Security Engineer

Position Summary CSP is seeking a hands-on Security Engineer to lead and execute cybersecurity and compliance initiatives across a multi-site manufacturing environment. This role owns end-to-end management of security audits, including ISO 27001 and TISAX, and serves as the primary point of accountability for audit readiness, security questionnaires, and IT policy lifecycle management. The Security Engineer will ensure CSP maintains a strong, scalable, and audit-ready security posture aligned with customer, regulatory, and industry requirements while supporting business operations across corporate and plant locations.Audit & Compliance Ownership Lead and manage all cybersecurity audits, including ISO 27001 and TISAX assessmentsOwn audit readiness including control validation, evidence collection, and auditor coordinationAct as the primary owner for customer, OEM, and third-party security questionnairesTrack audit findings, assign remediation actions, and ensure timely closureMaintain audit artifacts and ensure continuous compliance posturePartner with IT and business teams to ensure controls are implemented and operating effectivelyPolicy & Governance Management Own and maintain all IT and information security policies, standards, and proceduresAlign policies with ISO 27001 Annex A and TISAX requirementsEnsure policies are practical, enforceable, and aligned to business operationsDrive policy lifecycle including creation, review, approval, and updatesSupport development and ongoing maturity of CSP’s ISMSSecurity Engineering & Operations Implement and maintain security controls across identity, endpoints, and Microsoft 365Administer and secure Microsoft Entra ID (Azure AD) and Active DirectoryEnforce least privilege access, MFA, Conditional Access, and identity governanceManage Microsoft Defender suite across endpoint, identity, and Office 365Support incident detection, investigation, and responseEndpoint & M365 Security Secure Microsoft 365 (Exchange, SharePoint, Teams, OneDrive)Manage device compliance using Intune and endpoint management toolsMonitor environment for threats and respond to alertsImplement hardening standards and baseline configurationsPlant & Physical Security Systems Support and standardize security controls across manufacturing plant environmentsEngineer and support badge access control, video surveillance, and door systemsPartner with plant IT and facilities to maintain physical security systemsEnsure alignment of physical security with audit and compliance requirementsMonitoring, Risk & Continuous Improvement Support vulnerability management and remediation trackingConduct risk assessments and gap analysesIdentify opportunities to improve security posture through automation and toolingMaintain documentation to support audit readiness and operational excellenceQualifications Required 5–8+ years of experience in cybersecurity, security engineering, or IT securityProven experience managing or supporting ISO 27001, TISAX, or similar auditsHands-on experience completing security questionnaires and audit evidence collectionStrong experience writing and maintaining IT/security policiesTechnical expertise in Microsoft 365 Security, Entra ID, and endpoint protection platformsExperience working in multi-site or manufacturing environments preferredStrong analytical, documentation, and communication skillsPreferred Certifications such as CISSP, CISM, Security+, AZ-500, or SC-200Experience with Microsoft Sentinel or other SIEM platformsFamiliarity with ISMS lifecycle and risk management frameworksExperience supporting automotive/OEM customer security requirementsExposure to manufacturing systems such as QAD