Top Benefits
About the role
Cyber Security Specialist
Requisition ID: 189194
Career Group: Corporate Office Careers
Job Category: Cyber Security GRC
Travel Requirements: 0 - 10%
Job Type: Full-Time
Country: Canada (CA)
Province: Nova Scotia; Alberta; Ontario
City: Dartmouth / Calgary / Mississauga
Location: Dartmouth Office, Calgary Office, Tahoe Office
Embark on a rewarding career with Sobeys Inc., celebrated among Canada’s Top 100 employers, where your talents contribute to our commitment to excellence and community impact.
Our family of 128,000 employees and franchise affiliates share a collective passion for delivering exceptional shopping experiences and amazing food to all our customers. Our mission is to nurture the things that make life better – great experiences, families, communities, and our employees. We are a family nurturing families.
A proudly Canadian company, we started in a small town in Nova Scotia but we are now in communities of all sizes across this great country. With over 1,600 stores in all 10 provinces, you may know us as Sobeys, Safeway, IGA, Foodland, FreshCo, Thrifty Foods, Lawtons Drug Stores or another of our great banners but we are all one extended family.
Ready to Make an impact?
Sobeys is full of exciting opportunities, and we are always looking for bright new talent to join our team! We currently have a full-time opportunity for a Cyber Security Specialist. This role can be based out of one our main offices including: Stellarton, NS; Mississauga, ON; Calgary, AB.
Here’s where you’ll be focusing:
Responsibilities:
- Conduct comprehensive cybersecurity risk assessments across systems, applications, vendors, and business processes to identify threats, vulnerabilities, and control gaps.
- Document and evaluate risk scenarios using standardized methodologies (e.g., NIST, ISO 27005, FAIR) to support prioritization and mitigation planning.
- Maintain the enterprise IT risk register, ensuring all risks are accurately logged, assessed, and tracked through remediation.
- Partner with system owners, project teams, and business stakeholders to evaluate risks for new initiatives and emerging technologies.
- Develop and recommend risk mitigation strategies and monitor the implementation and effectiveness of security controls.
- Support third-party risk management by conducting vendor security assessments and ensuring alignment with contractual and regulatory requirements.
- Contribute to the creation and maintenance of cybersecurity risk management policies, procedures, and standards.
- Produce risk reports and dashboards that highlight key risk indicators, trends, and enterprise risk posture for IT leadership and stakeholders.
- Assist with internal and external audits by providing evidence of risk management practices and control effectiveness.
- Promote a culture of risk awareness by delivering guidance and training to both technical and non-technical stakeholders.
- Assist in developing strategies and action plans to address identified IT risks and opportunities for improvement.
- Support the Manager, Cybersecurity GRC, with tasks related to enterprise and IT risk management, as well as broader GRC initiatives.
#LI-Hybrid#LI-VJ1
What you have to offer:
Requirements:
- Bachelor’s degree in Information Security, Computer Science, Information Systems, or a related field.
- 3–5 years of experience in cybersecurity, IT risk management, IT audit, or related domains.
- Proven experience conducting cybersecurity risk assessments and managing risk mitigation processes.
- Familiarity with cybersecurity and risk management frameworks such as NIST CSF, NIST 800-30, ISO 27001/27005, COBIT, and FAIR.
- Understanding of key security domains: Identity and Access Management, Network Security, Application Security, Data Protection, and Incident Response.
- Experience with GRC platforms (e.g., Archer, ServiceNow, OneTrust, or similar).
- Strong analytical and problem-solving skills with the ability to interpret technical information and assess risk implications.
- Effective communication and interpersonal skills to collaborate across multidisciplinary teams and present findings to stakeholders.
- Relevant certifications such as CRISC, CISA, or CISSP are an asset.
- High degree of initiative, accountability, and attention to detail.
- Takes initiative and ownership to address challenges and escalate where necessary to ensure the progress of assigned activities.
- Critical thinker and collaborative team player with the ability to navigate complex challenges.
At Sobeys we require our teammates to have the ability to adhere to a hybrid work model that requires your presence at one of our office locations at least three days per week. This requirement is integral to our commitment to team collaboration and the overall success of our office culture.
We offer a comprehensive Total Rewards package, which varies by role and designed to help our teammates to live better – physically, financially and emotionally.
Some websites share our job opportunities and may provide salary estimates without our knowledge. These estimates are based on similar jobs and postings for general comparison, but these numbers are not provided by our organization nor monitored for accuracy.
We will consider factors such as your working location, work experience and skills as well as internal equity, and market conditions to ensure the selected candidate is paid fairly and competitively. We look forward to discussing the specific compensation details relevant to this role with candidates who are selected to move forward in the recruitment process.
Our Total Rewards programs, for full-time teammates, goes well beyond your paycheque:
- Competitive Benefits Package, tailored to meet your needs, including health and dental coverage, life, short- and long-term disability insurance.
