject matter expertise, configuration, troubleshooting, training, and implementation guidance with cyber security, network security and network protection solutions, including:
- Next-generation cyber security technologies leveraging automation, artificial intelligence (AI) and machine learning (ML)
- Endpoint security solutions - Endpoint protection (EPP), Endpoint detection and response (EDR), and Extended Detection and Response (XDR)
- Cloud-based cyber security solutions, Secure Service Edge (SSE) / Secure Access Service Edge (SASE) including Secure Web Gateway (SWG), Cloud Access Security Broker (CASB) and Zero-Trust Network
- Identity security solutions – such as Multi-Factor Authentication (MFA), Passkey, Identity Management (IdM), and Privileged Access Management (PAM)
- Advanced intrusion prevention systems (IPS) and intrusion detection systems (IDS)
- Network access control
- Incident Response and Incident Management (IR and IM) systems
- Automated vulnerability and patching
- Penetration testing and automated Red Teaming
- User and Entity Behaviour Analytics (UEBA)
- Distributed denial of service (DDoS) protection
- Operation Technology (OT) security
- Providing hands-on subject matter expertise troubleshooting and securing software-defined networking (SDN) technology including:
- Software-defined wide area network (SD-WAN) including Fortinet, Cisco Meraki, Palo Alto, Fat Pipe, etc.
- Emerging SD-Edge such as VMware VeloCloud, Silver Peak, etc
- Providing subject matter expertise in the development and delivery of technical training courses on next-generation cyber security solutions, secure networking solutions, and various security products to support boards' cyber resilience efforts
- Troubleshooting, providing analysis, and recommending solutions on complex cyber security and network security issues
- Performing vulnerability scanning and penetration testing including activities such as preparing test plans, completing the testing analysis, and risk assessments to ensure sound network and security architecture
- Staying abreast of the ever-evolving cyber threat landscape to provide subject matter expertise, guidance and advice on tactical and operational cyber security and network security practices
- Providing subject matter expertise, analysis, configuration, troubleshooting, and implementation guidance with security operations centre (SOC) technologies, including:
- Security Information and Event Management (SIEM)
- Security Orchestration, Automation and Response (SOAR)
- Threat Intelligence
- SASE
- SolarWinds NetFlow Traffic Analyzer
- Network Performance Monitor (NPM) and Network Configuration Management (NCM) Tools
- Providing subject matter expertise, analysis, configuration, troubleshooting, training, and implementation guidance with identity security and authentication solutions and technologies for:
- Password-based and passwordless authentication
- MFA
- Certificate-based authentication
- Creating/updating detailed system documentation and technical specifications various solutions and architecture, including cyber security, network security and network protection solutions, and SOC solutions
- Assessing new and emerging cyber security solutions and technology trends and industry analysis, including, but not limited to wireless network security practices including authentication and edge security
- Presenting to various stakeholders, as needed
- Provide status and project status reports on other deliverables assigned.
- Deliver on other duties as assigned.
- 4+ years hands-on experience with cyber security, network security and network protection solutions and technologies – preferably for Ontario K-12 school boards, including:
- Next-generation cyber security technologies leveraging artificial intelligence (AI) and machine learning (ML)
- Security Information and Event Management (SIEM) including Microsoft Sentinel, Splunk, AlienVault and FortiSiem
- Endpoint protection (EPP), Endpoint detection and response (EDR), Extended Detection and Response (XDR) and other endpoint security solutions
- Identity Management (IdM) and identity security
- Incident Management (IM)
- 4+ years' hands-on experience with authentication solutions and technologies – preferably for Ontario K-12 school boards, including:
- 2+ years demonstrated hands-on experience providing security operations center (SOC) troubleshooting, support, industry research, products reviews and automation including SOC technologies, services, and equipment, but not limited to:
- 2+ years' hands-on experience with software-defined networking (SDN, SD-WAN), in particular, Fortinet, Meraki, Palo Alto, and Aruba – preferably for Ontario K-12 school boards
- 2+ years' hands-on experience in data monitoring and management systems, in particular, SolarWinds, FortiManager, and Panorama – preferably for Ontario K-12 school boards
- 3+ years' experience in preparing written materials (e.g., status reports, recommendations, briefing notes)
- 3+ years' coordinating complex technical work with multiple IT teams, internal and external to the Ministry
- Cyber security certification (e.g. CEH, CISSP or CISM)
- 4+ years' hands-on experience working with Ontario K-12 school boards, in particular with school board networks and network security
- 5+ years' experience in network security on advanced SD networks – preferably for Ontario K-12 school boards
- 4+ years hands-on experience with cyber security, network security and network protection solutions and technologies – preferably for Ontario K-12 school boards, including:
- Next-generation cyber security technologies leveraging automation, artificial intelligence (AI) and machine learning (ML)
- Next-generation firewalls (specifically Fortinet, Meraki, Palo Alto),
- Network access control (e.g., HPE Aruba ClearPass, FortiNAC),
