Staff Engineer – Authentication & Authorization (f/m/x)

Company Description

At Enpal, we are building the largest renewable energy community in Europe — and we need a resilient, compliant, and well-governed Salesforce platform to support that scale. As a Senior Salesforce Administrator, you will focus on platform stability, data protection, access governance, and operational excellence across our Salesforce ecosystem. Your work will ensure that Salesforce remains secure, audit‑ready, and built for long‑term scalability.

Job Description

Role Mission

As a Staff Engineer for Authentication & Authorization, you will define and lead the identity and access strategy across Enpal’s digital and device ecosystem.

This Role Is Critical To Ensuring That

• Millions of device, user, and service interactions are secure by design
• Our platform scales safely across customers, partners, installers, and internal operations
• Identity becomes a shared platform capability, not reinvented per team
• We meet evolving compliance, privacy, and security requirements while maintaining developer velocity

You will operate as both an architect and a hands‑on engineer, shaping how identity, trust, and access are implemented across cloud services, IoT infrastructure, and customer‑facing applications.

What You Will Do

Define the Identity Architecture

• Own the end‑to‑end authentication and authorization model across Enpal systems.
• Design scalable identity solutions for:
  • Customer platforms and mobile/web apps
  • Internal operational tools and partner integrations
  • Machine‑to‑machine and event‑driven communication
  • Establish patterns for multi‑tenant identity and access control across markets and product lines

Build a Secure‑by‑Default Platform

• Lead implementation of modern protocols (OAuth2, OIDC, mTLS, SAML where required)
• Define standards for:
  • Fine‑grained authorization (RBAC / ABAC / policy‑based access)
  • Secure API access and gateway enforcement
  • Create reusable libraries, SDKs, and guardrails that make the secure path the easiest path

Drive Zero‑Trust and Cloud‑Native Security Practices

• Design identity‑aware infrastructure aligned with Zero Trust principles
• Integrate authentication into our Azure and Kubernetes environments
• Secure event‑driven systems and messaging infrastructure
• Collaborate with security teams on threat modeling and risk reduction

Enable Teams Through Platform Thinking

• Provide a shared identity platform used by multiple engineering domains
• Reduce duplication by standardizing authentication flows and access decisions
• Mentor teams on correct usage patterns and security best practices
• Balance strong security guarantees with usability and developer experience

Ensure Compliance, Privacy, and Auditability

• Support GDPR‑aligned identity handling and data minimization strategies
• Implement traceable authorization decisions and audit logging
• Contribute to regulatory and certification readiness

Qualifications

We are looking for roughly a 50% fit with what we ask. The other 50% is the perspective and strengths you bring.

Required Experience

• 8+ years in software engineering, including experience designing distributed systems.
• Proven experience designing or operating authentication and authorization systems at scale.
• Strong background in cloud‑native architectures and microservices.
• Hands‑on experience implementing identity protocols such as OAuth2, OIDC, or similar.
• Experience designing secure service‑to‑service communication patterns including the ability to translate security requirements into practical engineering solutions.
• Comfortable with Azure, Kubernetes, Terraform.
• Communicates clearly in English, spoken and written. Crisp and concise ways of formulating ideas and opinions. Knowledge of German is a plus.
• Inspired by the energy transition and wants to make a difference. We are one of the biggest players in the solar business and want to make this change with you.
• Wants to participate in a company where empowerment and initiative is valued. We are looking for people who want to grow their personal skills and knowledge, take responsibility, steer and influence for what they feel is right.
• Agile and lean values are embodied: people over processes, code over documentation, reducing waste by building minimum viable products first, testing it with real users, growing and maintaining solutions as requirements evolve.

Additional Information

We offer:

• The opportunity to shape identity foundations at one of Europe’s fastest‑growing energy companies.
• A hybrid work model with flexibility between remote work and our Berlin office.
• A mission‑driven environment contributing directly to the energy transition.
• A culture that values ownership, initiative, engineering excellence and continuous learning.

At Enpal, we are proud of the diversity of our team and provide a safe and inclusive workplace for everyone.