- Access to Virtual Health Care Platform and Employee and Family Assistance Program.
- A Retirement and Savings Plan that provides you with the opportunity to build and add value to your savings.
- A 10% in-store discount at our participating banners and access to a wide range of other discount programs, making your purchases more affordable.
- Learning and Development Resources to fuel your professional growth.
- Parental leave top-up
- Paid Vacation and Days-off
We are committed to accommodating applicants with disabilities throughout the hiring process and will work with applicants requesting accommodation at any stage of this process.
About Sobeys
As one of only two national grocery retailers in Canada, Sobeys Inc. serves the food shopping needs of Canadians with more than 1,500 stores in 10 provinces with retail banners that include Sobeys, Safeway, IGA, Foodland, FreshCo, Price Chopper, Thrifty Foods and Lawtons Drugs, as well as more than 330 retail fuel locations. Our five core retail food formats are designed to ensure that we have the right offering in the right-sized stores for each individual market we serve — from our full service format to the convenience format, each tailored to satisfy the unique occasion-based food shopping needs of our customers.
Our 134,000 employees and franchise affiliates are committed to building sustainable worth for each of our customers, employees, suppliers and shareholders through our focus on food, innovation and superior customer service.
En tant que l'un des deux seuls détaillants alimentaires présents dans tout le Canada, Sobeys Inc. répond aux besoins en épicerie de sa clientèle par le biais de ses quelque 1 500 magasins. Répartis dans chacune des dix provinces, ceux-ci arborent diverses bannières de détail dont Sobeys, Safeway, IGA, Foodland, FreshCo, Price Chopper, Thrifty Foods et Lawtons Drugs, ainsi que plus de 330 stations d'essence. Nos magasins d'alimentation sont conçus en fonction de cinq concepts de base afin que l'offre aux consommateurs et la taille des magasins conviennent le mieux à chacun des marchés que nous desservons. Du magasin à gamme complète de services jusqu'au dépanneur, chacun est adapté de façon à combler les besoins particuliers de notre clientèle en fonction de l'occasion d'achat.
En raison de l'importance qu'ils accordent à l'alimentation, à l'innovation et à l'excellence du service à la clientèle, nos quelque 125 000 employés et marchands affiliés se montrent soucieux de créer de la valeur de façon durable pour chacun de nos partenaires, qu'ils soient clients, employés, fournisseurs ou actionnaires.
Top Benefits
About the role
Cyber Security Specialist
Requisition ID: 189194
Career Group: Corporate Office Careers
Job Category: Cyber Security GRC
Travel Requirements: 0 - 10%
Job Type: Full-Time
Country: Canada (CA)
Province: Nova Scotia; Alberta; Ontario
City: Dartmouth / Calgary / Mississauga
Location: Dartmouth Office, Calgary Office, Tahoe Office
Embark on a rewarding career with Sobeys Inc., celebrated among Canada’s Top 100 employers, where your talents contribute to our commitment to excellence and community impact.
Our family of 128,000 employees and franchise affiliates share a collective passion for delivering exceptional shopping experiences and amazing food to all our customers. Our mission is to nurture the things that make life better – great experiences, families, communities, and our employees. We are a family nurturing families.
A proudly Canadian company, we started in a small town in Nova Scotia but we are now in communities of all sizes across this great country. With over 1,600 stores in all 10 provinces, you may know us as Sobeys, Safeway, IGA, Foodland, FreshCo, Thrifty Foods, Lawtons Drug Stores or another of our great banners but we are all one extended family.
Ready to Make an impact?
Sobeys is full of exciting opportunities, and we are always looking for bright new talent to join our team! We currently have a full-time opportunity for a Cyber Security Specialist. This role can be based out of one our main offices including: Stellarton, NS; Mississauga, ON; Calgary, AB.
Here’s where you’ll be focusing:
Responsibilities:
- Conduct comprehensive cybersecurity risk assessments across systems, applications, vendors, and business processes to identify threats, vulnerabilities, and control gaps.
- Document and evaluate risk scenarios using standardized methodologies (e.g., NIST, ISO 27005, FAIR) to support prioritization and mitigation planning.
- Maintain the enterprise IT risk register, ensuring all risks are accurately logged, assessed, and tracked through remediation.
- Partner with system owners, project teams, and business stakeholders to evaluate risks for new initiatives and emerging technologies.
- Develop and recommend risk mitigation strategies and monitor the implementation and effectiveness of security controls.
- Support third-party risk management by conducting vendor security assessments and ensuring alignment with contractual and regulatory requirements.
- Contribute to the creation and maintenance of cybersecurity risk management policies, procedures, and standards.
- Produce risk reports and dashboards that highlight key risk indicators, trends, and enterprise risk posture for IT leadership and stakeholders.
