Senior Technology Architect - Toronto, Canada - GTT, LLC

    GTT, LLC
    GTT, LLC Toronto, Canada

    2 weeks ago

    Default job background
    Contract
    Description
    Senior Technology Architect
    • Contract Duration 3 Months

    Job Overview:
    • Our client unit provides strategic vision, leadership, and support for the development and implementation of modernized I&IT solutions in the public education sector and associated stakeholders.
    • Responsibilities of the Client unit include: developing a vision and implementation strategy for evolving network technology platforms in the K 12 sector; working closely with stakeholder partners to assist in achieving sector and strategic goals and objectives through innovative network and network security solutions; and acquiring intelligence for the sector through developing and managing relationships with sector organizations and network/network security organizations such as telecommunications service providers and network technology and service providers.

    Job Responsibilities:
    • The Senior Technology Architect role requires extensive knowledge and experience with cyber security frameworks and controls to reduce the impact of evolving cyber threats in the Ontario K-12 school board environment. Knowledge and experience with online privacy and cyber safety as it applies to minors and K-12 is also highly desirable.
    • Common framework, standards, and policy(ies) provide a consistent, common mapping for all which will in turn provide a common means to demonstrate assurance/compliance and ability to defend against current and future cyber threats to K-12.

    The Specialized IT Consultant, Senior resource is responsible for, but not limited to:

    • Contributing to a tailored cyber security framework that is based primarily on NIST Cybersecurity Framework (CSF) v2, with considerations from other industry frameworks and standards such as SANS/CIS Controls v8, COBIT, ISO, etc.
    • Developing standards for priority cyber security, privacy protection, and online safety controls applicable to K-12, including documented guidance
    • Providing hands-on subject matter expertise and guidance to support the adoption of framework, standards, and policy(ies)
    • Ensuring alignment with modern security operation (SecOps) practices leveraging automation, artificial intelligence, and machine learning
    • Collaborating with other parts of the government (e.g., Ontario Cyber Security Division) to consider linkages with OPS and BPS cyber security priorities and standards, and alignment with other workstreams of the cyber protection strategy such as cyber security and privacy assessments to identify linkages and interconnections and facilitate alignment.
    • Presenting to various stakeholders to seek feedback, as needed.
    • Delivering on other duties as assigned.
    • Providing progress and project status reports on all deliverables assigned.

    This work involves working in close partnership with various government departments and the K-12 education sector.
    Our client may assign school board-related work for other initiatives, as needed.


    Must Haves

    5+ years' experience mapping and adapting cyber security frameworks such as NIST Cybersecurity Framework (CSF) v2, COBIT, CIS Controls v8, and ISO 27001 for adoption by an organization comparable in size and complexity to a school board.

    • 5+ years' experience integrating and implementing cyber security frameworks, and cyber security controls into an organization's enterprise risk management practice, governance, and overall organization including associated change management practices.
    • Experience with the adoption of capability maturity models such as Capability Maturity Model Integration (CMMI) and Cybersecurity Maturity Model Certification (CMMC) is desirable
    • Security certification is mandatory (Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM))

    Nice to Have:
    • 5+ years' hands-on experience working with large public sector environments, preferably with K-12 school boards

    Evaluation Criteria:

    Cyber Security and Privacy – 60%

    • 5+ years' experience mapping and adapting cyber security frameworks such as NIST Cybersecurity Framework (CSF) v2, COBIT, CIS Controls v8, and ISO 27001 for adoption by an organization comparable in size and complexity to a school board.
    • 5+ years' experience integrating and implementing cyber security frameworks, and cyber security controls into an organization's enterprise risk management practice, governance, and overall organization including associated change management practices.
    • 5+ years' experience performing security analysis, developing and implementing cyber security and online privacy policies, standards, and guidelines, preferably for the public sector or broader public sector.
    • Demonstrated experience applying privacy frameworks such as the NIST Privacy Framework v1.1 and ISO/IEC 27701 is highly desirable.
    • Demonstrated experience performing cyber/online safety analysis, and developing and implementing cyber safety policies, standards, and guidelines are highly desirable.
    • Experience with the adoption of capability maturity models such as Capability Maturity Model Integration (CMMI) and Cybersecurity Maturity Model Certification (CMMC) is desirable
    • Excellent knowledge of applicable legislation such as Municipal Freedom of Information and Protection of Privacy Act (MFIPPA). Knowledge of the Education Act is desirable.
    • Excellent knowledge and exposure to the Internet of Things (IoT) or Operational Technology (OT) security issues is desirable.


    Communication Skills and Experience – 20%

    Strong communication skills as demonstrated through:

    • 10+ years' experience in effectively presenting to senior management management teams and external stakeholders
    • 10+ years' experience in preparing written materials (e.g., security and privacy reports, status reports, recommendations, briefing notes) for practitioners and management levels.


    Industry Certifications / Relevant Degrees – 15%

    • Security certification is mandatory (Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM))
    • Privacy certification (Certified Information Privacy Professional (CIPP)) is desirable
    • Other certifications CISA, CASP+


    Public Sector Experience – 5%

    • 5+ years' hands-on experience working with large public sector environments, preferably with K-12 school boards
    • 5+ years applying Ontario's cyber security standards.

    Note:
    • Hybrid role- 3-days per week onsite required

    #gttca
    #LI-GTT