Manager IT, Cyber & Transformation Audit ( 12 months contract )
Top Benefits
About the role
Embark on a rewarding career with Sobeys Inc., celebrated among Canada’s Top 100 employers where your unique contributions drive success. The Manager IT, Cyber & Transformation Audit plays a critical role in providing independent assurance over the organization’s technology risk landscape, with a focus on cybersecurity, digital platforms, and enterprise transformation initiatives. Operating within a complex, high-volume retail environment, this role leads the assessment of technology-enabled risks and advises on the effectiveness of controls across cyber, cloud, data, and application ecosystems. Sobeys is full of exciting opportunities, and we are always looking for bright new talent to join our team! We currently have a 12 months contract opportunity for a Manager IT, Cyber & Transformation Audit. This role can be based out of offices located in Mississauga; ON, Calgary; AB, Stellarton; NS This role has high visibility with Senior Management and the Audit Committee of the Empire Company Limited group of companies and is instrumental in delivering forward-looking insights on emerging cyber threats, technology disruption, and transformation risk. The position partners closely with IT Operations and Cybersecurity teams to provide assurance across major initiatives. The role emphasizes proactive risk identification, embedded assurance, and continuous improvement, leveraging automation, analytics, and modern audit approaches to enhance organizational resilience and support successful business transformation. IT/Cyber Audit Program and Transformation Assurance Leadership Lead the end-to-end IT/Cyber audit program, including annual planning, risk assessment, scoping, and execution across application, infrastructure, and operational controls, and cybersecurity domains Lead Transformation Assurance activities including testing plans and reporting Maintain and enhance IT control frameworks aligned with COBIT, NIST, and regulatory expectations IT Control Design & Effectiveness Evaluate IT & cybersecurity controls, including identity and access management, IT operations, IT governance, vulnerability management, incident response, and data protection Identify control gaps, deficiencies, and emerging risks; recommend pragmatic and scalable remediation strategies Partner with IT and business stakeholders to embed sustainable, efficient controls Testing, Assurance & Reporting Develop and execute risk-based audit and control testing plans (annual and quarterly) Review testing performed by team members and ensure adherence to audit standards Assess and risk-rank control deficiencies, including cyber and IT-related issues impacting financial reporting Deliver clear, concise reporting and insights to senior management and the Audit Committee Board & Executive Engagement Support development of materials for Board and Audit Committee reporting, highlighting key IT and cyber risks, control deficiencies, and remediation progress Present audit findings, insights, and emerging risks to senior leadership Provide ongoing updates on technology risk posture, audit outcomes, and program progress Stakeholder Engagement Act as a trusted advisor to IT, Cybersecurity, Finance, and Operations on risk management and internal controls Deliver training and guidance to control owners on IT risk, cyber hygiene, and control expectations Continuous Improvement & Transformation Drive standardization and optimization of IT audit processes Leverage data analytics, automation, and emerging technologies to enhance audit coverage and efficiency Support enterprise transformation initiatives from a risk and controls perspective Team Leadership Lead, coach, and develop a high-performing IT/Cyber audit team Manage resource planning, prioritization, and performance management Foster a collaborative, innovative, and risk-aware culture #LI-Hybrid Qualifications & Experience 6–10+ years of experience in IT audit, cybersecurity, or risk management Strong knowledge of application and infrastructure controls, and cybersecurity frameworks (e.g., NIST, ISO 27001, COBIT) Strong technical knowledge of Operating systems, databases, and networks, Identity and access management, Cybersecurity controls and monitoring, Cloud architectures and security models Experience with ERP systems (e.g., SAP), cloud environments, and modern technology platforms and operating systems Professional certifications preferred (e.g., CISA, CISM, CISSP, CPA) Strong communication skills and experience engaging with senior stakeholders and audit committees Who we are Sobeys is one of Canada’s leading grocery retailers, with more than 1,600 stores across all 10 provinces and banners including Sobeys, Safeway, IGA, Foodland, FreshCo, Thrifty Foods, and Lawtons Drug Stores. Our 128,000 teammates and franchise affiliates are passionate about delivering great food and exceptional experiences to our customers and communities. Learn more about our story and culture: Who We Are | Why Work With Us Total Rewards We offer a Total Rewards package designed to support teammates at work and in life. Depending on role and eligibility, teammates may receive health and dental benefits, retirement and savings programs including an Employee Share Ownership Plan, a 10% in-store discount at participating banners, virtual healthcare and an Employee and Family Assistance Program, learning and development opportunities, parental leave top-up, and paid vacation. Sobeys is committed to providing a compensation structure that is flexible, equitable and competitive in the market to enable performance and growth. To learn more about this opportunity including the expected range of compensation in accordance with Pay Transparency Legislation where required please click the “I’m interested” or "Apply" button above. Individual compensation is determined based on qualifications, experience, and internal equity within the range provided. Additional Information External websites may share our organization's job postings which includes compensation information based on similar roles and market benchmarks. These figures are provided for general comparison purposes only and are not issued or verified by our organization. We may use Artificial Intelligence (AI) tools to support efficiencies in the candidate screening, assessment, and recruitment processes. These AI tools do not make hiring decisions on behalf of the Company. Hiring decisions are made by our Hiring Teams. Sobeys is committed to creating accessible and inclusive hiring processes. We will work with applicants requesting accommodation at any stage of the recruitment process. Please note: Successful candidates will be required to provide documentation to prove their legal ability to work in the position during the onboarding process. Documentation will be assessed by the employer prior to commencement of work.
