We are seeking a highly accomplished Senior Technology Architect specializing in Cyber Security Risk Governance and Threat Risk Assessments (TRA) to champion the cyber resilience and data privacy of Ontario’s K–12 school boards. In this role, you will take technical ownership of discovering structural vulnerabilities, evaluating digital posture
...
maturity gaps, and constructing customized remediation roadmaps across individual school boards and sector-wide frameworks. Operating at the vital intersection of enterprise technical architecture, threat risk engineering, and the protection of minor populations, you will transform raw diagnostic assessments into secure, actionable controls aligned with modern provincial digital trust mandates.
Location: Toronto, ON (Hybrid - 2 days per week onsite, 3 days remote)
Duration: 12-month contract (with extension options through October 2027 and beyond)
Advantages
Systemic Legacy Impact: Govern the security evaluation and protection blueprint directly safeguarding the digital identities, privacy profiles, and networks of millions of students and educators across Ontario.
Strategic GRC Authority: Command a premier technical advisory footprint shaping corporate policy, risk tolerances, and public sector investment tracks.
Emerging Tech Sandbox Assessment: Evaluate cutting-edge tech adoption layers within the public sector, from high-density IoT campuses to modern generative AI tools.
Long-Term Flexible Runway: Capitalize on a stable 12-month technical engagement with a balanced hybrid cadence and multi-year extension pathways.
Responsibilities
Comprehensive Risk & Threat Profiling: Lead and execute advanced Threat Risk Assessments (TRAs), GRC program evaluations, and technical cybersecurity/privacy reviews across distributed school board infrastructures.
Remediation Architecture & Tailoring: Design and deploy actionable, right-sized remediation roadmaps to strengthen existing defensive controls and integrate next-generation security safeguards specific to the K–12 education landscape.
Youth Data & Privacy Engineering: Architect robust privacy safeguards focused directly on minors, leveraging the NIST Privacy Framework and ISO/IEC 27701 to de-risk identity exposures across student applications, IoT devices, and emerging AI/LLM educational tools.
Maturity Benchmarking & Tooling: Drive the development, validation, and optimization of sector-wide diagnostic infrastructure, such as the Cybersecurity and Privacy Assessment Tool (CPAT), applying NIST-based and CMMI capability maturity models.
Advanced Data Analytics & Insights: Apply mathematical and data analytics techniques to parse raw, sector-wide assessment datasets into highly precise risk logs, predictive patterns, and automated visual dashboards.
Lifecycle Post-Incident Advisory: Perform forensic root-cause analysis and provide technical mitigation strategies following active security or privacy anomalies, ensuring lessons learned are immediately updated into live control playbooks and policies.
Framework Harmonization: Align local infrastructure postures against global matrices, specializing in the practical application of the NIST Cybersecurity Framework (CSF) v2.0, CIS Critical Security Controls v8, and ISO/IEC 27001.
Statutory Compliance Enforcement: Evaluate and map all reference designs to guarantee strict compliance with regional and federal privacy laws, specifically MFIPPA, the Canadian Privacy Act, and the Enhancing Digital Security and Trust Act, 2024 (EDSTA).
Executive Presentation & Stakeholder Advisory: Translate complex technical exploits, cryptographic gaps, and data risks into clear, non-technical plain-language narratives, briefings, and presentations tailored for C-suite executives, school board trustees, and ministry partners.
Qualifications
Core Cybersecurity Assessment Seniority: 10+ years of progressive professional experience leading, structuring, and executing Threat Risk Assessments (TRAs) and cybersecurity GRC program evaluations within large enterprise or public sector landscapes.
Control Evaluation & Architecture Mapping: 10+ years of hands-on experience evaluating technical, administrative, and cloud security controls, creating data-driven risk logs, and writing actionable remediation blueprints.
Framework Mastery (NIST CSF v2): 10+ years of deep practical alignment experience working with foundational frameworks, with an explicit preference for NIST CSF v2.0, CIS Controls v8, and ISO/IEC 27001.
Privacy and Youth Safeguard Acumen: Proven background designing or reviewing privacy controls based on the NIST Privacy Framework or ISO 27701, with an emphasis on user account safety or minor data protection.
Advanced Analytical Capabilities: Practical experience utilizing data analytics or statistical modeling to ingest raw information and build highly informative executive visuals and risk matrices.
Ontario Education Sector Expertise: Minimum of 5+ years of direct experience supporting or assessing Ontario K–12 school board network and cybersecurity environments is strictly required.
Public Sector Governance Literacy: Strong operational understanding of Government of Ontario standards (including GO-ITS infrastructure directives), and regional privacy statutes (MFIPPA and EDSTA 2024).
Executive Communication & Synthesis: 10+ years of experience drafting formal technical assessment sheets, briefing notes, and delivering high-impact risk presentations to executive steering boards and non-technical stakeholders.
Required Industry Certifications:
Must possess at least one recognized cybersecurity designation:
CISSP (Certified Information Systems Security Professional)
CISM (Certified Information Security Manager)
Highly Desirable Assets:
Formal data privacy credentials, such as an active CIPP, CIPM, or CIPT designation.
Post-secondary education (Bachelor's or Master's degree) in Information Security, Computer Science, or an approved equivalent engineering discipline.
Summary
If you're interested in the "Senior Technology Architect" role based in Toronto, we encourage you to apply online at www.randstad.ca. Only qualified candidates will be contacted for the next steps. We look forward to hearing from you!
