Cloud Administrator & Information Security Officer

We are looking for a motivated and technically skilled Cloud Administrator and Information Security Officer to join our team. In this dual role, you will be responsible for the reliable operation of the de.NBI cloud site at DKFZ and will actively drive the continuous improvement of our Information Security Management System (ISMS) in line with ISO 27001.

Cloud Administration

• Install, configure, and maintain the de.NBI cloud infrastructure at DKFZ (OpenStack-based environment)
• Monitor system health, performance, and availability; respond to and resolve incidents
• Manage user access, resource quotas, and service requests from research users
• Coordinate with the central de.NBI cloud federation and other de.NBI sites
• Plan and implement updates, patches, and infrastructure improvements
• Maintain technical documentation and SOPs

Information Security Act as the primary Information Security Officer (ISO) for the de.NBI cloud at DKFZ

• Maintain and continuously improve the existing ISMS in accordance with ISO 27001
• Conduct and document risk assessments, threat analyses, and security reviews
• Develop, update, and enforce security policies, guidelines, and procedures
• Prepare and support internal and external audits; track and follow up on findings
• Raise security awareness among staff and users through training and communication
• Liaise with DKFZ's central IT security team and the broader de.NBI security community

• Degree in Computer Science, IT Security, Bioinformatics, or a related field (or equivalent practical experience)
• 3-5 years of hands-on experience in Linux system administration and/or cloud infrastructure (OpenStack or comparable)
• Solid understanding of IT security concepts, network security, and access management
• Familiarity with ISO 27001 or comparable security frameworks (e.g., BSI IT-Grundschutz)
• Structured, independent working style with strong documentation habits
• Good communication skills in English; German is a plus

Desirable

• Experience operating OpenStack environments
• Prior involvement in ISMS implementation or certification projects
• Knowledge of container technologies (Docker, Kubernetes)
• Experience in a research or academic IT environment
• Relevant certifications (e.g., CISSP, CISM, ISO 27001 Lead Implementer/Auditor)

Excellent framework conditions: state-of-the-art equipment and opportunities for international networking at the highest level

The German Cancer Research Center (DKFZ) is one of Europe's largest cancer research centers. "Research for a life without cancer" is the mission of our world-class scientists and all our team members.