Cyber Security Specialist

Press Tab to Move to Skip to Content Link

Select how often (in days) to receive an alert:

Requisition ID: 189194
Career Group: Corporate Office Careers
Job Category: Cyber Security GRC
Travel Requirements: 0 - 10%
Job Type: Full-Time

Country: Canada (CA)
Province: Nova Scotia; Alberta; Ontario
City: Dartmouth / Calgary / Mississauga
Location: Dartmouth Office, Calgary Office, Tahoe Office

Embark on a rewarding career with Sobeys Inc., celebrated among Canada’s Top 100 employers, where your talents contribute to our commitment to excellence and community impact.

Our family of 128,000 employees and franchise affiliates share a collective passion for delivering exceptional shopping experiences and amazing food to all our customers. Our mission is to nurture the things that make life better – great experiences, families, communities, and our employees. We are a family nurturing families.

A proudly Canadian company, we started in a small town in Nova Scotia but we are now in communities of all sizes across this great country. With over 1,600 stores in all 10 provinces, you may know us as Sobeys, Safeway, IGA, Foodland, FreshCo, Thrifty Foods, Lawtons Drug Stores or another of our great banners but we are all one extended family.

Sobeys is full of exciting opportunities, and we are always looking for bright new talent to join our team! We currently have a full-time opportunity for a Senior Cyber Security Specialist. This role can be based out of one our main offices including: Stellarton, NS; Mississauga, ON; Calgary, AB.

Responsibilities:

• Conduct comprehensive cybersecurity risk assessments across systems, applications, vendors, and business processes to identify threats, vulnerabilities, and control gaps.
• Document and evaluate risk scenarios using standardized methodologies (e.g., NIST, ISO 27005, FAIR) to support prioritization and mitigation planning.
• Maintain the enterprise IT risk register, ensuring all risks are accurately logged, assessed, and tracked through remediation.
• Partner with system owners, project teams, and business stakeholders to evaluate risks for new initiatives and emerging technologies.
• Develop and recommend risk mitigation strategies and monitor the implementation and effectiveness of security controls.
• Support third-party risk management by conducting vendor security assessments and ensuring alignment with contractual and regulatory requirements.
• Contribute to the creation and maintenance of cybersecurity risk management policies, procedures, and standards.
• Produce risk reports and dashboards that highlight key risk indicators, trends, and enterprise risk posture for IT leadership and stakeholders.
• Assist with internal and external audits by providing evidence of risk management practices and control effectiveness.
• Promote a culture of risk awareness by delivering guidance and training to both technical and non-technical stakeholders.
• Assist in developing strategies and action plans to address identified IT risks and opportunities for improvement.
• Support the Manager, Cybersecurity GRC, with tasks related to enterprise and IT risk management, as well as broader GRC initiatives.

#LI-Hybrid #LI-VJ1

Requirements:

• Bachelor’s degree in Information Security, Computer Science, Information Systems, or a related field.
• 3–5 years of experience in cybersecurity, IT risk management, IT audit, or related domains.
• Proven experience conducting cybersecurity risk assessments and managing risk mitigation processes.
• Familiarity with cybersecurity and risk management frameworks such as NIST CSF, NIST 800-30, ISO 27001/27005, COBIT, and FAIR.
• Understanding of key security domains: Identity and Access Management, Network Security, Application Security, Data Protection, and Incident Response.
• Experience with GRC platforms (e.g., Archer, ServiceNow, OneTrust, or similar).
• Strong analytical and problem-solving skills with the ability to interpret technical information and assess risk implications.
• Effective communication and interpersonal skills to collaborate across multidisciplinary teams and present findings to stakeholders.
• Relevant certifications such as CRISC, CISA, or CISSP are an asset.
• High degree of initiative, accountability, and attention to detail.
• Takes initiative and ownership to address challenges and escalate where necessary to ensure the progress of assigned activities.
• Critical thinker and collaborative team player with the ability to navigate complex challenges.
  

At Sobeys we require our teammates to have the ability to adhere to a hybrid work model that requires your presence at one of our office locations at least three days per week. This requirement is integral to our commitment to team collaboration and the overall success of our office culture.

We offer a comprehensive Total Rewards package, which varies by role and designed to help our teammates to live better – physically, financially and emotionally.

Some websites share our job opportunities and may provide salary estimates without our knowledge. These estimates are based on similar jobs and postings for general comparison, but these numbers are not provided by our organization nor monitored for accuracy.

We will consider factors such as your working location, work experience and skills as well as internal equity, and market conditions to ensure the selected candidate is paid fairly and competitively. We look forward to discussing the specific compensation details relevant to this role with candidates who are selected to move forward in the recruitment process.

Our Total Rewards programs, for full-time teammates, goes well beyond your paycheque:

• Competitive Benefits Package, tailored to meet your needs, including health and dental coverage, life, short- and long-term disability insurance.
• Access to Virtual Health Care Platform and Employee and Family Assistance Program.
• A Retirement and Savings Plan that provides you with the opportunity to build and add value to your savings.
• A 10% in-store discount at our participating banners and access to a wide range of other discount programs, making your purchases more affordable.
• Learning and Development Resources to fuel your professional growth.
• Parental leave top-up
• Paid Vacation and Days-off

We are committed to accommodating applicants with disabilities throughout the hiring process and will work with applicants requesting accommodation at any stage of this process.