Technology Architect

Overview

Join to apply for the Technology Architect role at Foilcon

The Senior Technology Architect role requires deep knowledge, expertise, and experience in in cyber security solutions, security operations (Sec Ops) solutions and practices, automation and artificial intelligence (AI) in cyber security, managed security services, and next-generation network security. The resource also requires hands-on experience in analyzing, configuring, implementing, and troubleshooting cyber security models, automation solutions and threat detection, particularly within the education sector, preferably in the Ontario K  school board environment.

This work involves working in close partnership with various government departments, the K-12 education sector, telecommunications providers, and network and cyber security technology vendors to develop tailored approaches and implementation plans. To support various stakeholders, the resource must be available to perform hands-on configuration, troubleshooting and training at the client site. Therefore, the resource must be available to travel same day or overnight in Ontario, as needed.

• Delivering solution and architecture guidance, training, and implementation support for next-generation networks, network protection and cyber security technologies, including:
• Security service edge (SSE) / secure access service edge (SASE) including integration of network and security functions â including secure web gateway (SWG), cloud access security broker (CASB) and zero-trust network architecture, firewall-as-a-service (FWaaS)
• SD-WAN (software-defined wide area network) and software-defined networking (SDN)
• AI and machine learning (ML)-driven network and security technologies
• Endpoint protection platforms (EPP), endpoint detection and response (EDR), and extended detection and response (XDR) solutions
• Advanced intrusion prevention systems (IPS), intrusion detection systems (IDS), network access control and distributed denial of service (DDoS) protection
• Identity security and authentication solutions (passwordless, password-based, certificate-based, MFA)
• Incident Response and Incident Management (IR and IM) solutions
• Automated vulnerability and patching
• User and Entity Behaviour Analytics (UEBA)
• Penetration testing and automated red teaming
• Operation technology (OT) security
• Providing technical guidance, delivering solution, training, and implementation support for hybrid cyber security operating models involving both in-house and outsourced MSSP (managed security services provider) capabilities, including:
• MSSP integration and optimization
• Security operations functions and architecture
• Threat detection and incident response
• Security Information and Event Management (SIEM), Security Orchestration, Automation and Response (SOAR), EDR/XDR, and threat intelligence platforms in a hybrid implementation
• Automation and orchestration workflows
• Governance, risk, and compliance in a hybrid (in-house and outsourced) security operations environment
• Providing subject matter expertise in network operations centre (NOC) and security operations centre (SOC) technologies, services, and tools including, but not limited to:
• Security Information and Event Management (SIEM)
• Security Orchestration, Automation and Response (SOAR)
• Network traffic analyzer, network performance monitoring and network configuration management tools
• Managing and optimizing SIEM, SOAR, EDR/XDR, cloud access security broker (CASB), incident detection and response (IDR) and vulnerability management systems as part of the boards' Sec Ops infrastructure.
• Developing, testing, and maintaining threat detection use cases across identity, endpoint, email, network, and cloud environments.
• Leading the analysis for complex incidents, conducting deep-dive investigations and root-cause analysis.
• Providing support for telemetry ingestion, log normalization and real-time correlation of security insights.
• Delivering training and operational guidance to board IT and security teams on threat response workflows and defensive posture validation.
• Providing subject matter expertise, consultancy, and advice on advanced networking technologies (SD-WAN, SASE, ZTNA, NDR) and their convergence with security tools, ensuring seamless observability and controls.
• Conducting baseline reviews, vulnerability triage, and collaborating with managed security service providers (MSSP) to track remediation efforts.
• Maintaining security content (rules, dashboards, playbooks) across shared toolsets and platforms.
• Supporting cross-board threat sharing, ensuring local detection benefit the broader board ecosystem.
• Providing subject matter expertise in the development and delivery of technical training courses to support boards' cyber resilience efforts.
• Presenting to senior and executive management and external senior stakeholders, as needed.
• Providing regular status updates and project reports on assigned deliverables.
• Taking a collaborative approach to solution definition, development, and…