Information Security Officer

We are proud to announce the launch of Volkswagen Group’s largest cell factory, Power Co, in St. Thomas. This is more than just a job – it’s a unique opportunity to shape the future of sustainable energy. Join us as we ramp up operations and help build a world-class company.

At Power Co, we believe in fostering an environment where ambition meets collaboration, and where flexibility and creativity thrive. You'll be part of a diverse, talented team that is shaping the future of battery production. You’ll have the chance to advance your career while working alongside passionate colleagues who share a vision of making a lasting impact on the world.

Are you ready to be part of something exciting? Power up your career with us!

The Information Security Officer (ISO) for Power Co Canada is accountable for establishing, operating, and continuously improving the local information security program across IT and Operational Technology (OT). The ISO ensures that security controls, governance, and risk management practices align with Power Co/VW Group security requirements, Canadian regulatory expectations, and industry best practices—while enabling safe, reliable manufacturing operations.

This role leads the local implementation of security policies, drives risk assessments, coordinates incident response, and ensures security is embedded in key programs such as factory IT/OT networks, business applications, MES/quality systems, end‑user computing, vendor services, and cloud integrations.

• Support the implementation and operation of the local ISMS (ISO 27001 aligned) under guidance from Corporate Info Sec
• Contribute to information security governance, risk, and compliance activities at the site level
• Assist in maintaining the risk register, performing risk assessments, and tracking mitigation actions
• Support selection and adaptation of security control frameworks in alignment with corporate standards
• Ensure compliance with applicable regulations, policies, and standards
• Contribute to reporting for local management and the CISO

• Support the protection of confidentiality, integrity, and availability (CIA) of IT and OT systems
• Work with engineering and operations to implement security controls for industrial environments (MES, production networks)
• Ensure security principles are considered in system design and implementation
• Assist in identifying and mitigating risks specific to factory and OT environments

• Support incident response activities, including investigation and documentation of security events
• Participate in major incident investigations and contribute to root cause analysis and corrective actions
• Assist in vulnerability management, including tracking remediation and validating closure
• Work with SOC/CSIRT and service providers to ensure effective operational security

• Support vendor security assessments and onboarding activities
• Ensure security requirements are understood and applied in supplier engagements
• Assist in monitoring third‑party compliance and risk mitigation actions

• Contribute to the implementation of security and safety strategies defined at corporate or site level
• Provide practical security guidance to IT, OT, and project teams
• Support integration of security requirements into projects, systems, and solutions
• Align local implementations with global security standards and architecture

• Support the rollout and adaptation of global information security strategy at the site level
• Deliver and coordinate security awareness and training initiatives
• Promote a security‑conscious culture across IT, OT, and business teams

• Prepare regular reports on risks, incidents, and compliance status for local leadership
• Support communication and alignment with corporate security and CISO organization
• Take ownership of assigned security domains or controls, ensuring effective implementation and maintenance
• Contribute to audit preparation and remediation tracking