Senior Security Engineer (f/m/x)

Company Description

At Enpal, we are pursuing the dream of building the largest renewable community in Europe. How do we make that happen? Enpal finally simplifies providing solar energy: We rent out solar systems, electricity storage, and wall boxes at an all-inclusive rate, supplemented by a favorable green electricity tariff; all intelligently connected to form an integrated overall solution. True to the motto "digital, decentralized, and 100% renewable", our heart beats both for the rapid development of a company and for combating the greatest challenge of our generation - climate change. 

Job Description

The Senior Security Engineer is responsible for designing, implementing, and continuously improving security controls across the corporate IT environment with a strong focus on the Microsoft ecosystem. This role partners closely with IT Infrastructure and other stakeholders to define security requirements, deploy technical guardrails, and reduce risk through measurable improvements to the organization’s security posture. 

Security Engineering & Control Implementation 

• Implement and maintain technical security controls across corporate systems and endpoints (e.g., endpoint security controls, secure configuration baselines, productivity platform security settings). 
• Drive continuous hardening of corporate IT environments through configuration standards, secure defaults, and controlled exception handling. 
• Define and maintain security baselines and guardrails that can be rolled out safely at scale in partnership with IT. 

Architecture & Security Requirements 

• Define security requirements for corporate IT initiatives and changes, ensuring security-by-design. 
• Create and maintain reference architectures, security patterns, and implementation guidelines for common use cases. 
• Review high-impact designs and changes to ensure they align with defined security standards. 

Exposure Reduction 

• Establish and operate a practical approach to vulnerability and configuration risk reduction, including prioritization guidance and remediation expectations. 
• Drive remediation with IT teams and verify closure (patching and configuration hardening), based on risk and active threats. 

Platform Guardrails & Emerging Risks 

• Implement technical guardrails for high-growth risk areas (e.g., SaaS sprawl, Shadow IT/AI usage, low-code/no-code platform governance). 
• Support secure adoption of new tools and capabilities by defining security configurations and monitoring requirements. 

Collaboration & Stakeholder Engagement 

• Work closely with IT Infrastructure/Workplace teams to plan rollouts, validate impacts, and maintain stability while raising security posture. 
• Support Security Operations during incidents with engineering input (containment options, hardening improvements, root-cause remediation recommendations). 
• Contribute to internal security documentation (standards, runbooks, technical implementation notes). 

Qualifications

Technical Skills and Experience 

• 7+ years of experience in Cyber-Security roles, with expertise in security policies, incident response, and compliance frameworks. 
• Proven experience in security engineering and/or security architecture within an enterprise environment with significant Microsoft footprint. 
• Strong hands-on knowledge of several of the following: Microsoft Defender suite, Microsoft Intune, Microsoft 365 security configurations, Entra ID security concepts, Azure Sentinel, Microsoft Purview. 
• Practical ability to implement and operate security controls across endpoint, identity-adjacent, and productivity/SaaS environments. 
• Experience defining security requirements, hardening standards, and scalable guardrails (including rollout strategy and exception handling). 
• Working knowledge of security monitoring concepts (logging requirements, alerting readiness, operational handoffs). 
• Familiarity with ISO/IEC 27001 and NIS2 (and the ability to translate control requirements into practical technical implementations and evidence) is a strong plus. 

Soft Skills 

• Strong stakeholder management skills, able to influence and align teams without formal authority. 
• Clear written and verbal communication with both technical and non-technical audiences. 
• Pragmatic, risk-based mindset with strong ownership and follow-through. 

Qualifications 

• Bachelor’s degree in information security, Computer Science, IT, or a related field (or equivalent experience). 
• Security certifications are a plus (e.g., CISSP, CISM, vendor certifications), but practical delivery experience is most important. 

Additional Information

We're offering:

• Work in Germany's first green unicorn and actively shape the solar energy revolution. 
• The sun shines all over the world - at Enpal you will find a highly motivated and diverse team with more than 65 different nationalities. 
• Would you rather keep your pet company at home or your colleagues at the office? Even after the pandemic, we offer you a hybrid working model 
• We fulfill every start-up cliché - in our modern office in Berlin-Friedrichshain or Stuttgart-West, you'll find everything your heart desires, for example a roof terrace and stocked drinks fridges. 
• Your kick-start at Enpal - Get to know the company, your team colleagues and our founder Mario on your onboarding day. 
• Stay up to date - Whether it's company figures at our monthly all-hands meetings or how a photovoltaic system works at the Lunch & Learn, you'll always know exactly what's going on. 
• Energy transition only works together - At Enpal, you can expect a legendary team spirit and unforgettable team events. 
• No mistakes, no progress - We live a strong feedback culture and grow with your input, either personally or anonymously via our feedback tool Culture Amp. 

At Enpal, we are proud of the diversity of our team. No decisions are made on the basis of skin color, religion or religious belief, ethnic or national origin, nationality, gender identity, sexual orientation, disability or age, either during the recruitment process or during the employment relationship. Enpal stands for a safe workplace and takes action against discrimination and harassment of any kind.