IN SHORT
Within the IT Infrastructure and Operations division, we are looking for an IT Directory Services Engineer (m/f/d) – responsible for the management, security, system integration and performance of directory services in the Microsoft and M365 environments.
SEFE – Securing Energy for Europe – is looking for an experienced Identity & Directory Services Engineer to take charge of and further develop our hybrid Microsoft identity infrastructure. You will ensure that our approximately 2,000 employees across 10 European locations can access their systems securely and seamlessly.
This role is the right move for you if you are thoroughly familiar with Active Directory and Entra ID, regard security and compliance as a given, and are keen to build sustainable structures within a stable, purpose-driven organisation.
WHAT WILL YOU DO
Key responsibilities (daily)
Administration and operation of Active Directory (on-premises) and Entra ID (Azure AD), including hybrid synchronisation
Management of user accounts, groups, roles and access rights in accordance with the principle of least privilege
Troubleshooting and incident handling relating to identity and authentication issues
Monitoring of directory services: performance, replication, health status
The focus is on stable operation, targeted development and effective troubleshooting – not on ongoing project or migration work.
Strategic tasks (regular)
Further development of our IAM policies and access controls
(RBAC, PAM, Conditional Access)
Ensuring compliance and regulatory requirements
(GDPR, ISO 27001, internal policies)
Contributing to the further development of our M365 environment
(Exchange Online, Intune, Teams)
Developing and maintaining automation scripts (PowerShell) for lifecycle processes
Backup and disaster recovery procedures for directory services
Collaboration
Close coordination with the Network, Security and Cloud teams, as well as with
application owners
Stakeholder communication regarding changes to access rights and identity processes
Architectural decisions and central security governance are the responsibility of specialised teams; this role implements them operationally.
WHAT WILL YOU BRING
Must-have
3+ years’ experience with MS Active Directory
Solid knowledge of Entra ID / Azure AD
Experience with hybrid identity environments
PowerShell scripting for AD automation
Knowledge of RBAC, Conditional Access and MFA
Fluent in German (C1), confident in English (B2)
Structured, independent working style
Nice-to-have
Experience with Intune / Exchange Online
Knowledge of Azure DevOps and Terraform
Familiarity with other IAM tools (e.g. One Identity)
Certifications (e.g. AZ-104, SC-300 or equivalent)
Experience with SIEM or log analysis (e.g. Sentinel)
Familiarity with security standards / frameworks (e.g. ISO/IEC 27001, NIST) and a structured approach to changes and projects.
ABOUT US
SEFE is an international energy company anchored in Europe, delivering energy solutions that ensure reliable and affordable supply. Our activities span the entire energy value chain – from origination and trading to sales, transport and storage. With decades of trading expertise and a growing LNG portfolio, SEFE is one of Europe’s leading suppliers to industrial customers, providing more than 200 TWh of gas and power each year. We supply over 50,000 clients, from small businesses to municipalities and multinational organisations. By investing in clean energies, we support our customers on their decarbonisation journey and contribute to the energy transition. SEFE employs over 2,000 people worldwide and is owned by the Federal Government of Germany.
Securing energy – now and for the future.
OUR BENEFITS
We stand for an inclusive environment that promotes diversity and supports and values the development of knowledge and skills. Regardless of your position, we offer you plenty of creative freedom and a pleasant atmosphere that encourages you to get involved and think outside the box. In addition, there are numerous company benefits, such as:
- Flexible working hours with the option of hybrid working.
- Attractive remuneration package.
- Appealing working environment in a central location.
- Team-oriented environment with an open feedback culture.
- Company restaurant with a healthy and varied selection of food.
- Job ticket and bike leasing.
- Pension and company sports programmes.
- Company pension scheme.
- 30 days of holiday plus special leave.
#LI-KP1