Senior Cyber Security Specialist

Senior Cybersecurity Specialist

Location:

Burnaby Corporate Office, 4445 Lougheed Hwy, Suite 900, Burnaby, BC;
Calgary Corporate Office, 1020 - 64 Avenue NE, Calgary, AB;
Mississauga, ON;
Stellarton, NS.

Ready to Transform Retail? Embark on a rewarding career with Sobeys Inc., celebrated among Canada’s Top 100 employers where your unique contributions drive success.

We are seeking an experienced and technically proficient Senior Cybersecurity Specialist to support and enhance our organization’s offensive security capabilities. In this role, you will conduct and coordinate penetration tests, red team activities, and targeted security assessments across enterprise systems, web applications, and cloud environments. You will work closely with infrastructure, engineering, and Dev Sec Ops  teams to identify vulnerabilities, reduce the attack surface, and strengthen overall security resilience.

• Plan, coordinate, and execute in-depth penetration tests across internal systems, external systems, web applications, APIs, and cloud environments.
• Perform comprehensive Static and Dynamic Application Security Testing (SAST/DAST) across enterprise, SaaS, and internally developed applications.
• Conduct secure code review and identify vulnerabilities, design weaknesses, and potential exploitation paths.
• Assess, validate, and prioritize vulnerabilities, providing practical remediation recommendations aligned with business and compliance requirements.
• Collaborate with infrastructure, platform, and Dev Ops teams to integrate effective security controls into CI/CD and MLOps workflows.
• Evaluate web and mobile applications for security flaws such as insecure APIs, injection vulnerabilities, and misconfigurations.
• Contribute to red team initiatives and advanced adversarial assessments, ensuring realistic threat modeling and high-quality deliverables.
• Manage the end-to-end scoping, execution, and reporting of security engagements while maintaining accuracy, reproducibility, and actionable risk context.
• Develop and maintain security documentation, standards, and reporting templates to ensure consistency and compliance.

• Minimum 5+ years of hands‑on experience in offensive security, penetration testing, or red teaming.
• Strong understanding of application security principles and manual testing methodologies (OWASP, ASVS, WSTG, NIST 800).
• Proficiency with penetration testing tools, including Nmap, Nessus, Metasploit, Burp Suite, etc.
• Experience performing SAST, DAST, and code‑level exploit development in languages such as C, C++, Java, or C#.
• Administrator‑level familiarity with Unix and Windows environments.
• Proven ability to analyze false positives, validate findings, and articulate technical risk effectively.
• Strong grasp of OWASP frameworks across Web, API, Mobile, and AI/LLM surfaces.

• Offensive security certifications (e.g., OSCP, OSEP, OSCE, GPEN, GWAPT).
• Experience with cloud security and scripting for automation in offensive security contexts.
• Familiarity with secure SDLC practices and working alongside software engineering teams.

• A curious and detail‑oriented thinker who digs deep into issues until the full impact is understood.
• A strong communicator who can translate technical findings into business‑relevant insights.
• Self‑driven and continuously learning, with a passion for staying ahead in the ever‑evolving cybersecurity landscape.
• Dependable and team‑oriented, capable of collaborating across technical and leadership levels.

Our Total Rewards package includes:

• Comprehensive Benefits Package with health and dental coverage, life insurance, and short‑ and long‑term disability insurance.
• Access to Virtual Health Care and an Employee and Family Assistance Program for personalized support.
• Retirement and Savings Plan to help you build financial security.
• 10% In‑Store Discount at participating banners, plus additional discount programs.
• Employee Share Ownership Plan (ESOP), giving you the opportunity to invest in the company’s success.
• Learning and Development Resources to support your career growth.
• Parental Leave Top‑Up to assist growing families.
• Paid Vacation and Days Off to help you recharge.

We are committed to accommodating applicants with disabilities throughout the hiring process and will work with applicants requesting accommodation at any stage of this process.

Work model: hybrid, requiring your presence in one of our office locations at least three days per week.

We may use Artificial Intelligence tools to support efficiencies in the candidate screening, assessment, and recruitment processes. These AI tools do not make hiring decisions on behalf of the Company; these decisions are made by our Hiring Teams.

Applications are accepted until the closing date indicated above. The position is currently open.