Staff Engineer – Authentication & Authorization (f/m/x)
Enpal B.V.JobsCloseBy Editorial Insights
Enpal is hiring a Staff Engineer for Authentication & Authorization to own the end-to-end identity architecture across cloud services, IoT devices, and customer apps, blending hands-on delivery with strategic design to enable zero-trust security at scale. You will shape multi-tenant identity patterns, implement modern protocols (OAuth2, OIDC, mTLS, SAML where needed), define fine-grained access (RBAC ABAC policy-based), secure API gateways, and build reusable libraries that make secure paths the easy path. Requirements include 8+ years in software engineering, cloud-native microservices, experience with identity at scale, Azure Kubernetes Terraform, and strong English communication. If GDPR, auditability, and a shared platform approach excite you, share concrete impact and cross-team collaboration in your application.
Company Description
At Enpal, we are building the largest renewable energy community in Europe — and we need a resilient, compliant, and well-governed Salesforce platform to support that scale. As a Senior Salesforce Administrator, you will focus on platform stability, data protection, access governance, and operational excellence across our Salesforce ecosystem. Your work will ensure that Salesforce remains secure, audit-ready, and built for long-term scalability.
Job Description
Role Mission
As a Staff Engineer for Authentication & Authorization, you will define and lead the identity and access strategy across Enpal’s digital and device ecosystem.
This role is critical to ensuring that:
Millions of device, user, and service interactions are secure by design
Our platform scales safely across customers, partners, installers, and internal operations
Identity becomes a shared platform capability, not reinvented per team
We meet evolving compliance, privacy, and security requirements while maintaining developer velocity
You will operate as both an architect and a hands-on engineer, shaping how identity, trust, and access are implemented across cloud services, IoT infrastructure, and customer-facing applications
What You Will Do
Define the Identity Architecture
Own the end-to-end authentication and authorization model across Enpal systems.
Design scalable identity solutions for:
Customer platforms and mobile/web apps
Internal operational tools and partner integrations
Machine-to-machine and event-driven communication
Establish patterns for multi-tenant identity and access control across markets and product lines
Build a Secure-by-Default Platform
Lead implementation of modern protocols (OAuth2, OIDC, mTLS, SAML where required)
Define standards for:
Fine-grained authorization (RBAC / ABAC / policy-based access)
Secure API access and gateway enforcement
Create reusable libraries, SDKs, and guardrails that make the secure path the easiest path
Drive Zero-Trust and Cloud-Native Security Practices
Design identity-aware infrastructure aligned with Zero Trust principles
Integrate authentication into our Azure and Kubernetes environments
Secure event-driven systems and messaging infrastructure
Collaborate with security teams on threat modeling and risk reduction
Enable Teams Through Platform Thinking
Provide a shared identity platform used by multiple engineering domains
Reduce duplication by standardizing authentication flows and access decisions
Mentor teams on correct usage patterns and security best practices
Balance strong security guarantees with usability and developer experience
Ensure Compliance, Privacy, and Auditability
Support GDPR-aligned identity handling and data minimization strategies
Implement traceable authorization decisions and audit logging
Contribute to regulatory and certification readiness
Qualifications
Qualifications
We are looking for roughly a 50% fit with what we ask. The other 50% is the perspective and strengths you bring
Required Experience
8+ years in software engineering, including experience designing distributed systems
Proven experience designing or operating authentication and authorization systems at scale
Strong background in cloud-native architectures and microservices
Hands-on experience implementing identity protocols such as OAuth2, OIDC, or similar.
Experience designing secure service-to-service communication patterns including the ability to translate security requirements into practical engineering solutions
Feel comfortable with: Azure, Kubernetes, Terraforn
you communicate clearly in English, spoken and written. Crisp and concise ways of formulating your ideas and opinions. Knowledge of German is a plus
you are inspired by the energy transition and want to make a difference. We are one of the biggest players in the solar business and want to make this change with you.
you want to participate in a company where empowerment and initiative is valued. We are looking for people who want to grow their personal skills and knowledge, take responsibility, steer and influence for what they feel is right.
agile and lean values are embodied by you. People over processes. Code over documentation. Reducing waste by building minimum viable products first, testing it with real users, growing and maintaining solutions as requirements evolve.
Additional Information
We offer:
The opportunity to shape identity foundations at one of Europe’s fastest-growing energy companies
A hybrid work model with flexibility between remote work and our Berlin office
A mission-driven environment contributing directly to the energy transition
A culture that values ownership, initiative, engineering excellence and continuous learning
At Enpal, we are proud of the diversity of our team and provide a safe and inclusive workplace for everyone