Security Engineer

About The Position

Requirements

• 5–8+ years of experience in cybersecurity, security engineering, or IT security
• Proven experience managing or supporting ISO 27001, TISAX, or similar audits
• Hands-on experience completing security questionnaires and audit evidence collection
• Strong experience writing and maintaining IT/security policies
• Technical expertise in Microsoft 365 Security, Entra ID, and endpoint protection platforms
• Experience working in multi-site or manufacturing environments preferred
• Strong analytical, documentation, and communication skills

Nice To Haves

• Certifications such as CISSP, CISM, Security+, AZ-500, or SC-200
• Experience with Microsoft Sentinel or other SIEM platforms
• Familiarity with ISMS lifecycle and risk management frameworks
• Experience supporting automotive/OEM customer security requirements
• Exposure to manufacturing systems such as QAD

Responsibilities

• Lead and manage all cybersecurity audits, including ISO 27001 and TISAX assessments
• Own audit readiness including control validation, evidence collection, and auditor coordination
• Act as the primary owner for customer, OEM, and third-party security questionnaires
• Track audit findings, assign remediation actions, and ensure timely closure
• Maintain audit artifacts and ensure continuous compliance posture
• Partner with IT and business teams to ensure controls are implemented and operating effectively
• Own and maintain all IT and information security policies, standards, and procedures
• Align policies with ISO 27001 Annex A and TISAX requirements
• Ensure policies are practical, enforceable, and aligned to business operations
• Drive policy lifecycle including creation, review, approval, and updates
• Support development and ongoing maturity of CSP’s ISMS
• Implement and maintain security controls across identity, endpoints, and Microsoft 365
• Administer and secure Microsoft Entra ID (Azure AD) and Active Directory
• Enforce least privilege access, MFA, Conditional Access, and identity governance
• Manage Microsoft Defender suite across endpoint, identity, and Office 365
• Support incident detection, investigation, and response
• Secure Microsoft 365 (Exchange, SharePoint, Teams, OneDrive)
• Manage device compliance using Intune and endpoint management tools
• Monitor environment for threats and respond to alerts
• Implement hardening standards and baseline configurations
• Support and standardize security controls across manufacturing plant environments
• Engineer and support badge access control, video surveillance, and door systems
• Partner with plant IT and facilities to maintain physical security systems
• Ensure alignment of physical security with audit and compliance requirements
• Support vulnerability management and remediation tracking
• Conduct risk assessments and gap analyses
• Identify opportunities to improve security posture through automation and tooling
• Maintain documentation to support audit readiness and operational excellence

Benefits

• affordable medical, dental, and vision care
• flexible spending accounts
• life insurance
• 401k with company match