Similar Jobs
Manager IT, Cyber & Transformation Audit ( 12 months contract )
Top Benefits
About the role
Embark on a rewarding career with Sobeys Inc., celebrated among Canada’s Top 100 employers where your unique contributions drive success. The Manager IT, Cyber & Transformation Audit plays a critical role in providing independent assurance over the organization’s technology risk landscape, with a focus on cybersecurity, digital platforms, and enterprise transformation initiatives. Operating within a complex, high-volume retail environment, this role leads the assessment of technology-enabled risks and advises on the effectiveness of controls across cyber, cloud, data, and application ecosystems. Sobeys is full of exciting opportunities, and we are always looking for bright new talent to join our team! We currently have a 12 months contract opportunity for a Manager IT, Cyber & Transformation Audit. This role can be based out of offices located in Mississauga; ON, Calgary; AB, Stellarton; NS This role has high visibility with Senior Management and the Audit Committee of the Empire Company Limited group of companies and is instrumental in delivering forward-looking insights on emerging cyber threats, technology disruption, and transformation risk. The position partners closely with IT Operations and Cybersecurity teams to provide assurance across major initiatives. The role emphasizes proactive risk identification, embedded assurance, and continuous improvement, leveraging automation, analytics, and modern audit approaches to enhance organizational resilience and support successful business transformation. IT/Cyber Audit Program and Transformation Assurance Leadership Lead the end-to-end IT/Cyber audit program, including annual planning, risk assessment, scoping, and execution across application, infrastructure, and operational controls, and cybersecurity domains Lead Transformation Assurance activities including testing plans and reporting Maintain and enhance IT control frameworks aligned with COBIT, NIST, and regulatory expectations IT Control Design & Effectiveness Evaluate IT & cybersecurity controls, including identity and access management, IT operations, IT governance, vulnerability management, incident response, and data protection Identify control gaps, deficiencies, and emerging risks; recommend pragmatic and scalable remediation strategies Partner with IT and business stakeholders to embed sustainable, efficient controls Testing, Assurance & Reporting Develop and execute risk-based audit and control testing plans (annual and quarterly) Review testing performed by team members and ensure adherence to audit standards Assess and risk-rank control deficiencies, including cyber and IT-related issues impacting financial reporting Deliver clear, concise reporting and insights to senior management and the Audit Committee Board & Executive Engagement Support development of materials for Board and Audit Committee reporting, highlighting key IT and cyber risks, control deficiencies, and remediation progress Present audit findings, insights, and emerging risks to senior leadership Provide ongoing updates on technology risk posture, audit outcomes, and program progress Stakeholder Engagement Act as a trusted advisor to IT, Cybersecurity, Finance, and Operations on risk management and internal controls Deliver training and guidance to control owners on IT risk, cyber hygiene, and control expectations Continuous Improvement & Transformation Drive standardization and optimization of IT audit processes Leverage data analytics, automation, and emerging technologies to enhance audit coverage and efficiency Support enterprise transformation initiatives from a risk and controls perspective Team Leadership Lead, coach, and develop a high-performing IT/Cyber audit team Manage resource planning, prioritization, and performance management Foster a collaborative, innovative, and risk-aware culture #LI-Hybrid Qualifications & Experience 6–10+ years of experience in IT audit, cybersecurity, or risk management Strong knowledge of application and infrastructure controls, and cybersecurity frameworks (e.g., NIST, ISO 27001, COBIT) Strong technical knowledge of Operating systems, databases, and networks, Identity and access management, Cybersecurity controls and monitoring, Cloud architectures and security models Experience with ERP systems (e.g., SAP), cloud environments, and modern technology platforms and operating systems Professional certifications preferred (e.g., CISA, CISM, CISSP, CPA) Strong communication skills and experience engaging with senior stakeholders and audit committees Who we are Sobeys is one of Canada’s leading grocery retailers, with more than 1,600 stores across all 10 provinces and banners including Sobeys, Safeway, IGA, Foodland, FreshCo, Thrifty Foods, and Lawtons Drug Stores. Our 128,000 teammates and franchise affiliates are passionate about delivering great food and exceptional experiences to our customers and communities. Learn more about our story and culture: Who We Are | Why Work With Us Total Rewards We offer a Total Rewards package designed to support teammates at work and in life. Depending on role and eligibility, teammates may receive health and dental benefits, retirement and savings programs including an Employee Share Ownership Plan, a 10% in-store discount at participating banners, virtual healthcare and an Employee and Family Assistance Program, learning and development opportunities, parental leave top-up, and paid vacation. Sobeys is committed to providing a compensation structure that is flexible, equitable and competitive in the market to enable performance and growth. To learn more about this opportunity including the expected range of compensation in accordance with Pay Transparency Legislation where required please click the “I’m interested” or "Apply" button above. Individual compensation is determined based on qualifications, experience, and internal equity within the range provided. Additional Information External websites may share our organization's job postings which includes compensation information based on similar roles and market benchmarks. These figures are provided for general comparison purposes only and are not issued or verified by our organization. We may use Artificial Intelligence (AI) tools to support efficiencies in the candidate screening, assessment, and recruitment processes. These AI tools do not make hiring decisions on behalf of the Company. Hiring decisions are made by our Hiring Teams. Sobeys is committed to creating accessible and inclusive hiring processes. We will work with applicants requesting accommodation at any stage of the recruitment process. Please note: Successful candidates will be required to provide documentation to prove their legal ability to work in the position during the onboarding process. Documentation will be assessed by the employer prior to commencement of work.