Job Specifications
Ready to Transform Retail? Embark on a rewarding career with Sobeys Inc., celebrated among Canada’s Top 100 employers where your unique contributions drive success.
Sobeys is full of exciting opportunities, and we are always looking for bright new talent to join our team! We currently have a full time opportunity for a Senior Auditor. This role is based out of our main office in Mississauga, ON.
You will bring a systematic and disciplined approach to evaluating and improving the effectiveness of technology risk management, internal controls, and governance processes across the organization’s Information Technology environment.
Reporting to the Manager, IT Audit, you will be accountable for executing the annual Technology Audit Plan, delivering both assurance and advisory engagements. You will also support the delivery of the IT General Controls (ITGC) program in support of the NI 52-109 CEO/CFO Certification Program.
This role offers a unique opportunity to work across a broad technology scope within a collaborative team environment, where individual contribution, professional judgment, and value-added insights are critical to the success of the Internal Audit function.
IT Audit Responsibilities
Assist the IT Audit Manager in planning and scoping IT and Cybersecurity audit engagements, including reviews of IT processes, applications, infrastructure, projects, and enterprise technology risk assessments, in alignment with the approved annual audit plan.
Work closely with the IT Audit Manager to execute risk-based assurance and advisory engagements across a broad range of technology domains.
Prepare clear, concise, and well-supported audit reports, communicating findings, root causes, impacts, and practical recommendations.
Assist the IT Audit Manager with ongoing follow-up with action owners to ensure timely and effective remediation of audit findings.
Support Internal Audit leadership in the development and refresh of the annual IT Audit Plan, incorporating results of prior audits, input from IT leadership, and emerging technology and cybersecurity risks.
Mentor and provide guidance to Internal Audit team members on technology risks, IT controls, and audit techniques.
Demonstrate intellectual curiosity and apply professional skepticism and critical thinking when assessing IT processes, applications, controls, and emerging risk.
NI 52-109 CEO/CFO Certification - ITGC Program
Support the IT Audit Manager in delivering the NI 52-109 ITGC program, in accordance with the approved plan and timelines.
Work with key stakeholders to evaluate the design and operating effectiveness of ITGCs
Execute ITGC testing in accordance with defined methodologies, working closely with the IT Audit Manager.
Collaborate with management to develop practical and sustainable action plans to address root causes of ITGC deficiencies and improve control effectiveness.
Perform regular follow-up with action plan owners to ensure timely completion and proper validation of remediation efforts.
Assist with the preparation of quarterly status reporting, including plan progress, deficiencies, and remediation updates for IT leadership.
Coordinate and collaborate with external auditors as required to support reliance and reduce duplication of effort.
What You Have to Offer
Undergraduate degree in a technology-related field such as Information Systems, Computer Science, IT Management, or Data Analytics.
CISA designation required
Additional certifications such as CISSP or CISM preferred.
Minimum of 5 years of progressive experience in Technology Audit, with a strong foundation in risk-based auditing and IT controls.
Strong technical knowledge of enterprise IT platforms, operating systems, databases, network services, cybersecurity, privacy, and business applications.
Working knowledge of audit, governance, and control frameworks including COBIT, NIST, ISO, and ISF.
Experience performing Cybersecurity and Cloud audits, including IaaS, PaaS, and SaaS environments.
Knowledge of relevant regulations and standards including NI 52-109, PCI DSS, PIPEDA, and GDPR.
Familiarity with Service Organization Control (SOC 1 / SOC 2) reporting standards preferred.
Experience auditing large-scale or complex IT implementations, with knowledge of project methodologies, associated risks, and key controls.
Demonstrated strong planning, project management, and organizational skills
Excellent interpersonal, verbal, and written communication skills, with the ability to translate complex technical issues into clear business terms.
Proven ability to build and maintain effective relationships in a collaborative team environment.
Ability to lead audit engagements independently, while collaborating effectively with stakeholders at all levels of the organization.
Strong problem-solving capabilities with demonstrated analytical, innovative, and critical thinking skills.
Who We Are
We started in a small town in Nova Scotia but we are now in communities of all sizes acro
About the Company
As one of only two national grocery retailers in Canada, Sobeys Inc. serves the food shopping needs of Canadians with more than 1,500 stores in 10 provinces with retail banners that include Sobeys, Safeway, IGA, Foodland, FreshCo, Price Chopper, Thrifty Foods and Lawtons Drugs, as well as more than 330 retail fuel locations. Our five core retail food formats are designed to ensure that we have the right offering in the right-sized stores for each individual market we serve -- from our full service format to the convenience f...
Know more