About BSC
The Barcelona Supercomputing Center - Centro Nacional de Supercomputación (BSC-CNS) is the leading supercomputing center in Spain. It houses MareNostrum, one of the most powerful supercomputers in Europe, was a founding and hosting member of the former European HPC infrastructure PRACE (Partnership for Advanced Computing in Europe), and is now hosting entity for EuroHPC JU, the Joint Undertaking that leads large-scale investments and HPC provision in Europe. The mission of BSC is to research, develop and manage information technologies in order to facilitate scientific progress. BSC combines HPC service provision and R&D into both computer and computational science (life, earth and engineering sciences) under one roof, and currently has over 1000 staff from 60 countries.
Look at the BSC experience:
BSC-CNS YouTube Channel
Let's stay connected with BSC Folks!
We are particularly interested for this role in the strengths and lived experiences of women and underrepresented groups to help us avoid perpetuating biases and oversights in science and IT research. In instances of equal merit, the incorporation of the under-represented sex will be favoured.
We promote Equity, Diversity and Inclusion, fostering an environment where each and every one of us is appreciated for who we are, regardless of our differences.
If you consider that you do not meet all the requirements, we encourage you to continue applying for the job offer. We value diversity of experiences and skills, and you could bring unique perspectives to our team.
Context And Mission
The AI Factory is developing AI solutions that must meet high standards of security, privacy, reliability, and responsible AI. To support this objective, we are looking for an AI Engineer – AI Security & Governance who will embed security and trust mechanisms throughout the AI solution lifecycle.
The role combines AI engineering and cybersecurity expertise to ensure that AI systems are secure by design, resilient to misuse, compliant with organizational requirements, and aligned with responsible AI principles. Working closely with AI engineers, platform teams, security specialists, legal experts, and project managers, the successful candidate will help identify, assess, and mitigate risks associated with modern AI systems.
The mission of this role is to enable the safe adoption of AI technologies by establishing security controls, governance practices, and reusable protection mechanisms that support innovation while reducing operational and compliance risks.
This project has received funding from the European High-Performance Computing Joint Undertaking (JU) under grant agreement No 101234399 and Spain, Portugal, Romania and Türkiye. The JU receives support from the European Union’s Horizon Europe Programme. It is also co-funded by the Spanish Ministry for Digital Transformation and the Civil Service and counts with the support of the Government of Catalonia.
Key Duties
- Define security requirements for AI applications, services, APIs, agents, and retrieval systems.
- Assess and mitigate AI-specific risks, including prompt injection, data leakage, model abuse, insecure tool usage, and unauthorized access.
- Design and implement authentication, authorization, secrets management, auditing, and secure integration patterns.
- Review AI architectures from security, privacy, governance, and compliance perspectives.
- Implement guardrails, content controls, output validation, and policy enforcement mechanisms.
- Support threat modeling, risk assessments, security testing, and vulnerability remediation activities.
- Collaborate with security, legal, compliance, platform, and AI engineering teams.
- Contribute secure coding practices, reusable security components, and AI security standards.
- Support security reviews and readiness assessments before production deployment.
- Produce and maintain security documentation, guidelines, and operational procedures.
Requirements
- Education
- Bachelor's or Master's degree in Computer Science, Cybersecurity, Software Engineering, Artificial Intelligence, Telecommunications Engineering, or a related technical discipline.
- Essential Knowledge and Professional Experience
- 3–5 years of experience in software engineering, cybersecurity, secure systems development, or related roles.
- Experience designing and implementing secure applications, APIs, and cloud-based services.
- Knowledge of identity and access management, authentication, authorization, secrets management, and audit logging.
- Experience with security architecture, threat modeling, vulnerability assessment, and risk mitigation.
- Understanding of Generative AI, LLMs, RAG architectures, AI agents, and AI-related security risks.
- Knowledge of privacy, data protection, compliance, and secure handling of sensitive information.
- Experience with secure software development practices, DevSecOps, CI/CD, and security testing methodologies.
- Familiarity with cloud security concepts and modern infrastructure security controls.
- Strong analytical, troubleshooting, and risk assessment skills.
- Additional Knowledge and Professional Experience
- Experience with AI security, adversarial testing, red teaming, or responsible AI initiatives.
- Familiarity with AI governance frameworks and emerging AI regulations.
- Experience in research, scientific computing, HPC, or innovation environments.
- Knowledge of security monitoring, detection, and incident response practices.
- Competences
- Strong cybersecurity and secure software engineering skills.
- Ability to identify, assess, and mitigate technical and operational risks.
- Solid analytical and problem-solving capabilities.
- Strong collaboration and communication skills across technical and non-technical teams.
- Proactive, autonomous, and results-oriented mindset.
- Attention to detail and commitment to security, privacy, and compliance.
- Ability to balance innovation, usability, and risk management.
- Adaptability and continuous learning in a rapidly evolving AI and security landscape.
Conditions
- The position will be located at BSC within the Directors Department
- We offer a full-time contract (35h/week), a good working environment, a highly stimulating environment with state-of-the-art infrastructure, flexible working hours, extensive training plan, restaurant tickets, private health insurance, support to the relocation procedures
- Duration: Open-ended contract due to technical and scientific activities linked to the project and budget duration
- Holidays: 22 days of holidays + 6 personal days + 24th and 31st of December per our collective agreement
- Salary: we offer a competitive salary commensurate with the qualifications and experience of the candidate and according to the cost of living in Barcelona
- Starting date: 16/07/2026
Applications procedure and process
All applications must be submitted via the BSC website and contain:
- A full CV in English including contact details
- A cover/motivation letter with a statement of interest in English, clearly specifying for which specific area and topics the applicant wishes to be considered. Additionally, two references for further contacts must be included. Applications without this document will not be considered.
Development of the recruitment process
The selection will be carried out through a competitive examination system ("Concurso-Oposición"). The recruitment process consists of two phases:
- Curriculum Analysis: Evaluation of previous experience and/or scientific history, degree, training, and other professional information relevant to the position. - 40 points
- Interview phase: The highest-rated candidates at the curriculum level will be invited to the interview phase, conducted by the corresponding department and Human Resources. In this phase, technical competencies, knowledge, skills, and professional experience related to the position, as well as the required personal competencies, will be evaluated. - 60 points. A minimum of 30 points out of 60 must be obtained to be eligible for the position.
The recruitment panel will be composed of at least three people, ensuring at least 25% representation of women.
In accordance with OTM-R principles, a gender-balanced recruitment panel is formed for each vacancy at the beginning of the process. After reviewing the content of the applications, the panel will begin the interviews, with at least one technical and one administrative interview. At a minimum, a personality questionnaire as well as a technical exercise will be conducted during the process.
The panel will make a final decision, and all individuals who participated in the interview phase will receive feedback with details on the acceptance or rejection of their profile.
At BSC, we seek continuous improvement in our recruitment processes. For any suggestions or comments/complaints about our recruitment processes, please contact recruitment [at] bsc [dot] es.
For more information, please follow this link.
Deadline
The vacancy will remain open until a suitable candidate has been hired. Applications will be regularly reviewed and potential candidates will be contacted.
OTM-R principles for selection processes
BSC-CNS is committed to the principles of the Code of Conduct for the Recruitment of Researchers of the European Commission and the Open, Transparent and Merit-based Recruitment principles (OTM-R). This is applied for any potential candidate in all our processes, for example by creating gender-balanced recruitment panels and recognizing career breaks etc.
BSC-CNS is an equal opportunity employer committed to diversity and inclusion. We are pleased to consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or any other basis protected by applicable state or local law.
For more information follow this link