Cloud & Infrastructure Security Engineer (m/f/d)

Mission Brief

You are the technical guardian of our digital infrastructure. At Isar Aerospace, securing the cloud and endpoint environment that builds our rockets is mission critical.

We are looking for a hands-on Cloud & Infrastructure Security Engineer who bridges the gap between Security Architecture and IT Operations. You are not just a consultant; you are a builder and an auditor. You wear two hats: the Engineer who configures complex security controls in Azure and Intune, and the Technical Auditor who verifies that IT operations meet the high standards required for a space company. You will act as the technical conscience of our environment, specifically within the Microsoft ecosystem (Azure, O365, Intune).

Your Role in Our Space Mission: 

• Secure the Microsoft Ecosystem: Go deep into the configurations of Microsoft Intune (Endpoint Manager) and Office 365. You will define and implement the exact policies required to secure our devices and applications.
• The Technical Auditor: You don't just trust; you verify. Act as the technical auditor for the IT team, checking their configurations against security baselines and providing guidance to close gaps.
• Identity & Access Architect: Implement and maintain the keys to the kingdom. You will manage Identity and Access Management (IAM) controls within Entra ID (Azure AD), ensuring strict MFA, Conditional Access, and Privileged Identity Management (PIM) enforcement.
• Defend the Perimeter: Operate and tune our security monitoring tools (SIEM, XDR) to separate signal from noise. When an alert fires, you investigate the root cause and coordinate remediation.
• Define the Hardening Standard: Develop and maintain the "Gold Standard" configuration baselines for our Operating Systems (Windows, Linux, macOS) and Cloud Services. You define what "secure" looks like.
• Automate the Defense: Use scripting to automate security checks, streamline incident response, and integrate disparate security tools.
• Collaborate & Document: Produce clear technical documentation and engineering standards. You translate complex security requirements into runbooks that the IT team can execute.

Qualification Checklist 

• Experience: 3–5+ years of experience in Information Security, Security Engineering, or Cloud Infrastructure, with a specific focus on the Microsoft ecosystem.
• Azure & Intune Mastery: Deep hands-on experience with Azure, Office 365, and Intune. You are comfortable navigating these portals to configure policies, not just view them
• Cloud Security Fluency: Experience with at least one major cloud platform (specifically Azure) and its native security services (Defender for Cloud, Sentinel).
• Technical Audit Mindset: You can "check the homework" of other teams. You know exactly where to look to verify if a server or endpoint is truly compliant with CIS benchmarks or internal standards.
• Incident Response Skills: Proficiency in log analysis and security telemetry. You can troubleshoot a security incident across network, endpoint, and cloud logs to find the smoking gun.
• Scripting Capability: Basic to intermediate scripting skills (e.g., PowerShell, Python) to automate administrative tasks and security validations.

Bonus Skills

• Network Security: Understanding of how SASE platforms (e.g., Netskope, Zscaler etc.) enforce protection at the network edge and network segmentation controls.
• Certifications: Microsoft certifications such as SC-200 (Security Operations Analyst), MS-500 (Security Administrator), or AZ-500 (Azure Security Technologies).
• Framework Knowledge: Experience applying CIS Benchmarks or similar hardening standards in a production environment.
• Network Security: Understanding of SASE principles and network segmentation controls.

Benefits 

• Employee Participation Program: Share in our success through our virtual company share program
• 30 days of vacation: Enjoy the days off to relax and recharge
• Company pension plan: Secure your future with our company pension plan, featuring a 20% employer contribution after the probation period
• Subsidised lunch: Stay energised with delicious, subsidised lunches every day
• Public transport ticket: Commute with ease using a fully financed Deutschlandticket
• Sport Clubs membership: Stay fit with our sponsored sports club memberships (EGYM Wellpass)
• Individual learning allowance: Grow your skills with an individual learning budget granted after the probation period
• Childcare allowance: Receive a childcare allowance for your non-school-age children
• And Much More! Discover additional perks and benefits when you join our team        

Who we are

We are Isar Aerospace and we are at the forefront of New Space building a modern space business to enable faster, better and cheaper access to space.

Our mission is to help democratise space and use it for good in order to improve life on Earth now and for the future generations.

We are a fast-growing company aiming to provide sustainable and environmentally friendly launch solutions for small and medium-sized satellites and constellations into Low Earth Orbit. The company is privately funded by world-leading technology investors with strong commitment and support and our team is made of driven and talented people with a real passion for space innovation.

We're making rockets in a way that hasn't been done before disrupting a traditional industry. If you are up for the challenge, want to work on cutting-edge projects and be part of a team changing the world for better, come, join us and launch your career!

Want to find out more about us?

Visit www.isaraerospace.com