Senior Technology Architect

Job Description:

Experience and Skill Set Requirements:

Cyber Security and Network Security Expertise 40%:

• 10+ years in cyber security solutions and next-generation network security, with a focus on hands-on implementation, configuration, and troubleshooting.
• Zero-trust architecture (ZTA).
• Cloud security architecture (e.g., Azure, AWS, Google Cloud).
• MITRE ATT&CK, D3FEND, and ATLAS frameworks.
• NIST Cybersecurity Framework (CSF) v2, CIS Controls v8.
• AI/ML-driven cyber security and agentic AI-based automation.
• Security automation (static and dynamic) and playbook development.
• Endpoint security solutions (EPP, EDR, XDR).
• Advanced IPS/IDS, DDoS protection, and network access control.
• Identity security and authentication (passwordless, password-based, certificate-based, 2FA, MFA).
• Incident response and incident management (IR/IM).
• Automated vulnerability management and patching.
• User and Entity Behaviour Analytics (UEBA).
• Penetration testing and automated red teaming.
• OT security.
• Strong knowledge of layered security controls and risk-informed cybersecurity models (NIST CSF v2, CIS Controls v8).
• DemonstXXd ability to assess and evaluate emerging cybersecurity technologies through pilots and proof-of-concepts.

• Experience developing observability dashboards and managing KPIs/KRIs to measure MSSP performance and automation maturity.
• Ability to translate operational metrics into strategic insights for continuous service improvement.
• Experience leading maturity assessments and roadmaps for automation adoption across hybrid security operations.
• Proven experience designing and implementing hybrid (internal and outsourced) security operations models.
• Integration and optimization of security solutions between internal teams and MSSPs.
• Expertise in SIEM, SOAR, EDR/XDR, and threat intelligence platforms in hybrid environments.
• Development and tuning of automation and orchestration workflows.
• Governance, risk, and compliance in hybrid security operations.
• Strong knowledge of MSSP, MDR, and SOCaaS models.
• Awareness of AI/ML-driven cybersecurity trends and their potential impact on TDIR, without requiring hands-on implementation.

• 5+ years of experience presenting to senior and executive management and external stakeholders.
• 5+ years' coordinating and leading complex technical work with multiple IT teams, internal and external stakeholders.
• 5+ years of experience preparing written materials (e.g., status reports, recommendations, briefing notes) and experience maintaining security content (rules, dashboards, playbooks) across shared platforms.
• 5+ years of experience delivering cyber security upskilling training to IT and security teams.

• Relevant vendor certifications or equivalent work experience.
• Bachelor's degree in computer science, cyber security, or a related field.
• Postgraduate degree (e.g., M.Sc. and/or Ph.D.) in computer science, cyber security, or engineering is preferred.
• Cyber security certification(s). Preference is Certified Information Systems Security Professional (CISSP), Certified Information Security Candidateager (CISM), Certified Cloud Security Professional (CCSP). Other examples include Certified Ethical Hacker (CEH), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRIClient).

• Knowledge of client standards (e.g., GO-ITS) and relevant legislation (e.g., Bill 194 / EDSTA).

• Security Service Edge (SSE) / Secure Access Service Edge (SASE) including integration of network and security functions including Secure Web Gateway (SWG), Cloud Access Security Broker (CASB) and Zero-Trust Network Architecture, Firewall-as-a-service (FWaaS).
• SD-WAN (Software-defined Wide Area Network) and Software-defined networking (SDN).
• Endpoint protection platforms (EPP), endpoint detection and response (EDR), and extended detection and response (XDR) solutions.
• Advanced intrusion prevention systems (IPS), intrusion detection systems (IDS), network access control, and Distributed denial of service (DDoS) protection.
• Identity security and authentication solutions (passwordless, password-based, certificate-based, MFA).
• Incident Response and Incident Candidateagement (IR and IM) solutions.
• Automated vulnerability and patching.
• User and Entity Behaviour Analytics (UEBA).
• Providing technical guidance, delivering solution, training, and implementation support for hybrid cyber security operating models involving both in-house and outsourced MSSP (Candidateaged Security Services Provider) capabilities, including:
• MSSP integration and optimization.
• Security Operations functions and architecture.
• Threat detection and incident response.
• SIEM, SOAR, EDR/XDR, and threat intelligence platforms in a hybrid implementation.
• Automation and orchestration workflows.
• Governance, risk, and compliance in a hybrid (in-house and outsourced) security operations environment.
• Providing subject matter expertise in network operations centre (NOC) and security operations centre (SOC) technologies, services, and tools including, but not limited to:
• Security Information and Event Candidateagement (SIEM).
• Security Orchestration, Automation and Response (SOAR).
• Lead the development and refinement of SOC performance metrics, including KPIs and KRIs, to ensure alignment with board-level security objectives and MSSP accountability frameworks.
• Analyzing, configuring, and troubleshooting scalable, risk-informed cyber security and SecOps solutions across multiple boards, leveraging organizational frameworks, layered security controls, and AI-driven automation.
• Defining and maintaining reference architectures that integXX SOAR and zero-trust principles to enable scalable threat detection and response, with awareness of emerging AI-driven capabilities.
• Incorporating threat-informed design methodologies using MITRE ATT&CK Kill Chain analysis to shape detection and defense capabilities.
• Providing strategic consultancy on the collective interests of boards in architectural governance, vendor engagement, and MSSP performance assessments, ensuring security strategies remain locally relevant and globally resilient.
• Supporting the adoption and operationalization of shared security service models by defining roles and responsibilities, onboarding patterns, and governance structures across participating boards.
• Facilitating insight-to-foresight collaboration with MSSPs by training stakeholders on the implications of security metrics, detection logic evolution, and continuous improvement loops.
• Staying abreast of the cyber threat landscape and assessing new and emerging cyber security solutions and technology trends to provide subject matter expertise, guidance, and advice on tactical and operational cyber security and network security practices.
• Developing and maintaining detailed system documentation and technical specifications for various solutions and architectures-including blueprints, risk models, onboarding patterns, and technical guides-to support boards transitioning to secure, automated operational models.
• Deliver targeted training to board IT and security teams on working effectively with MSPs/MSSPs, including shared roles, escalation protocols, and interpreting service-level metrics.
• Presenting to senior and executive management and external senior stakeholders, as needed.
• Providing regular status updates and project reports on assigned deliverables.
• Taking a collaborative approach to solution definition, development, and implementation with multiple stakeholder groups with differing needs and expectations.
• Aligning with industry and legislative advancements at the federal, provincial/local level (e.g., Bill 194 / EDSTA).
• Delivering on other duties as assigned.