Security Engineer IoT (f/m/d)

As an IoT Security Engineer you will help to build secure by design systems on our edge devices and in related cloud environments. You design, test, and implement robust security controls for IoT devices and demonstrate hands-on concepts. In your work you consider all relevant security considerations, analyzing and identifying potential security risks in IoT devices and systems. You continuously improve IoT and cloud related security controls including Device Authentication and Authorization, Encryption and Data Integrity, Vulnerability Management, Compliance. Together with the team you triage and select tooling, and design, roll out run incident management and risk management to improve overall security posture of IoT systems.

We offer speed, agility, and steep career growth. Our vision to make sustainable solar energy available to everyone can only come to life through our customer and product-oriented view, and the cooperation between software development, product management and lean, experiment-driven business development.

Join us to develop your professional skills, take part in the energy revolution, and let us take ownership of the sustainable change we want to see in the world together! We are looking forward to your application.

At Enpal, you'll be responsible for:

• building secure solutions. We are serious about delivering incremental value in each iteration, and we celebrate when we improve people's experience with our solution, make an impact towards our climate goals. 

• troubleshooting, identifying, and fixing problems. We are constantly improving the security of our applications and IT landscape and fixing issues as soon as they arise. 

• improving overall security. We're about improving stability, availability, automating as much as we can; including load tests and vulnerability scans. We are constantly challenging and improving company wide security, backup and HA strategies. 

• working on architecture & vision. We are fusing old and new technologies; cloud-native microservices, IoT applications, a Salesforce backbone, an event-driven architecture. This means we analyze new requirements critically to see which moving parts would have to change, explore opportunities to solve organization-spanning challenges with elegant and secure solutions. 

• steering for empathy and understanding. Only when we comprehend what the market needs we can create solutions that truly address underlying challenges. Ask critical questions and listen to operations, craftspeople, sales - there are so many stakeholders and users to get input from, and balancing their needs leads to the best solutions. 

Qualifications 

We are looking for roughly a 50% fit with for what we ask. The other 50% is a surprise to us, it is the magic you bring to the table and the diversity in which you make us grow. 

• you have over 5 years of experience in IT security, focused on IoT/OT or embedded operating systems. 

• you have a security-first mindset, and can navigate complex software, firmware and hardware architecture  

• you have extensive experience in identifying and understanding IoT threat landscape and in performing IoT security assessments. 

• Out of the following, you at least tick some of the boxes: implementing device authentication and attestation protocols, secure IoT network communication (MQTT, CoAP), identifying and remediating OS and dependency risks, device and fleet management.  

• your experience with CI/CD, Terraform, Docker, Azure, Kubernetes, C#, Python, CNAPP, Datadog is a plus. 

• you are communicative, can explain complex problems crisply and clearly, can create followership for security leadership 

• you communicate clearly in English, spoken and written. Crisp and concise ways of formulating your ideas and opinions. Knowledge of German is a plus. 

• you are inspired by the energy transition and want to make a difference. We are one of the biggest players in the solar business and want to make this change with you. 

• you want to participate in a company where empowerment and initiative is valued. We are looking for people who want to grow their personal skills and knowledge, take responsibility, steer and influence for what they feel is right. 

• you understand where to create impact: pragmatically, iteratively, agile – without compromising on a bar for quality for security.  

• Work in Germany's first green unicorn and actively shape the solar energy revolution. 

• The sun shines all over the world - at Enpal you will find a highly motivated and diverse team with more than 65 different nationalities. 

• Would you rather keep your pet company at home or your colleagues at the office? Even after the pandemic, we offer you a hybrid working model 

• We fulfill every start-up cliché - in our modern office in Berlin-Friedrichshain, you'll find everything your heart desires, from a ping-pong table and yoga corner to a roof terrace and stocked drinks fridges. 

• Your kick-start at Enpal - Get to know the company, your team colleagues and our founder Mario on your onboarding day. 

• Stay up to date - Whether it's company figures at our monthly all-hands meetings or how a photovoltaic system works at the Lunch & Learn, you'll always know exactly what's going on. 

• Energy transition only works together - At Enpal, you can expect a legendary team spirit and unforgettable team events. 

• No mistakes, no progress - We live a strong feedback culture and grow with your input, either personally or anonymously via our feedback tool Culture Amp. 

At Enpal, we are proud of the diversity of our team. No decisions are made on the basis of skin colour, religion or religious belief, ethnic or national origin, nationality, gender identity, sexual orientation, disability or age, either during recruitment or employment. Enpal stands for a safe workplace and takes action against discrimination and harassment of any kind.