IT Security Engineer

Your assignments

• 
  

  Act as the primary security subject matter expert for sciCORE infrastructures and research-support services

  
  


• 
  

  Contribute proactively to the secure architecture and operation of sciCORE services, including security-related tools, HPC systems, web applications, trusted research environments (sciCORE+), networking and related tools, identity and access management, shared filesystems, data-transfer services, and scientific software environments

  
  


• 
  

  Perform risk assessments and security reviews for new services, research projects, infrastructure changes, and external collaborations

  
  


• 
  

  Translate security requirements into practical, researcher-friendly solutions that preserve scientific usability while managing institutional and technical risk

  
  


• 
  

  Align technical security measures with data classification, data protection requirements, institutional policies, and relevant security frameworks

  
  


• 
  

  Identify and address security gaps in sciCORE systems by monitoring current threats, reviewing vulnerabilities and configurations, and validating the effectiveness of security controls

  
  


• 
  

  Conduct and review vulnerability scans, hardening assessments, configuration checks, access-control reviews, and other security-control validations

  
  


• 
  

  Maintain and improve security practices, policies, procedures, technical documentation, and audit evidence for sciCORE environments

  
  


• 
  

  Support secure identity and access management practices, including user and project access lifecycles, SSH key and MFA policies, privileged access, service-account governance, and periodic access reviews

  
  


• 
  

  Collaborate closely with the Systems Team, the Head of sciCORE, university security bodies, researchers, and external partners on security-related projects and operational security topics

  
  


• 
  

  Advise researchers and internal service teams on secure implementation of scientific workflows, especially where sensitive data, external collaborations, automated data transfers, cloud services, or AI/ML tools are involved

  
  


• Participate in regional, national, and international research IT security communities, including working groups, conferences, and workshops

Your profile

• Master’s degree in computer science, cybersecurity, information systems, computational science, or equivalent professional experience


• At least three years of experience in IT security, systems security, or secure infrastructure operations in Linux-based environments, preferably in research computing, HPC, cloud, large-scale storage, or web-application environments


• Strong practical experience with core IT security processes, including risk assessment, vulnerability management, system hardening, logging, monitoring, auditing, control validation, penetration testing and evidence collection, and technical documentation


• Familiarity with networking technologies and architectures (VLANs, DMZ, firewall management) and virtual environments


• Experience with identity and access management in complex environments, including SSH, MFA, service accounts, privileged access, group- or project-based access controls, and access reviews


• Familiarity with implementation of security frameworks and compliance-oriented security controls, such as the NIST Cybersecurity Framework, CIS Controls, and ISO 27001, considering data classification and data protection regulations, and audit requirements


• Experience with automation and reproducible infrastructure practices, including infrastructure as code, version control, configuration management, shell scripting, and Python


• Ability to write clear technical documentation, reports, and audit-oriented evidence for technical and non-technical audiences


• Strong communication and coordination skills, with the ability to work effectively with technical peers, researchers, management, institutional security teams, SOCs, and external partners


• High level of integrity, reliability, discretion, and accountability
  
  

• Practical understanding of HPC or research computing environments, including multi-user systems, batch schedulers, shared file systems, scientific workflows, data-transfer services, and their specific security challenges


• Familiarity with software supply-chain security, including package managers, software container images, dependency risks, code provenance, vulnerability scanning, and reproducible deployment practices


• Understanding of backup, recovery, and ransomware-resilience concepts in large-scale Linux and storage environments


• Ability to understand and adapt code, queries, or configuration in other languages commonly encountered in research computing environments


• Knowledge of the rapidly evolving AI/LLM landscape


• Working knowledge of Windows and macOS

We offer you

• 
  

  An essential role securing research infrastructure at the University of Basel

  
  


• 
  

  The opportunity to work at the interface of high-performance computing, sensitive research data, cybersecurity, and scientific innovation

  
  


• 
  

  A collaborative and interdisciplinary working environment with highly qualified technical and scientific colleagues

  
  


• 
  

  The opportunity to shape security practices for a complex academic research computing environment

  
  


• Close collaboration with university security bodies, national research infrastructure initiatives, and external security communities


• Support for your professional development through training, continuing education, and participation in relevant conferences, workshops, and professional networks


• The University of Basel is an equal opportunity and family-friendly employer committed to excellence through diversity.