Specialist, IT Risk and Controls

At South Bow we do one thing and we do it well: safely moving oil between some of the worlds most critical building our high-performing team with versatile thinkers who thrive on solving big challenges youre ready for a position where your skills are highly valued and your work is incredibly important we want to meet you. Bring your talents to a new streamlined energy company dedicated to operational commercial and safety excellence as we pursue our critical purpose of delivering the energy people need.

The Opportunity
We are seeking a highly skilled and self-directed Specialist IT Risk and Controls to join our Calgary-based role plays a critical part in ensuring our IT systems remain compliant and secure. The ideal candidate will have strong experience with IT control programs a solid understanding of IT General Controls (ITGCs) and relevant regulatory frameworks in the energy and utilities sectors.
This role oversees the design implementation and improvement of ITGCs to maintain Sarbanes-Oxley (SOX) compliance supports cybersecurity and ensures alignment with industry standards and regulatory requirements to support risk mitigation and financial integrity.

As part of a new organization this individual will have the unique opportunity to rework and right-size our IT Controls programs. The role requires a strategic thinker with strong analytical abilities and a deep understanding of IT Controls principles.

What youll do
Lead the governance and execution of IT General Controls (ITGCs) across applications infrastructure data environments and support SOX compliance.
Support the execution of the Cybersecurity Threat Management Program to ensure regulatory compliance.
Ensure compliance with SOX and cybersecurity regulatory requirements such as TSA and CER.
Assess control effectiveness identify deficiencies and ensure adherence to internal policies and external regulations.
Analyze control gaps and deficiencies develop remediation plans and track resolution through to closure.
Oversee IT control programs from planning to execution ensuring alignment with business and regulatory requirements.
Act as the primary contact for internal and external auditors facilitate walkthroughs collect evidence and resolve issues.
Support controls related to regulatory compliance including privacy cybersecurity and operational risk.
Collaborate with IT cybersecurity operations and compliance teams to ensure integrated and sustainable control practices.
Monitor control performance and recommend enhancements to improve resilience efficiency and scalability.
Demonstrate strong analytical and problem-solving skills work independently and make sound decisions in a fast-paced environment.
Support IT risk assessments.

Minimum Qualifications
Bachelors degree in Information Technology Computer Science Cybersecurity Business with a focus on Information Systems / Information Technology or a related field.
At least 10 years of experience in IT controls IT audit or risk management preferably within the energy or utilities sector.
Proven experience in managing ITGCs and working with regulatory frameworks relevant to the industry.

Preferred Qualifications

Relevant certifications such as:
> Certified Information Systems Auditor (CISA)
> Certified in Risk and Information Systems Control (CRISC)
> Certified Information Security Manager (CISM)
> ISO 27001 Lead Implementer or Auditor
> ITIL Foundation or Practitioner
Strong understanding of IT governance risk and compliance frameworks.
Experience managing cybersecurity governance
Experience working for a Big 4 firm with experience managing a program or building out a function
Familiarity with industry-specific regulations
Experience assessing and remediating control deficiencies.
Excellent communication and stakeholder engagement skills.
Proficiency in GRC platforms audit tools and data analysis.
Ability to work independently with minimal supervision.

This position requires candidates to
Travel across North America to other company locations for temporary assignments meetings or training (estimated up 10% of work schedule)
Successfully complete pre-employment Bankruptcy Credit Civil and Criminal background checks

About our business

South Bows existing oil & liquids pipeline infrastructure connects Alberta crude oil supplies to U.S. refining markets in Illinois Oklahoma Texas and the U.S. Gulf Coast. We remain committed to meeting the energy needs of North Americans today while advancing our Liquids Pipelines System for the demands of the future. Connecting growing Canadian and U.S. crude oil supply to key markets leveraging existing assets and seeking new opportunities to continue to provide our customers with access to the destinations they need.

South Bow is an equal opportunity employer and participates in the E-Verify program supervised by the U.S. government.

Learn more

Visit us at and connect with us on our social media channels for our latest news employee stories community activities and other updates.

Thank you for choosing South Bow in your career search.

* Depending on qualifications the successful candidate may be offered a position at a more appropriate level and/or ladder.

* Applicants must have legal authorization to work in the country in which the position is based with no restrictions.

* All positions require background screening. Some require criminal and/or credit checks to comply with regulations.

* South Bow is committed to provide employment opportunities to all qualified individuals without regard to race religion age sex color national origin sexual orientation gender identity veteran status or disability. Accommodation for applicants with disabilities is available on request during the recruitment process. Applicants with disabilities can request accessible formats or communication supports by contacting .