Staff Software Security Engineer (f/m/d)

Berlin, GermanyPosted 1 month agoFull-time

IT Security & Cybersecurity

Job details

Job description

As a Staff Software Security Engineer (f/m/d), you will be responsible for ensuring the security of our applications throughout the software development lifecycle (SDLC). You will work closely with development, product, and DevOps teams to embed security practices, conduct threat modeling, and lead secure code reviews.

We offer speed, agility, and steep career growth. Our vision to make sustainable solar energy available to everyone can only come to live through our customer and product-oriented view, and the cooperation between software development, product management and lean, experiment-driven business development.

Join us to develop your professional skills, take part in the energy revolution, and let us take ownership of the sustainable change we want to see in the world together! We are looking forward to your application.

At Enpal, you would be

· building secure solutions. We are serious about delivering incremental value in each iteration, and we celebrate when we improve people's experience with our solution, make an impact towards our climate goals.

· adopting Shift-Left and Zero-Trust approaches. We emphasize proactive and continuous security measures, helping us stay ahead of potential threats and ensuring robust protection of assets, applications and services.

· developing application Security Program: Partner with software engineering and product teams to embed security across all stages of the SDLC (design, development, testing, deployment).

· conducting Threat Modeling & Risk Assessment: Lead threat modeling sessions, drive secure design and code reviews, and perform application-level risk assessments.

· establishing Security Training & Mentorship: Serve as a hands-on security advisor to developers by offering training, guidance, and support on secure software development practices and security champions development.

· enforcing Secure Coding Standards: Define, maintain, and enforce secure coding standards, guidelines, and reusable security patterns across development teams.