- Security Information and Event Management (SIEM) and Security Orchestration, Automation and Response (SOAR) including Microsoft Sentinel, Splunk, Google Chronicle, and FortiSIEM
- Endpoint security solutions - Endpoint protection (EPP), Endpoint detection and response (EDR), Extended Detection and Response (XDR)
- Cloud-based cyber security solutions such as Secure Web Gateway (SWG), Cloud Access Security Broker (CASB) and Zero-Trust Network access as available SASE (such as Zscaler, Netskope, Cisco Umbrella, etc.),
- Distributed denial of service (DDoS) protection,
- Advanced intrusion prevention systems (IPS), and intrusion detection systems (IDS)
- Identity Management (IdM), Privileged Access Management and other identity security solutions
- Automated patching solutions
- Incident Response (IR) and Incident Management (IM)
- Operation Technology (OT) security
- 4+ years' hands-on experience with authentication solutions and technologies – preferably for Ontario K-12 school boards, including:
- Password-based and passwordless authentication
- Multi-factor authentication (MFA)
- Certificate-based authentication
- Biometric authentication (e.g., Fast Identity online (FIDO) Universal 2nd Factor (U2F), FIDO2, Google Authenticator, Security Assertion Markup Language (SAML))
- 2+ years demonstrated hands-on experience providing security operations center (SOC) troubleshooting, support, industry research, products reviews and automation including SOC technologies, services, and equipment, but not limited to:
- SIEM
- SOAR
- SASE
- Demonstrated hands-on experience with cyber security industry frameworks such as NIST Cyber Protection Framework and 800 series, CIS Controls v8, COBIT and ISO 27001
- Knowledge of the new draft NIST Cyber Security Framework v2.0
- Demonstrated experience assessing and evaluating new and emerging network technologies with pilots and proof-of-concepts
- Excellent knowledge and exposure to IoT cyber security issues and data capturing mechanism
- 3+ years' hands-on experience with network infrastructure solutions and technologies including LAN/WAN, VPN, VLAN, and hardware (servers, switches, routers, firewalls)
- 2+ years' hands-on experience with Ontario K-12 school boards' networks (WAN, LAN, Wi-Fi, internet service delivery)
- 2+ years' hands-on experience with software-defined networking (SDN, SD-WAN), in particular, Fortinet, Meraki, Palo Alto, and Aruba – preferably for Ontario K-12 school boards
- 2+ years' hands-on experience in data monitoring and management systems, in particular, SolarWinds, FortiManager, and Panorama – preferably for Ontario K-12 school boards
- 2+ years' hands-on experience with network data traffic awareness, monitoring and analysis tools and technologies, including SolarWinds, PRTG (Paessler Router Traffic Grapher), and Wireshark Network Analyzer – preferably for Ontario K-12 school boards
- 2+ years' hands-on experience with data logging mechanisms and technologies including Syslog, IPFix and NetFlow – preferably for Ontario K-12 school boards
- 2+ years' hands-on experience configuring, troubleshooting, and administering network protocols such as MPLS, VPLS, and VLAN Trunking Protocol (VTP)
- Hands-on experience performing network load testing, testing analysis, and risk assessments to ensure sound network architecture – preferably for Ontario K-12 school boards
- Providing subject matter expertise for the design, development and delivery of technical training courses and demonstrations on SDN, NTDM, NG-SEC architecture and products to support Ontario K-12 school boards' broadband modernization implementations
- Demonstrated experience assessing and evaluating new and emerging network technologies with pilots and proof-of-concepts
- 3+ years' experience in effectively presenting to management teams and external stakeholders
- 3+ years' experience in preparing written materials (e.g., status reports, recommendations, briefing notes)
- 3+ years' coordinating complex technical work with multiple IT teams, internal and external to the Ministry
- Relevant vendor certifications or equivalent work experience
- Postgraduate degree (e.g., M.Sc. and/or Ph.D.) in computer science or engineering preferred
- Cyber security certification (e.g., CEH, CISSP or CISM)
- Knowledge of Government of Ontario standards (e.g., GO-ITS) and relevant policies and legislation
- 4+ years' hands-on experience working with Ontario K-12 school boards, in particular with school board networks and network security
- Hands-on experience providing support, troubleshooting, and delivery of technical training courses to Ontario K-12 school boards
RQ07326 - Technology Architect - Senior - Toronto, Canada - Maarut Inc
Description
Description:
The Senior Technology Architect, role requires extensive knowledge of network connectivity, network security, cyber security and internet technologies with demonstrated hands-on experience analyzing, configuring, implementing, and troubleshooting network, network security and cyber security solutions for the Ontario K-12 school board environment. This resource is responsible for, but not limited to:
This work involves working in close partnership with various government departments, the K-12 education sector, telecommunications providers and network and cyber security technology vendors to develop tailored approaches and implementation plans.
The manager may assign school board-related work for other initiatives, as required.
Requirements
Experience and Skill Set Requirements:
Must haves:
Cyber Security and Network Security:
Network Technology:
Coordination Skills and Experience:
Strong communication skills as demonstrated through:
Industry Certifications / Relevant Degrees:
Nice-to-have:
Public Sector Experience:
Skill Set Requirements:
Cyber Security and Network Security:
Network Technology:
Coordination Skills and Experience:
Strong communication skills as demonstrated through:
Industry Certifications / Relevant Degrees:
Public Sector Experience: