IT Security Specialist

Reference number: 2026-0093

• Heidelberg
• Full-time
• German Human Genome-Phenome Archive (GHGA)

The German Cancer Research Center (DKFZ) is one of Europe’s largest cancer research centers. “Research for a life without cancer" is the mission of our world-class scientists and all our team members.

We investigate how cancer develops, identify cancer risk factors and search for new cancer prevention strategies. We develop new methods with which tumors can be diagnosed more precisely and cancer patients can be treated more successfully. Every contribution counts – whether in research, administration or infrastructure. This is what makes our daily work so meaningful and exciting.

To strengthen our cross-project team, we are seeking with immediate effect an

We are looking for an IT Security Specialist to define security standards for two major data infrastructure projects in the Heidelberg-Mannheim region: (1) The Data Space Project of the Health + Life Science Alliance has recently been launched to develop a trusted research environment (TRE) for seven leading life sciences and biomedical research institutions in the Heidelberg-Mannheim region. (2) The German Human Genome-Phenome Archive (GHGA) is part of the national program for research data infrastructures (NFDI) and has established a secure national omics data infrastructure, enabling the secondary use of human omics data in research. These infrastructures are supporting the bioinformatics community with software tools for secure data/metadata storage, interactive data portals with data visualization, and streamlined data deposition and acquisition solutions. Prof. Oliver Stegle is coordinating GHGA at the DKFZ and representing the Data Space project for the DKFZ in close collaboration with the other Health + Life Science Alliance member institutions Heidelberg University, European Molecular Biology Laboratory (EMBL), Central Institute of Mental Health, Max Planck Institute for Medical Research, Heidelberg University Hospital and University Hospital Mannheim.

In order to develop the Data Space Trusted Research Environment (TRE) and the GHGA platform into a state-of-the-art infrastructure for the secure handling and analysis of genome data, we are looking for an IT Security Specialist.

Job description:

We are looking for a team member with substantial experience in information security and risk governance. Your role will be instrumental in technical and organizational decision-making for the Data Space and GHGA projects and will ensure compliance with modern standards for both infrastructures. You will be part of two tightly connected teams spanning cloud engineers, data stewards and interdisciplinary researchers with the joint mission of enabling the secure sharing of sensitive biomedical data for the scientific research community. You will have a diverse set of tasks, shaping the IT infrastructure of the Data Space TRE from the start, while also managing the IT security for the operation of the established GHGA Portal and upcoming new functionalities. Your expertise will help ensure the safe operation of the Data Space TRE and GHGA while also contributing to the development of standards in Germany and supporting their role in international efforts.

Your responsibilities:

• Analysis and documentation of current operations with respect to IT security, identifying gaps and supporting continuous improvement
• Implementation and maintenance of a framework for risk and asset management, utilizing modern tools and standards
• Creation and maintenance of an Information Security Management System (ISMS)
• Implementation and maintenance of a program for security awareness that works across multiple communication channels
• Regular monitoring of risks through third-party interactors, such as used infrastructures or sub-contractors
• Provision of information security guidance for IT projects, including the evaluation and recommendation of technical controls
• Coordination of interaction with external expertise on legal and technical IT security topics

Your profile: 

Essential Expertise:

• Proven experience with core information security frameworks (BSI IT-Grundschutz, ISO 27001) and risk management methodologies
• Hands-on background in developing and implementing risk-mitigation plans, security policies, processes, and technical controls
• Solid understanding of GDPR compliance requirements and IT infrastructure fundamentals (e.g., networking, server roles, system architecture)
• Fluency in German and English to articulate technical requirements clearly and collaborate with cross-functional teams and external partners
• Demonstrated project management skills, with the ability to work independently, solve problems creatively, and drive initiatives to completion

Advantageous Qualifications:

• Knowledge of cloud security guardrails in multi-account environments (e.g., IAM, SCP, centralized logging, encryption, network isolation)
• CISSP certification or equivalent advanced security credential

We Offer

Are you interested?

 Then become part of the DKFZ and join us in contributing to a life without cancer!

 ​Duration: The position is initially limited to 2 years with the possibility of prolongation.

Application Deadline: 21.05.2026

Applications by e-mail cannot be accepted.

 

We are convinced that an innovative research and working environment thrives on the diversity of its employees. Therefore, we welcome applications from talented people, regardless of gender, cultural background, nationality, ethnicity, sexual identity, physical ability, religion and age. People with severe disabilities are given preference if they have the same aptitude.

Notice: We are subject to the regulations of the Infection Protection Act (IfSG). Therefore, all our employees must provide proof of immunity against measles.

Share this job!