Information Systems Audit Manager at CPKC

Join CPKC, North America’s first transnational railroad connecting U.S., Canada, and Mexico, where your career drives progress and safety is paramount. We connect communities, fuel economic growth, and provide meaningful work in a culture that values diversity, accountability, and pride. With opportunities for training, development, and advancement, you’re not just building a career—you’re part of something bigger. Together, we move goods, connect people, and create lasting change. Your future starts here.

PURPOSE OF THE POSITION:

The IS Audit Manager will lead complex information systems audits across CPKC and its subsidiaries, providing actionable recommendations to strengthen controls and mitigate risks. This role is responsible for executing and enhancing the IS audit program, managing multiple priorities, and ensuring clear communication of results to management. Key areas of focus include Cybersecurity, IT Governance, IT Infrastructure Audits, Cloud Security, Data Protection, SAP Audits, Industrial Control Systems, Supervisory Control and Data Acquisition reviews, supporting the modernization of the internal audit function.

POSITION ACCOUNTABILITIES:

• Support the development and implementation of a risk-based IS audit plan to provide CPKC Management and the Board of Directors with an independent, objective assessment of the design and operating effectiveness of information system controls
• Conduct risk-based planning, fieldwork, reporting, and supervision of IS audit and advisory engagements
• Complete engagements effectively within scope and budget, in accordance with established standards and IT frameworks
• Perform root cause analysis for non-compliance and other audit observations, and provide value-added recommendations and management insights
• Present audit reports to management at various levels and obtain clear action plans that address identified business risks
• Communicate results through strong presentation, negotiation, and report-writing skills, and support an effective follow-up program to ensure timely corrective action on risk exposures
• Follow up with management on action plans to ensure they adequately address risks; participate in developing the annual audit plan and maintaining the IS audit universe
• Maintain objectivity and independence while fostering positive, professional relationships with management
  
  

POSITION REQUIREMENTS:

• University degree in Computer Science, Information Systems, or another relevant field required
• Minimum of 8 years in Technology and 5 years in Audit/Risk experience
• Proven experience leading large IS audits and projects in the specialized IS areas noted above, with strong results delivered
• CISA certification is required; CISSP, CISM, and CIA certifications are considered an added advantage.
• Experience using NIST 800-53, NIST Cybersecurity Framework, Center for Internet Security (CIS), ISO 27001/2, COBIT, ITIL, and CMMI for various audits
• Expert knowledge of IT Risk Management practices and strong business acumen, including applying advanced analytics aligned with modernized audit principles and techniques
• Understanding of the rail industry would be considered an asset
  
  

WHAT CPKC HAS TO OFFER:

• Flexible and competitive benefits package
• Competitive company pension and/or retirement plans
• Employee share purchase plan
• Annual fitness subsidy
• Part-time studies program
  
  

Background Investigation

• Criminal history check
• Education verification
• Professional references
  
  

BECOMING A RAILROADER:

As an employee with a North American presence, the possibility does exist that the location of your position may be changed based on organizational requirements.

Management Conductor Program

Becoming a qualified conductor or locomotive engineer is the single best way for a management employee to learn the business at CPKC. You may be required to obtain a certification or to maintain your current certification/qualification as a conductor or locomotive engineer.

CULTURE OF INCLUSION:

For our U.S. applicants, CPKC is an equal opportunity/affirmative action employer, inclusive of protected veterans and individuals with disabilities. For Canadian applicants CPKC is an employment equity employer committed to the principles of employment equity and inclusion. We encourage all qualified candidates to apply including: women, Black, Indigenous, People of Color (BIPOC), members of the LGBTQ+ community and people with disabilities. Accommodation for the job application process can be provided, as appropriate, upon request. All applicant information will be managed in accordance with the federal Personal Information Protection and Electronic Documents Act (PIPEDA).

• Req ID: 105353
• Department: Finance & Accounting
• Job Type: Full-Time
• Position Type: Non-Union
• Location: Calgary, Alberta
• Country: Canada
• % of Travel: 0-10%
• # of Positions: 1
• Job Grade: 3
• Job Available to: Internal & External