Ready to Transform Retail? Embark on a rewarding career with Sobeys Inc., celebrated among Canada’s Top 100 employers where your unique contributions drive success. **Role Overview** : We are seeking an experienced and technically proficient Senior Cybersecurity Specialist to support and enhance our organization's offensive security capabilities. In this role, you will conduct and coordinate penetration tests, red team activities, and targeted security assessments across enterprise systems, web applications, and cloud environments. You will work closely with infrastructure, engineering, and DevSecOps teams to identify vulnerabilities, reduce the attack surface, and strengthen overall security resilience. Sobeys is full of exciting opportunities, and we are always looking for bright new talent to join our team! We currently have a full-time opportunity for a Senior Cyber Security Specialist. This role can be based out of one our main offices including: Mississauga, ON. Calgary, AB; Burnaby, BC; Stellarton, NS. **Key Responsibilities:** + Plan, coordinate, and execute in-depth penetration test across internal systems, External systems, web applications, APIs, and cloud environments. + Perform comprehensive Static and Dynamic Application Security Testing (SAST/DAST) across enterprise, SaaS, and internally developed applications. + Conduct secure code review and identify vulnerabilities, design weaknesses, and potential exploitation paths. + Assess, validate, and prioritize vulnerabilities, providing practical remediation recommendations aligned with business and compliance requirements. + Collaborate with infrastructure, platform, and DevOps teams to integrate effective security controls into CI/CD and MLOps workflows. + Evaluate web and mobile applications for security flaws such as insecure APIs, injection vulnerabilities, and misconfigurations. + Contribute to red team initiatives and advanced adversarial assessments, ensuring realistic threat modeling and high-quality deliverables. + Manage the end-to-end scoping, execution, and reporting of security engagements while maintaining accuracy, reproducibility, and actionable risk context. + Develop and maintain security documentation, standards, and reporting templates to ensure consistency and compliance. **\#LI-Hybrid** \#LI-VJ1 **Required Skills & Experience :** + Minimum 5+ years of hands-on experience in offensive security, penetration testing, or red teaming. + Strong understanding of application security principles and manual testing methodologies (OWASP, ASVS, WSTG, NIST 800). + Proficiency with penetration testing tools, including Nmap, Nessus, Metasploit, Burp Suite etc.. + Experience performing SAST, DAST, and code-level exploit development in languages such as C, C++, Java, or C#. + Administrator-level familiarity with Unix and Windows environments. + Proven ability to analyze false positives, validate findings, and articulate technical risk effectively. + Strong grasp of OWASP frameworks across Web, API, Mobile, and AI/LLM surfaces. **Preferred Qualifications :** + Offensive security certifications (e.g., OSCP, OSEP, OSCE, GPEN, GWAPT) + Experience with cloud security and scripting for automation in offensive security contexts. + Familiarity with secure SDLC practices and working alongside software engineering teams. **Who We Are Looking For :** + A curious and detail-oriented thinker who digs deep into issues until the full impact is understood. + A strong communicator who can translate technical findings into business-relevant insights. + Self-driven and continuously learning, with a passion for staying ahead in the ever-evolving cybersecurity landscape. + Dependable and team-oriented, capable of collaborating across technical and leadership level. **Who we are:** We started in a small town in Nova Scotia but we are now in communities of all sizes across this great country. With over 1,600 stores in all 10 provinces, you may know us as Sobeys, Safeway, IGA, Foodland, FreshCo, Thrifty Foods, Lawtons Drug Stores or another of our great banners but we are all one extended family. Our family of 128,000 employees and franchise affiliates share a collective passion for delivering exceptional shopping experiences and amazing food to all our customers. Our mission is to nurture the things that make life better – great experiences, families, communities, and our employees. We are a family nurturing families. Our commitment to diversity, equity and inclusion (DE&I) is fuelled by our purpose and values. It shapes our culture and drives business success. As a family nurturing families, we embed DE&I into everything we do. We know that it takes open minds and respect for distinct perspectives to create engaging workplaces, inclusive customer experiences and strong community partnerships. We are committed to accommodating applicants with disabilities throughout the hiring process and will work with applicants requesting accommodation at any stage of this process. **What we offer:** Our Total Rewards package is designed to help our teammates thrive—physically, financially, and emotionally. While offerings vary by role and employment type (full-time, part-time, contractual), eligible teammates may receive: + Comprehensive Benefits Package with health and dental coverage, life insurance, and short- and long-term disability insurance. + Access to Virtual Health Care and an Employee and Family Assistance Program for personalized support. + Retirement and Savings Plan to help you build financial security. + 10% In-Store Discount at participating banners, plus additional discount programs. + Employee Share Ownership Plan (ESOP), giving you the opportunity to invest in the company’s success. + Learning and Development Resources to support your career growth. + Parental Leave Top-Up to assist growing families. + Paid Vacation and Days Off to help you recharge. Sobeys is committed to providing a compensation structure that is flexible, equitable and competitive in the market to enable performance and growth. To learn more about this opportunity—including expected range of compensation in accordance with Pay Transparency Legislation where required —please click the “I’m interested” button above. Individual Compensation is determined based on qualifications, experience, and internal equity within the range provided. External websites may share our organization's job postings which includes compensation information based on similar roles and market benchmarks. These figures are provided for general comparison purposes only and are not issued or verified by our organization.. To drive our commitment to team collaboration and the overall success of our office culture we require our teammates to have the ability to adhere to a hybrid work model that requires your presence at one of our office locations at least three days per week. We may use Artificial Intelligence (AI) tools to support efficiencies in the candidate screening, assessment, and recruitment processes. These AI tools do not make hiring decisions on behalf of the Company, these decisions are made by our Hiring Teams. If you feel that this describes the kind of work you want to do and you are excited about what Sobeys has to offer, then please apply by the posting end date indicated above. We encourage candidates to submit a resume and take the time to ensure that their application highlights what makes them uniquely qualified for this opportunity! Please note: Successful candidates will be required to provide documentation to prove their legal ability to work in the position during the onboarding process. Documentation will be assessed by the employer prior to commencement of work. **Job Details** **Job Family** **Information Technology** **Job Function** **Information Technology - Cyber Security** **Pay Type** **Salary** **Hiring Min Rate** **96,727 CAD** **Hiring Max Rate** **138,142 CAD**