Our client, the Ministry of Education has a hybrid contract opportunity for a Security Architect...
- Contributing to a tailored cyber security framework that is based primarily on NIST Cybersecurity Framework (CSF) v2, with considerations from other industry frameworks and standards such as SANS/CIS Controls v8, COBIT, ISO, etc.
- Developing standards for priority cyber security, privacy protection and online safety controls applicable to K-12, including documented guidance
- Providing hands-on subject matter expertise and guidance to support adoption of framework, standards and policy(ies)
- Ensuring alignment with modern security operation (SecOps) practices leveraging automation, artificial intelligence, and machine learning
- Collaborating with other parts of the government (e.g., Ontario Cyber Security Division) to consider linkages with OPS and BPS cyber security priorities and standards, and alignment with other workstreams of the cyber protection strategy such as cyber security and privacy assessments to identify linkages and interconnections and facilitate alignment.
- Presenting to various stakeholders to seek feedback, as needed.
- Delivering on other duties as assigned.
- Providing progress and project status reports on all deliverables assigned.
- Must-have
Cyber Security and Privacy
- 5+ years’ experience mapping and adapting cyber security frameworks such as NIST Cybersecurity Framework (CSF) v2, COBIT, CIS Controls v8 and ISO 27001 for adoption by an organization comparable in size and complexity to a school board.
- 5+ years’ experience integrating and implementing cyber security frameworks, and cyber security controls into an organization’s enterprise risk management practice, governance and overall organization including associated change management practices.
- Experience with the adoption of capability maturity models such as Capability Maturity Model Integration (CMMI) and Cybersecurity Maturity Model Certification (CMMC) is desirable
- Security certification is mandatory (Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM))