We are seeking a highly accomplished Senior Technology Architect with master-level expertise in cyber security governance, risk, and compliance (GRC) to orchestrate a unified, sector-wide cyber defense framework for Ontario's K–12 education and Broader Public Sector (BPS) environments. In this role, you will lead the adaptation, mapping, and str
...
uctural deployment of comprehensive security models that protect corporate systems, ensure online privacy safeguards for minors, and elevate cyber resilience. Acting as a principal strategist, you will translate industry-standard frameworks into actionable technical standards and non-technical playbooks, aligning decentralized school boards with upcoming provincial digital trust mandates.
Location: Toronto, ON (Hybrid - 2 days per week onsite, 3 days remote)
Duration: 12-month contract (with extension options through October 2027 and beyond)
Advantages
Systemic Legacy Impact: Hold complete technical design authorship over a unified cybersecurity and privacy standard protecting over 70 school boards and millions of identities across Ontario.
Strategic GRC Authority: Move beyond isolated engineering to command a high-profile advisory role influencing enterprise policies, public investments, and provincial risk postures.
Advanced Architecture Mapping Sandbox: Work at the premier intersection of core enterprise infrastructure, data privacy legislation, and modern automated defense capabilities.
Long-Term Flexible Runway: Capitalize on a stable 12-month technical engagement with a balanced hybrid cadence and multi-year extension pathways.
Responsibilities
Cyber Security Framework Architecture: Lead the technical adaptation, harmonization, and authoring of a tailored K–12 security blueprint grounded in the NIST Cybersecurity Framework (CSF) v2 and CIS Controls v8, while integrating applicable matrices from COBIT and ISO/IEC 27001.
Privacy & Minor Cyber Safety Engineering: Design and document foundational standards, guidelines, and privacy-by-design templates to secure student data systems, balancing structural configurations with the NIST Privacy Framework v1.1 and ISO/IEC 27701.
Governance, Risk & Compliance (GRC) Integration: Infuse modern GRC practices into enterprise structures—authoring sector-wide information security policies, change management parameters, and operational risk mitigation playbooks.
SecOps & Next-Generation Solution Alignment: Align the sector-specific framework with advanced Security Operations (SecOps), ensuring telemetry patterns leverage automated workflows, machine learning (ML), and artificial intelligence (AI) engines for preemptive threat analysis.
Corporate & Inter-Ministerial Collaboration: Partner closely with internal technical headers, corporate ministries, and specialized divisions (including the Ontario Cyber Security Division) to harmonize K–12 initiatives with broader public sector infrastructure rules.
Capability Maturity Assessment: Establish baseline evaluation controls across school boards, deploying capability maturity matrices (modeled after CMMC or CMMI) to track organizational security progress and assurance metrics.
Legislative & Policy Enforcements: Ensure all architecture documents and operational guidance profiles strictly comply with regional statutes, including the Municipal Freedom of Information and Protection of Privacy Act (MFIPPA), the Education Act, and the Enhancing Digital Security and Trust Act, 2024 (EDSTA).
Executive Advisory & Stakeholder Engagement: Prepare high-level visual reports, comprehensive briefing notes, and strategic options assessments to lead consensus-building sessions, working groups, and forums across technical and non-technical audiences.
Qualifications
Core Cybersecurity Governance Seniority: 10+ years of progressive professional experience mapping, adapting, and deploying enterprise-level cybersecurity frameworks (NIST CSF v2, CIS Controls v8, COBIT, or ISO/IEC 27001) for highly complex, multi-tenant organizations.
Risk Integration & Change Management: 10+ years of experience structurally embedding security controls into enterprise risk systems, corporate governance, and cross-functional operational practices.
Policy Architecture & Assessment Experience: 10+ years of experience executing formal security risk assessments, threat modeling, and authoring technical and non-technical policies, standards, and guidelines.
Privacy & Cyber Safety Fluency: Practical, professional experience applying dedicated privacy principles (NIST Privacy Framework, ISO/IEC 27701) and establishing safety standards tailored to protected user populations or minors.
Public Sector Regulatory Domain Depth: Minimum of 5+ years of hands-on experience working inside a large public sector framework or health/education authority, demonstrating extensive familiarity with regional security mandates (GO-ITS 25.x series IT standards strictly required).
Privacy Legislation Literacy: Strong working knowledge of regional privacy statutes (MFIPPA) paired with a functional understanding of broader public sector rules (such as the Education Act or EDSTA 2024).
Executive Communication & Articulation: 10+ years of experience constructing briefing notes, technical recommendations, and delivering high-impact presentations to executive management and external stakeholder steering groups.
Mandatory Industry Certifications:
Must possess at least one of the following active industry designations:
CISSP (Certified Information Systems Security Professional)
CISM (Certified Information Security Manager)
Highly Desirable Assets:
Formal data privacy credentials, such as an active CIPP (Certified Information Privacy Professional) designation.
Complementary certifications such as CISA, CASP+, or formal training in maturity assessment matrices (CMMC / CMMI).
Basic structural exposure to IoT or Operational Technology (OT) security boundaries within multi-site facilities.
Summary
If you're interested in the "Senior Technology Architect" role based in Toronto, we encourage you to apply online at www.randstad.ca. Only qualified candidates will be contacted for the next steps. We look forward to hearing from you!
