About the role
At South Bow, we do one thing, and we do it well: safely moving oil between some of the world’s most critical markets. We’re building our high-performing team with versatile thinkers who thrive on solving big challenges together. If you’re ready for a position where your skills are highly valued and your work is incredibly important, we want to meet you. Bring your talents to a new streamlined energy company, dedicated to operational, commercial and safety excellence as we pursue our critical purpose of delivering the energy people need.
The Opportunity
We are seeking a highly skilled and self-directed Specialist, IT Risk and Controls to join our Calgary-based team. This role plays a critical part in ensuring our IT systems remain compliant and secure. The ideal candidate will have strong experience with IT control programs, a solid understanding of IT General Controls (ITGCs), and relevant regulatory frameworks in the energy and utilities sectors.
This role oversees the design, implementation, and improvement of ITGCs to maintain Sarbanes-Oxley (SOX) compliance, supports cybersecurity, and ensures alignment with industry standards and regulatory requirements to support risk mitigation and financial integrity.
As part of a new organization, this individual will have the unique opportunity to rework and right-size our IT Controls programs. The role requires a strategic thinker with strong analytical abilities and a deep understanding of IT Controls principles.
What you’ll do
- Lead the governance and execution of IT General Controls (ITGCs) across applications, infrastructure, data environments, and support SOX compliance.
- Support the execution of the Cybersecurity Threat Management Program to ensure regulatory compliance.
- Ensure compliance with SOX and cybersecurity regulatory requirements, such as TSA and CER.
- Assess control effectiveness, identify deficiencies, and ensure adherence to internal policies and external regulations.
- Analyze control gaps and deficiencies, develop remediation plans, and track resolution through to closure.
- Oversee IT control programs from planning to execution, ensuring alignment with business and regulatory requirements.
- Act as the primary contact for internal and external auditors, facilitate walkthroughs, collect evidence, and resolve issues.
- Support controls related to regulatory compliance, including privacy, cybersecurity, and operational risk.
- Collaborate with IT, cybersecurity, operations, and compliance teams to ensure integrated and sustainable control practices.
- Monitor control performance and recommend enhancements to improve resilience, efficiency, and scalability.
- Demonstrate strong analytical and problem-solving skills, work independently, and make sound decisions in a fast-paced environment.
- Support IT risk assessments.
Minimum Qualifications
- Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, Business with a focus on Information Systems / Information Technology, or a related field.
- At least 10 years of experience in IT controls, IT audit, or risk management, preferably within the energy or utilities sector.
- Proven experience in managing ITGCs and working with regulatory frameworks relevant to the industry.
Preferred Qualifications
- Relevant certifications such as:
Certified Information Systems Auditor (CISA)
Certified in Risk and Information Systems Control (CRISC)
Certified Information Security Manager (CISM)
ISO 27001 Lead Implementer or Auditor
ITIL Foundation or Practitioner
- Strong understanding of IT governance, risk, and compliance frameworks.
- Experience managing cybersecurity governance
- Experience working for a Big 4 firm, with experience managing a program or building out a function
- Familiarity with industry-specific regulations
- Experience assessing and remediating control deficiencies.
- Excellent communication and stakeholder engagement skills.
- Proficiency in GRC platforms, audit tools, and data analysis.
- Ability to work independently with minimal supervision.
This position requires candidates to
- Travel across North America to other company locations for temporary assignments, meetings or training (estimated up 10% of work schedule)
- Successfully complete pre-employment Bankruptcy, Credit, Civil and Criminal background checks
About our business
South Bow's existing oil & liquids pipeline infrastructure connects Alberta crude oil supplies to U.S. refining markets in Illinois, Oklahoma, Texas and the U.S. Gulf Coast. We remain committed to meeting the energy needs of North Americans today, while advancing our Liquids Pipelines System for the demands of the future. Connecting growing Canadian and U.S. crude oil supply to key markets, leveraging existing assets and seeking new opportunities to continue to provide our customers with access to the destinations they need.
South Bow is an equal opportunity employer and participates in the E-Verify program supervised by the U.S. government.
Learn more
Visit us at http://SouthBow.com and connect with us on our social media channels for our latest news, employee stories, community activities, and other updates.
Thank you for choosing South Bow in your career search.
-
Depending on qualifications, the successful candidate may be offered a position at a more appropriate level and/or ladder.
-
Applicants must have legal authorization to work in the country in which the position is based with no restrictions.
-
All positions require background screening. Some require criminal and/or credit checks to comply with regulations.
-
South Bow is committed to provide employment opportunities to all qualified individuals, without regard to race, religion, age, sex, color, national origin, sexual orientation, gender identity, veteran status, or disability. Accommodation for applicants with disabilities is available on request during the recruitment process. Applicants with disabilities can request accessible formats or communication supports by contacting human.resources@southbow.com .
About South Bow
South Bow’s name represents our origins near Canada’s Bow River and acknowledges our system’s strategic corridor, which enables us to deliver a premier resource southward to refining markets in the U.S. Midwest and Gulf Coast.
At South Bow, we're more than just an energy infrastructure company. We’re a team of talented professionals dedicated to connecting resilient, safe and secure supply to the highest-demand markets, while safely pursuing operational and commercial excellence.
