Delivering solution and architecture guidance, training, and implementation support for next-generation networks, network protection and cyber security technologies, including:
o Security service edge (SSE) / secure access service edge (SASE) including integration of network and security functions – including secure web gateway (SWG), cloud access security broker (CASB) and zero-trust network architecture, firewall-as-a-service (FWaaS)
o SD-WAN (software-defined wide area network) and software-defined networking (SDN)
o AI and machine learning (ML)-driven network and security technologies
o Endpoint protection platforms (EPP), endpoint detection and response (EDR), and extended detection and response (XDR) solutions
o Advanced intrusion prevention systems (IPS), intrusion detection systems (IDS), network access control and distributed denial of service (DDoS) protection
o Identity security and authentication solutions (passwordless, password-based, certificate-based, MFA)
o Incident Response and Incident Management (IR and IM) solutions
o Automated vulnerability and patching
o User and Entity Behaviour Analytics (UEBA)
o Penetration testing and automated red teaming
o Operation technology (OT) security
· Providing technical guidance, delivering solution, training, and implementation support for hybrid cyber security operating models involving both in-house and outsourced MSSP (managed security services provider) capabilities, including:
o MSSP integration and optimization
o Security operations functions and architecture
o Threat detection and incident response
o Security Information and Event Management (SIEM), Security Orchestration, Automation and Response (SOAR), EDR/XDR, and threat intelligence platforms in a hybrid implementation
o Automation and orchestration workflows
o Governance, risk, and compliance in a hybrid (in-house and outsourced) security operations environment
· Providing subject matter expertise in network operations centre (NOC) and security operations centre (SOC) technologies, services, and tools including, but not limited to:
o Security Information and Event Management (SIEM)
o Security Orchestration, Automation and Response (SOAR)
o Network traffic analyzer, network performance monitoring and network configuration management tools
· Managing and optimizing SIEM, SOAR, EDR/XDR, cloud access security broker (CASB), incident detection and response (IDR) and vulnerability management systems as part of the boards’ SecOps infrastructure.
· Developing, testing, and maintaining threat detection use cases across identity, endpoint, email, network, and cloud environments.
· Leading the analysis for complex incidents, conducting deep-dive investigations and root-cause analysis.
· Providing support for telemetry ingestion, log normalization and real-time correlation of security insights.
· Delivering training and operational guidance to board IT and security teams on threat response workflows and defensive posture validation.
· Providing subject matter expertise, consultancy, and advice on advanced networking technologies (SD-WAN, SASE, ZTNA, NDR) and their convergence with security tools, ensuring seamless observability and controls.
· Conducting baseline reviews, vulnerability triage, and collaborating with managed security service providers (MSSP) to track remediation efforts.
· Maintaining security content (rules, dashboards, playbooks) across shared toolsets and platforms.
· Supporting cross-board threat sharing, ensuring local detection benefit the broader board ecosystem.
· Providing subject matter expertise in the development and delivery of technical training courses to support boards’ cyber resilience efforts.
· Presenting to senior and executive management and external senior stakeholders, as needed.
· Providing regular status updates and project reports on assigned deliverables.
· Taking a collaborative approach to solution definition, development, and implementation with multiple stakeholder groups with differing needs and expectations.
· Aligning with industry and legislative advancements at the federal, provincial/local level (e.g. Bill 194 / Enhancing Digital Security and Trust Act, 2024(EDSTA)).
· Delivering on other duties as assigned.
This work involves working in close partnership with various government departments, the K-12 education sector, telecommunications providers, and network and cyber security technology vendors to develop tailored approaches and implementation plans. To support various stakeholders, the resource must be available to perform hands-on configuration, troubleshooting and training at the client site. Therefore, the resource must be available to travel same day or overnight in Ontario, as needed.
The unit manager may assign other related board work for other unit or branch initiatives, as required.
Skills
Experience and Skill Set Requirements

PUBLIC SECTOR EXPERIENCE – 5%

· Knowledge of Government of Ontario standards (e.g., GO-ITS) and relevant legislation (e.g., Bill 194 / EDSTA).
· 5+ years of hands-on experience working in the Ontario K–12 education sector, particularly with school board network and cyber security environments.
Job Type: Fixed term contract
Contract length: 6 months
Pay: $120.00-$125.00 per hour

Application question(s):

• Do you have experience in Ministry of Public?
• 5+ years of hands-on experience working in the Ontario K–12 education sector, particularly with school board network and cyber security environments?

Work Location: Hybrid remote in Toronto, ON M5B 2L

Please refer the Job description for details