Share this Job

COVID-19 screening questions will be asked and documented during the interviewing process. Hiring decisions will require, among other criteria, a determination of low risk based on the answers.

Manager, Cybersecurity Governance, Risk & Compliance

Requisition ID:  89021 

Career Group:  Corporate Office Careers 

Job Category:  Information Technology 

Travel Requirements:  0 - 10%

Part Time or Full Time:  Full Time 

 

Country: Canada (CA) 

Province: Nova Scotia (CA-NS) 

City: Halifax

Location: Dartmouth Office 

Postal Code:  

 

Our family of 123,000 employees and franchise affiliates share a collective passion for delivering exceptional shopping experiences and amazing food to all our customers. Our mission is to nurture the things that make life better – great experiences, families, communities, and our employees.  

 

A proudly Canadian company, we started in a small town in Nova Scotia but we are now in communities of all sizes across this great country. With over 1500 stores in all 10 provinces, you may know us as Sobeys, Safeway, IGA, Foodland, FreshCo, Thrifty Foods, Lawton’s Drug Stores or another of our great banners but we are all one extended family. 

 

All career opportunities will be open a minimum of 5 business days from the date of posting.

 

Overview

Sobeys is full of exciting opportunities and we are always looking for bright new talent to join our team! We currently have a full-time opportunity for a Manager, Cybersecurity Governance, Risk & Compliance to join our Technology team based out of our office in Halifax, NS.

Job Description

What you’ll get to do in this fast-paced role:
•    Implement and maintain a Security Governance, Risk and Compliance capability with necessary integration with business functions 
•    Develop Security specific risk management practices and framework’s addressing Vendor, Cloud, and Infrastructure risks
•    Provide strategic input into business decisions on operational IT risk as a trusted advisor. 
•    Acts as a subject matter expert on relevant regulations, policy and procedures. 
•    Track regulatory compliance and maintain up-to-date records of regulatory requirements and corresponding mitigating controls
•    Represents and/or coordinates representation of the business / group during internal and external audits and/or examinations.
•    Manages the review and sign-off process for relevant regulatory reporting. 
•    Measures the strength and effectiveness of governance system and framework.
•    Develops and implements information security risk management program for organization based on company's acceptable risk tolerance levels
•    Internally evaluates and recommends policies and practices to secure and protect company assets with relevant legislation and legal interpretations 
•    Track regulatory compliance and maintain up-to-date records of regulatory requirements and corresponding mitigating controls
 

Job Requirements

What your resume will include and demonstrate to us:
•    Bachelor's degree in business or technical discipline computer programming or information security
•    Minimum of 5 years progressive experience in IT risk, Cybersecurity risk management, IT Audit or information security risk management
•    3 + years of experience in a leadership role 
•    5 + years of a security GRC experience
•    CISA, CISSP, CISM, CCSP or similar industry certification preferred
•    CCSP – Certified Cloud Security Professional 
•    CISSP – Certified Information Systems Security
•    CISA – Certified Information Systems Auditor 
•    CISM – Certified Information Security Manager 
•    Experience in complex IT environments
•    Expert knowledge of operational risk management practices and Regulatory and Compliance standards such as SOX, PCI DSS
•    Knowledge of system and application security threats and vulnerabilities 
•    Excellent Verbal & written communication skills 
•    Proven Analytical and problem-solving skills 
•    Experience with security patch and vulnerability management
•    Collaboration & team skills; with a focus on cross-group collaboration  
•    Data driven decision making 

This is an outstanding opportunity to join a leading Canadian company with a clear vision and focus.  If you feel that this describes the kind of work you want to do, and you are excited about what Sobeys has to offer, then we look forward to reviewing your application.  Please ensure that you take the time to ensure your profile shows us why you’re the most qualified applicant for the role.

Sobeys offers our employees many valuable benefits such as:
•    Growing organization
•    Competitive salary
•    Flexible Work Arrangements
•    Pension and Benefits
•    Profit Sharing Plans
•    Ongoing Training & Development
•    Opportunity for internal mobility to other departments and/or promotions (for employees who are strong performers)
 

Sobeys is committed to accommodating applicants with disabilities throughout the hiring process and will work with applicants requesting accommodation at any stage of this process.

 

 

While all responses are appreciated only those being considered for interviews will be acknowledged.

 

We appreciate the interest from the Staffing industry however respectfully request no calls or unsolicited resumes from Agencies.