About the role
At South Bow, we do one thing, and we do it well: safely moving oil between some of the world’s most critical markets. We’re building our high-performing team with versatile thinkers who thrive on solving big challenges together. If you’re ready for a position where your skills are highly valued and your work is incredibly important, we want to meet you. Bring your talents to a new streamlined energy company, dedicated to operational, commercial and safety excellence as we pursue our critical purpose of delivering the energy people need.
The Opportunity
We are seeking a highly skilled and self-directed Specialist, IT Risk and Controls to join our Calgary-based team. This role plays a critical part in ensuring our IT systems remain compliant and secure. The ideal candidate will have strong experience with IT control programs, a solid understanding of IT General Controls (ITGCs), and relevant regulatory frameworks in the energy and utilities sectors.
This role oversees the design, implementation, and improvement of ITGCs to maintain Sarbanes-Oxley (SOX) compliance, supports cybersecurity, and ensures alignment with industry standards and regulatory requirements to support risk mitigation and financial integrity.
As part of a new organization, this individual will have the unique opportunity to rework and right-size our IT Controls programs. The role requires a strategic thinker with strong analytical abilities and a deep understanding of IT Controls principles.
What you’ll do
- Lead the governance and execution of IT General Controls (ITGCs) across applications, infrastructure, data environments, and support SOX compliance.
- Support the execution of the Cybersecurity Threat Management Program to ensure regulatory compliance.
- Ensure compliance with SOX and cybersecurity regulatory requirements, such as TSA and CER.
- Assess control effectiveness, identify deficiencies, and ensure adherence to internal policies and external regulations.
- Analyze control gaps and deficiencies, develop remediation plans, and track resolution through to closure.
- Oversee IT control programs from planning to execution, ensuring alignment with business and regulatory requirements.
- Act as the primary contact for internal and external auditors, facilitate walkthroughs, collect evidence, and resolve issues.
- Support controls related to regulatory compliance, including privacy, cybersecurity, and operational risk.
- Collaborate with IT, cybersecurity, operations, and compliance teams to ensure integrated and sustainable control practices.
- Monitor control performance and recommend enhancements to improve resilience, efficiency, and scalability.
- Demonstrate strong analytical and problem-solving skills, work independently, and make sound decisions in a fast-paced environment.
- Support IT risk assessments.
Minimum Qualifications
- Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, Business with a focus on Information Systems / Information Technology, or a related field.
- At least 10 years of experience in IT controls, IT audit, or risk management, preferably within the energy or utilities sector.
- Proven experience in managing ITGCs and working with regulatory frameworks relevant to the industry.
Preferred Qualifications
- Relevant certifications such as:
Certified Information Systems Auditor (CISA)
Certified in Risk and Information Systems Control (CRISC)
Certified Information Security Manager (CISM)
ISO 27001 Lead Implementer or Auditor
ITIL Foundation or Practitioner
- Strong understanding of IT governance, risk, and compliance frameworks.
- Experience managing cybersecurity governance
- Experience working for a Big 4 firm, with experience managing a program or building out a function
- Familiarity with industry-specific regulations
- Experience assessing and remediating control deficiencies.
- Excellent communication and stakeholder engagement skills.
- Proficiency in GRC platforms, audit tools, and data analysis.
- Ability to work independently with minimal supervision.
This position requires candidates to
- Travel across North America to other company locations for temporary assignments, meetings or training (estimated up 10% of work schedule)
- Successfully complete pre-employment Bankruptcy, Credit, Civil and Criminal background checks
About our business
South Bow's existing oil & liquids pipeline infrastructure connects Alberta crude oil supplies to U.S. refining markets in Illinois, Oklahoma, Texas and the U.S. Gulf Coast. We remain committed to meeting the energy needs of North Americans today, while advancing our Liquids Pipelines System for the demands of the future. Connecting growing Canadian and U.S. crude oil supply to key markets, leveraging existing assets and seeking new opportunities to continue to provide our customers with access to the destinations they need.
South Bow is an equal opportunity employer and participates in the E-Verify program supervised by the U.S. government.
Learn more
Visit us at http://SouthBow.com and connect with us on our social media channels for our latest news, employee stories, community activities, and other updates.
Thank you for choosing South Bow in your career search.
-
Depending on qualifications, the successful candidate may be offered a position at a more appropriate level and/or ladder.
-
Applicants must have legal authorization to work in the country in which the position is based with no restrictions.
-
All positions require background screening. Some require criminal and/or credit checks to comply with regulations.
-
South Bow is committed to provide employment opportunities to all qualified individuals, without regard to race, religion, age, sex, color, national origin, sexual orientation, gender identity, veteran status, or disability. Accommodation for applicants with disabilities is available on request during the recruitment process. Applicants with disabilities can request accessible formats or communication supports by contacting human.resources@southbow.com .
About South Bow
South Bow’s name represents our origins near Canada’s Bow River and acknowledges our system’s strategic corridor, which enables us to deliver a premier resource southward to refining markets in the U.S. Midwest and Gulf Coast.
At South Bow, we're more than just an energy infrastructure company. We’re a team of talented professionals dedicated to connecting resilient, safe and secure supply to the highest-demand markets, while safely pursuing operational and commercial excellence.