Senior Cyber Security Specialist

Overview  Ready to Transform Retail? Embark on a rewarding career with Sobeys Inc., celebrated among Canada’s Top 100 employers where your unique contributions drive success.

Role Overview :
We are seeking an experienced and technically proficient Senior Cybersecurity Specialist to support and enhance our organization's offensive security capabilities. In this role, you will conduct and coordinate penetration tests, red team activities, and targeted security assessments across enterprise systems, web applications, and cloud environments. You will work closely with infrastructure, engineering, and Dev Sec Ops  teams to identify vulnerabilities, reduce the attack surface, and strengthen overall security resilience.
Sobeys is full of exciting opportunities, and we are always looking for bright new talent to join our team! We currently have a full-time opportunity for a Senior Cyber Security Specialist. This role can be based out of one our main offices including:
Mississauga, ON;
Calgary, AB;
Burnaby, BC;
Stellarton, NS.

Responsibilities

Plan, coordinate, and execute in-depth penetration tests across internal systems, external systems, web applications, APIs, and cloud environments.

Perform comprehensive Static and Dynamic Application Security Testing (SAST/DAST) across enterprise, SaaS, and internally developed applications.

Conduct secure code review and identify vulnerabilities, design weaknesses, and potential exploitation paths.

Assess, validate, and prioritize vulnerabilities, providing practical remediation recommendations aligned with business and compliance requirements.

Collaborate with infrastructure, platform, and Dev Ops teams to integrate effective security controls into CI/CD and MLOps workflows.

Evaluate web and mobile applications for security flaws such as insecure APIs, injection vulnerabilities, and misconfigurations.

Contribute to red team initiatives and advanced adversarial assessments, ensuring realistic threat modeling and high-quality deliverables.

Manage the end-to-end scoping, execution, and reporting of security engagements while maintaining accuracy, reproducibility, and actionable risk context.

Develop and maintain security documentation, standards, and reporting templates to ensure consistency and compliance.

Required Skills & Experience

Minimum 5+ years of hands-on experience in offensive security, penetration testing, or red teaming.

Strong understanding of application security principles and manual testing methodologies (OWASP, ASVS, WSTG, NIST 800).

Proficiency with penetration testing tools, including Nmap, Nessus, Metasploit, Burp Suite etc.

Experience performing SAST, DAST, and code-level exploit development in languages such as C, C++, Java, or C#.

Administrator-level familiarity with Unix and Windows environments.

Proven ability to analyze false positives, validate findings, and articulate technical risk effectively.

Strong grasp of OWASP frameworks across Web, API, Mobile, and AI/LLM surfaces.

Preferred Qualifications

Offensive security certifications (e.g., OSCP, OSEP, OSCE, GPEN, GWAPT)

Experience with cloud security and scripting for automation in offensive security contexts.

Familiarity with secure SDLC practices and working alongside software engineering teams.

Who We Are Looking For

A curious and detail-oriented thinker who digs deep into issues until the full impact is understood.

A strong communicator who can translate technical findings into business-relevant insights.

Self-driven and continuously learning, with a passion for staying ahead in the ever-evolving cybersecurity landscape.

Dependable and team-oriented, capable of collaborating across technical and leadership levels.

Who We Are
We started in a small town in Nova Scotia but we are now in communities of all sizes across this great country. With over 1,600 stores in all 10 provinces, you may know us as Sobeys, Safeway, IGA, Foodland, Fresh Co, Thrifty Foods, Lawtons Drug Stores or another of our great banners but we are all one extended family.

Our family of 128,000 employees and franchise affiliates share a collective passion for delivering exceptional shopping experiences and amazing food to all our customers. Our mission is to nurture the things that make life better – great experiences, families, communities, and our employees. We are a family nurturing families.

Our commitment to diversity, equity and inclusion (DE&I) is fuelled by our purpose and values. It shapes our culture and drives business success. As a family nurturing families, we embed DE&I into everything we do. We know that it takes open minds and respect for distinct perspectives to create engaging workplaces, inclusive customer experiences and strong community partnerships. We are committed to accommodating applicants with disabilities throughout the hiring process and will work with applicants requesting accommodation at any stage of this process.

What We Offer
Our Total Rewards package is designed to help our teammates thrive—physically, financially, and…