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
This posting is for existing and upcoming vacancies.
show more
We are seeking a highly accomplished Senior Technology Architect with master-level expertise in cyber security governance, risk, and compliance (GRC) to orchestrate a unified, sector-wide cyber defense framework for Ontario's K–12 education and Broader Public Sector (BPS) environments. In this role, you will lead the adaptation, mapping, and structural deployment of comprehensive security models that protect corporate systems, ensure online privacy safeguards for minors, and elevate cyber resilience. Acting as a principal strategist, you will translate industry-standard frameworks into actionable technical standards and non-technical playbooks, aligning decentralized school boards with upcoming provincial digital trust mandates.
Location: Toronto, ON (Hybrid - 2 days per week onsite, 3 days remote)
Duration: 12-month contract (with extension options through October 2027 and beyond)
Advantages
Systemic Legacy Impact: Hold complete technical design authorship over a unified cybersecurity and privacy standard protecting over 70 school boards and millions of identities across Ontario.
...
Strategic GRC Authority: Move beyond isolated engineering to command a high-profile advisory role influencing enterprise policies, public investments, and provincial risk postures.
Advanced Architecture Mapping Sandbox: Work at the premier intersection of core enterprise infrastructure, data privacy legislation, and modern automated defense capabilities.
Long-Term Flexible Runway: Capitalize on a stable 12-month technical engagement with a balanced hybrid cadence and multi-year extension pathways.
Responsibilities
Cyber Security Framework Architecture: Lead the technical adaptation, harmonization, and authoring of a tailored K–12 security blueprint grounded in the NIST Cybersecurity Framework (CSF) v2 and CIS Controls v8, while integrating applicable matrices from COBIT and ISO/IEC 27001.
Privacy & Minor Cyber Safety Engineering: Design and document foundational standards, guidelines, and privacy-by-design templates to secure student data systems, balancing structural configurations with the NIST Privacy Framework v1.1 and ISO/IEC 27701.
Governance, Risk & Compliance (GRC) Integration: Infuse modern GRC practices into enterprise structures—authoring sector-wide information security policies, change management parameters, and operational risk mitigation playbooks.
SecOps & Next-Generation Solution Alignment: Align the sector-specific framework with advanced Security Operations (SecOps), ensuring telemetry patterns leverage automated workflows, machine learning (ML), and artificial intelligence (AI) engines for preemptive threat analysis.
Corporate & Inter-Ministerial Collaboration: Partner closely with internal technical headers, corporate ministries, and specialized divisions (including the Ontario Cyber Security Division) to harmonize K–12 initiatives with broader public sector infrastructure rules.
Capability Maturity Assessment: Establish baseline evaluation controls across school boards, deploying capability maturity matrices (modeled after CMMC or CMMI) to track organizational security progress and assurance metrics.
Legislative & Policy Enforcements: Ensure all architecture documents and operational guidance profiles strictly comply with regional statutes, including the Municipal Freedom of Information and Protection of Privacy Act (MFIPPA), the Education Act, and the Enhancing Digital Security and Trust Act, 2024 (EDSTA).
Executive Advisory & Stakeholder Engagement: Prepare high-level visual reports, comprehensive briefing notes, and strategic options assessments to lead consensus-building sessions, working groups, and forums across technical and non-technical audiences.
Qualifications
Core Cybersecurity Governance Seniority: 10+ years of progressive professional experience mapping, adapting, and deploying enterprise-level cybersecurity frameworks (NIST CSF v2, CIS Controls v8, COBIT, or ISO/IEC 27001) for highly complex, multi-tenant organizations.
Risk Integration & Change Management: 10+ years of experience structurally embedding security controls into enterprise risk systems, corporate governance, and cross-functional operational practices.
Policy Architecture & Assessment Experience: 10+ years of experience executing formal security risk assessments, threat modeling, and authoring technical and non-technical policies, standards, and guidelines.
Privacy & Cyber Safety Fluency: Practical, professional experience applying dedicated privacy principles (NIST Privacy Framework, ISO/IEC 27701) and establishing safety standards tailored to protected user populations or minors.
Public Sector Regulatory Domain Depth: Minimum of 5+ years of hands-on experience working inside a large public sector framework or health/education authority, demonstrating extensive familiarity with regional security mandates (GO-ITS 25.x series IT standards strictly required).
Privacy Legislation Literacy: Strong working knowledge of regional privacy statutes (MFIPPA) paired with a functional understanding of broader public sector rules (such as the Education Act or EDSTA 2024).
Executive Communication & Articulation: 10+ years of experience constructing briefing notes, technical recommendations, and delivering high-impact presentations to executive management and external stakeholder steering groups.
Mandatory Industry Certifications:
Must possess at least one of the following active industry designations:
CISSP (Certified Information Systems Security Professional)
CISM (Certified Information Security Manager)
Highly Desirable Assets:
Formal data privacy credentials, such as an active CIPP (Certified Information Privacy Professional) designation.
Complementary certifications such as CISA, CASP+, or formal training in maturity assessment matrices (CMMC / CMMI).
Basic structural exposure to IoT or Operational Technology (OT) security boundaries within multi-site facilities.
Summary
If you're interested in the "Senior Technology Architect" role based in Toronto, we encourage you to apply online at www.randstad.ca. Only qualified candidates will be contacted for the next steps. We look forward to hearing from you!
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
This posting is for existing and upcoming vacancies.
show more