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
This posting is for existing and upcoming vacancies.
show more
We are seeking a highly accomplished Senior Technology Architect specializing in Cyber Security Risk Governance and Threat Risk Assessments (TRA) to champion the cyber resilience and data privacy of Ontario’s K–12 school boards. In this role, you will take technical ownership of discovering structural vulnerabilities, evaluating digital posture maturity gaps, and constructing customized remediation roadmaps across individual school boards and sector-wide frameworks. Operating at the vital intersection of enterprise technical architecture, threat risk engineering, and the protection of minor populations, you will transform raw diagnostic assessments into secure, actionable controls aligned with modern provincial digital trust mandates.
Location: Toronto, ON (Hybrid - 2 days per week onsite, 3 days remote)
Duration: 12-month contract (with extension options through October 2027 and beyond)
Advantages
Systemic Legacy Impact: Govern the security evaluation and protection blueprint directly safeguarding the digital identities, privacy profiles, and networks of millions of students and educators across Ontario.
...
Strategic GRC Authority: Command a premier technical advisory footprint shaping corporate policy, risk tolerances, and public sector investment tracks.
Emerging Tech Sandbox Assessment: Evaluate cutting-edge tech adoption layers within the public sector, from high-density IoT campuses to modern generative AI tools.
Long-Term Flexible Runway: Capitalize on a stable 12-month technical engagement with a balanced hybrid cadence and multi-year extension pathways.
Responsibilities
Comprehensive Risk & Threat Profiling: Lead and execute advanced Threat Risk Assessments (TRAs), GRC program evaluations, and technical cybersecurity/privacy reviews across distributed school board infrastructures.
Remediation Architecture & Tailoring: Design and deploy actionable, right-sized remediation roadmaps to strengthen existing defensive controls and integrate next-generation security safeguards specific to the K–12 education landscape.
Youth Data & Privacy Engineering: Architect robust privacy safeguards focused directly on minors, leveraging the NIST Privacy Framework and ISO/IEC 27701 to de-risk identity exposures across student applications, IoT devices, and emerging AI/LLM educational tools.
Maturity Benchmarking & Tooling: Drive the development, validation, and optimization of sector-wide diagnostic infrastructure, such as the Cybersecurity and Privacy Assessment Tool (CPAT), applying NIST-based and CMMI capability maturity models.
Advanced Data Analytics & Insights: Apply mathematical and data analytics techniques to parse raw, sector-wide assessment datasets into highly precise risk logs, predictive patterns, and automated visual dashboards.
Lifecycle Post-Incident Advisory: Perform forensic root-cause analysis and provide technical mitigation strategies following active security or privacy anomalies, ensuring lessons learned are immediately updated into live control playbooks and policies.
Framework Harmonization: Align local infrastructure postures against global matrices, specializing in the practical application of the NIST Cybersecurity Framework (CSF) v2.0, CIS Critical Security Controls v8, and ISO/IEC 27001.
Statutory Compliance Enforcement: Evaluate and map all reference designs to guarantee strict compliance with regional and federal privacy laws, specifically MFIPPA, the Canadian Privacy Act, and the Enhancing Digital Security and Trust Act, 2024 (EDSTA).
Executive Presentation & Stakeholder Advisory: Translate complex technical exploits, cryptographic gaps, and data risks into clear, non-technical plain-language narratives, briefings, and presentations tailored for C-suite executives, school board trustees, and ministry partners.
Qualifications
Core Cybersecurity Assessment Seniority: 10+ years of progressive professional experience leading, structuring, and executing Threat Risk Assessments (TRAs) and cybersecurity GRC program evaluations within large enterprise or public sector landscapes.
Control Evaluation & Architecture Mapping: 10+ years of hands-on experience evaluating technical, administrative, and cloud security controls, creating data-driven risk logs, and writing actionable remediation blueprints.
Framework Mastery (NIST CSF v2): 10+ years of deep practical alignment experience working with foundational frameworks, with an explicit preference for NIST CSF v2.0, CIS Controls v8, and ISO/IEC 27001.
Privacy and Youth Safeguard Acumen: Proven background designing or reviewing privacy controls based on the NIST Privacy Framework or ISO 27701, with an emphasis on user account safety or minor data protection.
Advanced Analytical Capabilities: Practical experience utilizing data analytics or statistical modeling to ingest raw information and build highly informative executive visuals and risk matrices.
Ontario Education Sector Expertise: Minimum of 5+ years of direct experience supporting or assessing Ontario K–12 school board network and cybersecurity environments is strictly required.
Public Sector Governance Literacy: Strong operational understanding of Government of Ontario standards (including GO-ITS infrastructure directives), and regional privacy statutes (MFIPPA and EDSTA 2024).
Executive Communication & Synthesis: 10+ years of experience drafting formal technical assessment sheets, briefing notes, and delivering high-impact risk presentations to executive steering boards and non-technical stakeholders.
Required Industry Certifications:
Must possess at least one recognized cybersecurity designation:
CISSP (Certified Information Systems Security Professional)
CISM (Certified Information Security Manager)
Highly Desirable Assets:
Formal data privacy credentials, such as an active CIPP, CIPM, or CIPT designation.
Post-secondary education (Bachelor's or Master's degree) in Information Security, Computer Science, or an approved equivalent engineering discipline.
Summary
If you're interested in the "Senior Technology Architect" role based in Toronto, we encourage you to apply online at www.randstad.ca. Only qualified candidates will be contacted for the next steps. We look forward to hearing from you!
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
This posting is for existing and upcoming vacancies.
show more