• You will collaborate closely with partners in the Helmholtz Association and HIFIS (Helmholtz Digital Services for Science) to design, develop, and implement comprehensive security solutions across the cloud federated services architecture used at Helmholtz sites and partner organizations.
• You will assess and continuously monitor the current security posture of Helmholtz Munich’s infrastructure (including network, storage solutions, virtualization platforms, and high-performance computing systems) and recommend improvements in design and implementation aimed at strengthening the overall security posture of the center.
• You will assess the application security posture, offering guidance on integrating secure coding practices, performing threat modelling and code reviews, and embedding security throughout the software development lifecycle for both in-house and third-party applications.
• You will evaluate policies, standards, procedures and recommendations to enhance adherence to national and international security standards and frameworks (e.g., ISO/IEC 27001, BSI C5, BSI IT-Grundschutz), ensuring regulatory compliance and security best practices.
• You will collaborate with internal and external stakeholders to proactively identify, assess, and mitigate security risks through risk management processes, including threat modelling and risk assessment.
• You will support incident response activities, vulnerability management, and forensic investigations, helping to minimize impact and strengthen defenses.
• You will provide technical guidance, training, and awareness programs to colleagues and partners on security best practices, emerging threats, and compliance requirements, fostering a strong security culture across the organization.

• Bachelor's or master's degree in computer science, computer engineering, cybersecurity or a related field and relevant security certifications (e.g., OSCP, CCSP, CISSP, CISM) from a university with internationally recognized quality standards.
• Good understanding of networking, storage, cloud computing, virtualization, and application technologies, and their associated security principles and controls.
• Interest with Identity and Access Management (IAM) and Single Sign-On (SSO) technologies (such as SAML, OAuth 2.0, OpenID Connect, and similar standards), including designing and implementing secure authentication and authorization systems.
• Interest in application security, including secure software development lifecycle (SSDLC), vulnerability assessment, code review, and mitigation of common vulnerabilities (e.g., OWASP Top 10).
• Familiarity with firewalls, intrusion detection/prevention systems (IDS/IPS), Security Information and Event Management (SIEM) tools, endpoint/server protection solutions, and encryption technologies.
• Familiarity with open-source tools applicable for securing corporate environments.
• Familiarity with security frameworks and standards such as the NIST Cybersecurity Framework (CSF), ISO 27001, BSI C5, BSI IT-Grundschutz, and similar regulatory requirements.
• Ability to perform security risk assessments, threat modelling, and develop risk mitigation strategies within complex technical environments.
• Good problem-solving skills, with the ability to communicate complex security concepts clearly to both technical and non-technical stakeholders at all levels.

We value passion and potential!

So please consider applying even if your experience does not match every line of the description.

"We believe that diversity is the key to groundbreaking research and innovative solutions. Our flexible working models and remote options create a supportive environment for balancing work and family life. For us, contributing to a healthier society in such an inspiring workplace is truly meaningful."

• CV

We are committed to promoting a culture of diversity and welcome applications from talented people regardless of gender, cultural background, nationality, ethnicity, sexual identity, physical abilities, religion or age. Qualified applicants with physical disabilities will be given preference.