IT Security Engineer

sciCORE is the center of competence for scientific computing at the University of Basel, the oldest university in Switzerland and consistently ranked among the best universities in the world. The University is highly research-oriented, with particular strengths in life sciences and  medicine, as well as growing strategic focus areas in data science and artificial intelligence. sciCORE provides advanced infrastructure and expert services for data- and compute-intensive research, including high-performance computing, scientific data processing and storage, secure research data environments, consulting, and training. Our work supports a community of over 2000 researchers across disciplines and connects large-scale technical infrastructure with sensitive data environments, national and international research initiatives, and close collaboration with university and external partners.

To strengthen the security of our research computing environments, we invite applications for an IT Security Engineer, 80–100%. The position is embedded within sciCORE and works closely with the Systems Team, the Head of sciCORE, university security bodies, and external partners such as the Swiss Personalized Health Network (SPHN/BioMedIT), and the Swiss Institute of Bioinformatics (SIB).

At sciCORE, you will be part of a highly motivated and collaborative team of specialists, including systems administrators, scientific software engineers, data infrastructure managers, data analysts, and research-support professionals. You will contribute to enabling cutting-edge research by helping ensure that our infrastructure, services, and workflows are secure, reliable, auditable, and aligned with data protection and compliance requirements.

• Act as the primary security subject matter expert for sciCORE infrastructures and research-support services
• Contribute proactively to the secure architecture and operation of sciCORE services, including security-related tools, HPC systems, web applications, trusted research environments (sciCORE+), networking and related tools, identity and access management, shared filesystems, data-transfer services, and scientific software environments
• Perform risk assessments and security reviews for new services, research projects, infrastructure changes, and external collaborations
• Translate security requirements into practical, researcher-friendly solutions that preserve scientific usability while managing institutional and technical risk
• Align technical security measures with data classification, data protection requirements, institutional policies, and relevant security frameworks
• Identify and address security gaps in sciCORE systems by monitoring current threats, reviewing vulnerabilities and configurations, and validating the effectiveness of security controls
• Conduct and review vulnerability scans, hardening assessments, configuration checks, access-control reviews, and other security-control validations
• Maintain and improve security practices, policies, procedures, technical documentation, and audit evidence for sciCORE environments
• Support secure identity and access management practices, including user and project access lifecycles, SSH key and MFA policies, privileged access, service-account governance, and periodic access reviews
• Collaborate closely with the Systems Team, the Head of sciCORE, university security bodies, researchers, and external partners on security-related projects and operational security topics
• Advise researchers and internal service teams on secure implementation of scientific workflows, especially where sensitive data, external collaborations, automated data transfers, cloud services, or AI/ML tools are involved
• Participate in regional, national, and international research IT security communities, including working groups, conferences, and workshops

• Master's degree in computer science, cybersecurity, information systems, computational science, or equivalent professional experience
• At least three years of experience in IT security, systems security, or secure infrastructure operations in Linux-based environments, preferably in research computing, HPC, cloud, large-scale storage, or web-application environments
• Strong practical experience with core IT security processes, including risk assessment, vulnerability management, system hardening, logging, monitoring, auditing, control validation, penetration testing and evidence collection, and technical documentation
• Familiarity with networking technologies and architectures (VLANs, DMZ, firewall management) and virtual environments
• Experience with identity and access management in complex environments, including SSH, MFA, service accounts, privileged access, group- or project-based access controls, and access reviews
• Familiarity with implementation of security frameworks and compliance-oriented security controls, such as the NIST Cybersecurity Framework, CIS Controls, and ISO 27001, considering data classification and data protection regulations, and audit requirements
• Experience with automation and reproducible infrastructure practices, including infrastructure as code, version control, configuration management, shell scripting, and Python
• Ability to write clear technical documentation, reports, and audit-oriented evidence for technical and non-technical audiences
• Strong communication and coordination skills, with the ability to work effectively with technical peers, researchers, management, institutional security teams, SOCs, and external partners
• High level of integrity, reliability, discretion, and accountability

Additional desirable qualifications

• Practical understanding of HPC or research computing environments, including multi-user systems, batch schedulers, shared file systems, scientific workflows, data-transfer services, and their specific security challenges
• Familiarity with software supply-chain security, including package managers, software container images, dependency risks, code provenance, vulnerability scanning, and reproducible deployment practices
• Understanding of backup, recovery, and ransomware-resilience concepts in large-scale Linux and storage environments
• Ability to understand and adapt code, queries, or configuration in other languages commonly encountered in research computing environments
• Knowledge of the rapidly evolving AI/LLM landscape
• Working knowledge of Windows and macOS

• An essential role securing research infrastructure at the University of Basel
• The opportunity to work at the interface of high-performance computing, sensitive research data, cybersecurity, and scientific innovation
• A collaborative and interdisciplinary working environment with highly qualified technical and scientific colleagues
• The opportunity to shape security practices for a complex academic research computing environment
• Close collaboration with university security bodies, national research infrastructure initiatives, and external security communities
• Support for your professional development through training, continuing education, and participation in relevant conferences, workshops, and professional networks
• The University of Basel is an equal opportunity and family-friendly employer committed to excellence through diversity.

 
Application / Contact

We look forward to receiving your complete application via the university's online application portal (see the button below). Your application should include a curriculum vitae, a letter of motivation, and the names of two to three potential referees. Please note that we only accept applications submitted through our online application portal. Applications sent by email or post will not be considered.

For further information regarding the position, please email [email protected]
 
The position will remain open until filled. Start date: as soon as possible.