CySAF (Cybersecurity Assessment Framework) is a practical framework that largely automates and systematizes security assessments in critical infrastructures. It combines current regulatory requirements with industry-specific expertise, reliably identifies vulnerabilities, and provides clear recommendations for action so that operators of energy, water, and other utility networks can more easily demonstrate compliance and permanently strengthen their cyber resilience.

The position includes research and development work on the conception, development, and evaluation of AI-based IT security solutions, with a focus on the development and integration of language models (LLMs) for IT security applications, the optimization of APIs for system integration, and the automation and optimization of data processing processes. To this end, sample solutions and functional prototypes will be designed, implemented, and tested to develop algorithms for data processing and analysis, validate scalable and robust AI models, and design modular software solutions and secure, scalable interfaces. In parallel, an in-depth analysis of existing and novel methods will be conducted to identify optimization potential and systematically investigate formal correspondences between security requirements and technical implementations. The task also includes conducting tests to ensure system stability and ongoing research into the state of the art in areas such as AI model scaling or API design. Depending on the results and available resources, the results will be scientifically prepared and published in specialist journals, conference papers, or workshops.

The following knowledge and skills are required

• scientific university degree (Master) in computer science, applied computer science, data science or related fields,
• very good knowledge of artificial intelligence and data science, especially in retrieval-augmented generation (RAG), large language models (LLMs), fine-tuning and prompt engineering,
• confident use of ML and NLP frameworks such as PyTorch, TensorFlow, Huggingface and spaCy,
• Very good programming skills in Python as well as experience with other backend languages such as Java,
• Experience in software development, data analysis (e.g. Pandas and NumPy) as well as SQL and NoSQL databases,
• Confident handling of API design (REST, gRPC) and system integration in scalable architectures,
• Experience with UNIX systems, containerization (e.g. Docker) and version control with Git/GitHub,
• Basic knowledge of IT security, data protection, threat modeling and relevant standards (e.g. ISO 27001),
• Very good written and spoken German and English skills.

We expect from you

• analytical thinking, structured problem-solving skills, ability to work in a team and willingness to familiarize yourself with the requirements of critical infrastructures.

We offer you

• an interesting and challenging field of activity,

• flexible and family-friendly working hours within the framework of the applicable employment agreement,

• personal and professional development opportunities through targeted further training and education,

• attractive social benefits (company pension scheme, annual bonus, capital-forming benefits),

• a company health management system with offers for company health promotion and

• the possibility of using a job ticket.

If the personal requirements are met, remuneration will be up to salary group 13 TV-L . The primary place of work is Görlitz, but there are numerous opportunities for mobile working. We particularly welcome applications from the Dresden area, as many network partners are located in Dresden. Zittau/Görlitz University of Applied Sciences strives for a balanced staffing structure and therefore welcomes applications from individuals of all genders. Severely disabled individuals will be given preferential consideration if they have equal professional qualifications. Zittau/Görlitz University of Applied Sciences aims to increase the proportion of women in teaching and research and therefore expressly encourages women to apply.

Have we piqued your interest? Then we look forward to receiving your comprehensive application (including a cover letter, CV, and references) by August 22, 2025 (postmark) via email to:

stellenangebote@hszg.de
(documents only in PDF format)