Senior Technology Architect

This is a hybrid role.


Advantages
• Hybrid: 3 days onsite / 2 days remote
• Potential for extension
• Earn a competitive rate within the industry


Responsibilities
• Delivering solution and architecture guidance, training, and implementation support for next-generation networks, network protection and cyber security technologies, including:

o Security service edge (SSE) / secure access service edge (SASE) including integration of network and security functions – including secure web gateway (SWG), cloud access security broker (CASB) and zero-trust network architecture, firewall-as-a-service (FWaaS)

o SD-WAN (software-defined wide area network) and software-defined networking (SDN)

o AI and machine learning (ML)-driven network and security technologies

o Endpoint protection platforms (EPP), endpoint detection and response (EDR), and extended detection and response (XDR) solutions

o Advanced intrusion prevention systems (IPS), intrusion detection systems (IDS), network access control and distributed denial of service (DDoS) protection

o Identity security and authentication solutions (passwordless, password-based, certificate-based, MFA)

o Incident Response and Incident Management (IR and IM) solutions

o Automated vulnerability and patching

o User and Entity Behaviour Analytics (UEBA)

o Penetration testing and automated red teaming

o Operation technology (OT) security

• Providing technical guidance, delivering solution, training, and implementation support for hybrid cyber security operating models involving both in-house and outsourced MSSP (managed security services provider) capabilities, including:

o MSSP integration and optimization

o Security operations functions and architecture

o Threat detection and incident response

o Security Information and Event Management (SIEM), Security Orchestration, Automation and Response (SOAR), EDR/XDR, and threat intelligence platforms in a hybrid implementation

o Automation and orchestration workflows

o Risk, and compliance in a hybrid (in-house and outsourced) security operations environment

• Providing subject matter expertise in network operations centre (NOC) and security operations centre (SOC) technologies, services, and tools including, but not limited to:

o Security Information and Event Management (SIEM)

o Security Orchestration, Automation and Response (SOAR)

o Network traffic analyzer, network performance monitoring and network configuration management tools

• Managing and optimizing SIEM, SOAR, EDR/XDR, cloud access security broker (CASB), incident detection and response (IDR) and vulnerability management systems as part of the boards’ SecOps infrastructure.

• Developing, testing, and maintaining threat detection use cases across identity, endpoint, email, network, and cloud environments.

• Leading the analysis for complex incidents, conducting deep-dive investigations and root-cause analysis.

• Providing support for telemetry ingestion, log normalization and real-time correlation of security insights.

• Delivering training and operational guidance to board IT and security teams on threat response workflows and defensive posture validation.

• Providing subject matter expertise, consultancy, and advice on advanced networking technologies (SD-WAN, SASE, ZTNA, NDR) and their convergence with security tools, ensuring seamless observability and controls.

• Conducting baseline reviews, vulnerability triage, and collaborating with managed security service providers (MSSP) to track remediation efforts.

• Maintaining security content (rules, dashboards, playbooks) across shared toolsets and platforms.

• Supporting cross-board threat sharing, ensuring local detection benefit the broader board ecosystem.

• Providing subject matter expertise in the development and delivery of technical training courses to support boards’ cyber resilience efforts.

• Presenting to senior and executive management and external senior stakeholders, as needed.

• Providing regular status updates and project reports on assigned deliverables.

• Taking a collaborative approach to solution definition, development, and implementation with multiple stakeholder groups with differing needs and expectations.

• Aligning with industry and legislative advancements at the federal, provincial/local level (e.g. Bill 194 / Enhancing Digital Security and Trust Act, 2024 (EDSTA)).

• Delivering on other duties as assigned.


Qualifications
Must Haves:

• 5+ years of experience with network infrastructure (LAN/WAN, VPN, VLAN) and hardware (switches, routers, firewalls).

• 5+ years of experience with SDN/SD-WAN technologies (e.g., Fortinet, Meraki, Palo Alto, Aruba).

• 10+ years of experience in cyber security and next-generation network security.

• 5+ years of experience deploying secure architectures and automation workflows

• Proven experience with:

• SSE/SASE (SWG, CASB, FWaaS, ZTNA)

• AI/ML-driven security technologies

• Endpoint security (EPP, EDR, XDR)

• Advanced IPS/IDS, DDoS protection, NAC

• Identity and access management (passwordless, MFA, certificate-based)

• Incident Response and Management (IR/IM)

• Automated vulnerability management and patching

• UEBA and threat behavior analytics

• Experience managing and optimizing SIEM, SOAR, EDR/XDR, CASB, IDR, and vulnerability management platforms.

• Proven ability to develop and maintain threat detection use cases across identity, endpoint, email, network, and cloud.

• Experience conducting deep-dive investigations, root-cause analysis, and incident response.

• Experience designing and implementing hybrid security operations models:

• MSSP integration and optimization

• Risk, and compliance in hybrid environments

• Automation and orchestration workflows

• Bachelor’s degree in computer science, cyber security, or a related field.

• Cyber security certification(s). Preference is Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Cloud Security Professional (CCSP). Other examples include Certified Ethical Hacker (CEH), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC).

Nice to have:

3+ years of experience with Ontario K–12 school board networks (WAN, LAN, Wi-Fi, internet delivery).

• Postgraduate degree (e.g., M.Sc. and/or Ph.D.) in computer science, cyber security or engineering is preferred.

• 5+ years of hands-on experience working in the Ontario K–12 education sector, particularly with school board network and cyber security environments.


Summary
If you are interested in the Senior Technology Architect role in Toronto, please apply online at www.randstad.ca. Qualified candidates will be contacted.


Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.

Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.