IT Security Engineer
Job in
4040, Basel, Kanton Basel-Landschaft, Switzerland
Listed on 2026-07-10
Listing for:
The Biozentrum, University of Basel
Full Time
position Listed on 2026-07-10
Job specializations:
-
IT/Tech
Cybersecurity, Information Security, Data Security, Network Security
Job Description & How to Apply Below
Your position
- Act as the primary security subject matter expert for sciCORE infrastructures and research-support services
- Contribute proactively to the secure architecture and operation of sciCORE services, including security-related tools, HPC systems, web applications, trusted research environments (sciCORE+), networking and related tools, identity and access management, shared file systems, data-transfer services, and scientific software environments
- Perform risk assessments and security reviews for new services, research projects, infrastructure changes, and external collaborations
- Translate security requirements into practical, researcher-friendly solutions that preserve scientific usability while managing institutional and technical risk
- Align technical security measures with data classification, data protection requirements, institutional policies, and relevant security frameworks
- Identify and address security gaps in sciCORE systems by monitoring current threats, reviewing vulnerabilities and configurations, and validating the effectiveness of security controls
- Conduct and review vulnerability scans, hardening assessments, configuration checks, access-control reviews, and other security-control validations
- Maintain and improve security practices, policies, procedures, technical documentation, and audit evidence for sciCORE environments
- Support secure identity and access management practices, including user and project access life cycles, SSH key and MFA policies, privileged access, service-account governance, and periodic access reviews
- Collaborate closely with the Systems Team, the Head of sciCORE, university security bodies, researchers, and external partners on security-related projects and operational security topics
- Advise researchers and internal service teams on secure implementation of scientific workflows, especially where sensitive data, external collaborations, automated data transfers, cloud services, or AI/ML tools are involved
- Participate in regional, national, and international research IT security communities, including working groups, conferences, and workshops
- Master's degree in computer science, cybersecurity, information systems, computational science, or equivalent professional experience
- At least three years of experience in IT security, systems security, or secure infrastructure operations in Linux-based environments, preferably in research computing, HPC, cloud, large-scale storage, or web-application environments
- Strong practical experience with core IT security processes, including risk assessment, vulnerability management, system hardening, logging, monitoring, auditing, control validation, penetration testing and evidence collection, and technical documentation
- Familiarity with networking technologies and architectures (VLANs, DMZ, firewall management) and virtual environments
- Experience with identity and access management in complex environments, including SSH, MFA, service accounts, privileged access, group- or project-based access controls, and access reviews
- Familiarity with implementation of security frameworks and compliance-oriented security controls, such as the NIST Cybersecurity Framework, CIS Controls, and ISO 27001, considering data classification and data protection regulations, and audit requirements
- Experience with automation and reproducible infrastructure practices, including infrastructure as code, version control, configuration management, shell scripting, and Python
- Ability to write clear technical documentation, reports, and audit-oriented evidence for technical and non-technical audiences
- Strong communication and coordination skills, with the ability to work effectively with technical peers, researchers, management, institutional security teams, SOCs, and external partners
- High level of integrity, reliability, discretion, and accountability
- Practical understanding of HPC or research computing environments, including multi-user systems, batch schedulers, shared file systems, scientific workflows, data-transfer services, and their specific security challenges
- Familiarity with software supply-chain security, including package managers, software container images, dependency risks, code provenance, vulnerability scanning, and reproducible deployment practices
- Understanding of backup, recovery, and ransomware-resilience concepts in large-scale Linux and storage environments
- Ability to understand and adapt code, queries, or configuration in other languages commonly encountered in research computing environments
- Knowledge of the rapidly evolving AI/LLM landscape
- Working knowledge of Windows and macOS
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×