Senior Cyber-Security Engineer (m/f/d)
- Full-time
Company Description
At Enpal, we are pursuing the dream of building the largest renewable community in Europe. How do we make that happen? Enpal finally simplifies providing solar energy: We rent out solar systems, electricity storage, and wall boxes at an all-inclusive rate, supplemented by a favorable green electricity tariff; all intelligently connected to form an integrated overall solution. True to the motto "digital, decentralized, and 100% renewable", our heart beats both for the rapid development of a company and for combating the greatest challenge of our generation - climate change.
Job Description
Policy Development and Governance:
- Develop, maintain, and enforce organizational security policies, standards, and procedures.
- Conduct regular reviews and updates to ensure compliance with frameworks like ISO27001, NIST, or SOC 2.
Security Operations and Incident Response:
- Lead the organization’s security monitoring efforts, identifying vulnerabilities and threats.
- Coordinate incident response efforts, ensuring swift and effective mitigation of security incidents.
Collaboration and Stakeholder Engagement:
- Partner with the IT Infrastructure team on the implementation and management of security tools (e.g., firewalls, endpoint protection).
- Work with the Tech Security team to review and improve security practices in software development and engineering.
- Liaise with external auditors and assessors for security compliance initiatives.
Awareness and Training:
- Develop and deliver security awareness programs, ensuring all employees understand their role in maintaining security.
- Stay updated on the latest security threats, trends, and solutions, sharing insights with internal teams.
Team Building and Leadership:
- Assist in recruiting and onboarding additional team members (e.g., Cyber-Security Engineer, Information Security Analyst).
- Mentor junior team members and promote a collaborative team environment.
Qualifications
- Bachelor’s degree in Cyber-Security, Information Technology, or a related field.
- Certifications such as CISSP, CISM, CEH, or ISO27001 Lead Implementer are highly desirable.
- 7+ years of experience in Cyber-Security roles, with expertise in security policies, incident response, and compliance frameworks.
- Proficiency with security tools (e.g., SIEM solutions, endpoint protection systems, and vulnerability scanners).
- Familiarity with Microsoft 365 security features (e.g., MS Defender, Entra) as well as CrowdStrike and network security concepts (e.g., VPN, firewalls).
- Strong leadership and stakeholder management skills.
- Excellent problem-solving and analytical abilities.
- Effective communication skills for both technical and non-technical audiences.
Additional Information
We're offering
- The chance to be part of a fast-growing and future-oriented startup: we are one of the biggest players in the solar business.
- Help to make the world a bit better: we are all about green energy.
- Work with the best in the industry and grow with us: there’s plenty of room for your ideas.
- A hybrid work model
At Enpal, we are proud of the diversity of our team. No decisions are made based on skin color, religion or religious belief, ethnic or national origin, nationality, gender identity, sexual orientation, disability, or age, either during recruitment or employment. We strongly encourage women, neurodivergent people, people of color, and LGBTQ(+) people to apply. Enpal stands for a safe workplace and takes action against discrimination and harassment of any kind.