Security Engineer

Audit & Compliance Ownership 

• Lead and manage all cybersecurity audits, including ISO 27001 and TISAX assessments 

• Own audit readiness including control validation, evidence collection, and auditor coordination 

• Act as the primary owner for customer, OEM, and third-party security questionnaires 

• Track audit findings, assign remediation actions, and ensure timely closure 

• Maintain audit artifacts and ensure continuous compliance posture 

• Partner with IT and business teams to ensure controls are implemented and operating effectively 

Policy & Governance Management 

• Own and maintain all IT and information security policies, standards, and procedures 

• Align policies with ISO 27001 Annex A and TISAX requirements 

• Ensure policies are practical, enforceable, and aligned to business operations 

• Drive policy lifecycle including creation, review, approval, and updates 

• Support development and ongoing maturity of CSP’s ISMS 

Security Engineering & Operations 

• Implement and maintain security controls across identity, endpoints, and Microsoft 365 

• Administer and secure Microsoft Entra ID (Azure AD) and Active Directory 

• Enforce least privilege access, MFA, Conditional Access, and identity governance 

• Manage Microsoft Defender suite across endpoint, identity, and Office 365 

• Support incident detection, investigation, and response 

Endpoint & M365 Security 

• Secure Microsoft 365 (Exchange, SharePoint, Teams, OneDrive) 

• Manage device compliance using Intune and endpoint management tools 

• Monitor environment for threats and respond to alerts 

• Implement hardening standards and baseline configurations 

Plant & Physical Security Systems 

• Support and standardize security controls across manufacturing plant environments 

• Engineer and support badge access control, video surveillance, and door systems 

• Partner with plant IT and facilities to maintain physical security systems 

• Ensure alignment of physical security with audit and compliance requirements 

Monitoring, Risk & Continuous Improvement 

• Support vulnerability management and remediation tracking 

• Conduct risk assessments and gap analyses 

• Identify opportunities to improve security posture through automation and tooling 

• Maintain documentation to support audit readiness and operational excellence 

Qualifications 

• 5–8+ years of experience in cybersecurity, security engineering, or IT security 

• Proven experience managing or supporting ISO 27001, TISAX, or similar audits 

• Hands-on experience completing security questionnaires and audit evidence collection 

• Strong experience writing and maintaining IT/security policies 

• Technical expertise in Microsoft 365 Security, Entra ID, and endpoint protection platforms 

• Experience working in multi-site or manufacturing environments preferred 

• Strong analytical, documentation, and communication skills 

Preferred 

• Certifications such as CISSP, CISM, Security+, AZ-500, or SC-200 

• Experience with Microsoft Sentinel or other SIEM platforms 

• Familiarity with ISMS lifecycle and risk management frameworks 

• Experience supporting automotive/OEM customer security requirements 

• Exposure to manufacturing systems such as QAD