- Assist with internal and external audits by providing evidence of risk management practices and control effectiveness.
- Promote a culture of risk awareness by delivering guidance and training to both technical and non-technical stakeholders.
- Assist in developing strategies and action plans to address identified IT risks and opportunities for improvement.
- Support the Manager, Cybersecurity GRC, with tasks related to enterprise and IT risk management, as well as broader GRC initiatives.
#LI-Hybrid#LI-VJ1
What you have to offer:
Requirements:
- Bachelor’s degree in Information Security, Computer Science, Information Systems, or a related field.
- 3–5 years of experience in cybersecurity, IT risk management, IT audit, or related domains.
- Proven experience conducting cybersecurity risk assessments and managing risk mitigation processes.
- Familiarity with cybersecurity and risk management frameworks such as NIST CSF, NIST 800-30, ISO 27001/27005, COBIT, and FAIR.
- Understanding of key security domains: Identity and Access Management, Network Security, Application Security, Data Protection, and Incident Response.
- Experience with GRC platforms (e.g., Archer, ServiceNow, OneTrust, or similar).
- Strong analytical and problem-solving skills with the ability to interpret technical information and assess risk implications.
- Effective communication and interpersonal skills to collaborate across multidisciplinary teams and present findings to stakeholders.
- Relevant certifications such as CRISC, CISA, or CISSP are an asset.
- High degree of initiative, accountability, and attention to detail.
- Takes initiative and ownership to address challenges and escalate where necessary to ensure the progress of assigned activities.
- Critical thinker and collaborative team player with the ability to navigate complex challenges.
At Sobeys we require our teammates to have the ability to adhere to a hybrid work model that requires your presence at one of our office locations at least three days per week. This requirement is integral to our commitment to team collaboration and the overall success of our office culture.
We offer a comprehensive Total Rewards package, which varies by role and designed to help our teammates to live better – physically, financially and emotionally.
Some websites share our job opportunities and may provide salary estimates without our knowledge. These estimates are based on similar jobs and postings for general comparison, but these numbers are not provided by our organization nor monitored for accuracy.
We will consider factors such as your working location, work experience and skills as well as internal equity, and market conditions to ensure the selected candidate is paid fairly and competitively. We look forward to discussing the specific compensation details relevant to this role with candidates who are selected to move forward in the recruitment process.
Our Total Rewards programs, for full-time teammates, goes well beyond your paycheque:
- Competitive Benefits Package, tailored to meet your needs, including health and dental coverage, life, short- and long-term disability insurance.
- Access to Virtual Health Care Platform and Employee and Family Assistance Program.
- A Retirement and Savings Plan that provides you with the opportunity to build and add value to your savings.
- A 10% in-store discount at our participating banners and access to a wide range of other discount programs, making your purchases more affordable.
- Learning and Development Resources to fuel your professional growth.
- Parental leave top-up
- Paid Vacation and Days-off
We are committed to accommodating applicants with disabilities throughout the hiring process and will work with applicants requesting accommodation at any stage of this process.
About Sobeys
As one of only two national grocery retailers in Canada, Sobeys Inc. serves the food shopping needs of Canadians with more than 1,500 stores in 10 provinces with retail banners that include Sobeys, Safeway, IGA, Foodland, FreshCo, Price Chopper, Thrifty Foods and Lawtons Drugs, as well as more than 330 retail fuel locations. Our five core retail food formats are designed to ensure that we have the right offering in the right-sized stores for each individual market we serve — from our full service format to the convenience format, each tailored to satisfy the unique occasion-based food shopping needs of our customers.
Our 134,000 employees and franchise affiliates are committed to building sustainable worth for each of our customers, employees, suppliers and shareholders through our focus on food, innovation and superior customer service.
En tant que l'un des deux seuls détaillants alimentaires présents dans tout le Canada, Sobeys Inc. répond aux besoins en épicerie de sa clientèle par le biais de ses quelque 1 500 magasins. Répartis dans chacune des dix provinces, ceux-ci arborent diverses bannières de détail dont Sobeys, Safeway, IGA, Foodland, FreshCo, Price Chopper, Thrifty Foods et Lawtons Drugs, ainsi que plus de 330 stations d'essence. Nos magasins d'alimentation sont conçus en fonction de cinq concepts de base afin que l'offre aux consommateurs et la taille des magasins conviennent le mieux à chacun des marchés que nous desservons. Du magasin à gamme complète de services jusqu'au dépanneur, chacun est adapté de façon à combler les besoins particuliers de notre clientèle en fonction de l'occasion d'achat.
En raison de l'importance qu'ils accordent à l'alimentation, à l'innovation et à l'excellence du service à la clientèle, nos quelque 125 000 employés et marchands affiliés se montrent soucieux de créer de la valeur de façon durable pour chacun de nos partenaires, qu'ils soient clients, employés, fournisseurs ou actionnaires.