Senior Cyber-Security Research Associate

The Security and Trusted Computing Group at UBITECH conducts interdisciplinary research in most aspects of computer and information security, ranging from advanced cryptography and access control mechanisms, for ensuring secrecy and authentication in todays’ communications, to the design, analysis and implementation of novel protection mechanisms for enhanced security, privacy, trustworthiness, and reliability in numerous emerging IoT applications. Through methods such as applied cryptography, hardware enhanced security, modelling and security analysis of systems, and verification, we are building security into new technology, providing assurance to the user that they are interacting with a trusted platform. Our research focuses on cryptography; trusted computing; secure communications; privacy and authentication; and security verification – with applications in, e.g., automotive, future Internet and 5G, smart grid, healthcare, e Payment, etc.

As a Senior Cyber-Security Research Associate, you will be exposed to research various facets of enhancing the security posture of both devices as well as networks. The ideal candidate will have a strong background in cyber security research with a particular emphasis on device security (i.e., trusted computing concepts) and applied cryptography. As part of this role, you will use your knowledge and experience in network and application security to steer the design of new cryptographic protocols as well as network security protocols for enhancing the overall level of trust of various element spanning across the entire compute continuum. Research is conducted within the context of both large EU research project consortia but also through our strong research collaborations with core industries in the field of automotive, hardware security, embedded systems, 6G and self-sovereign identity management.

Responsibilities and Preferred Qualifications:

Creating, reviewing and expanding security architectures and designs capturing diver security and privacy requirements – at the device level elevated all the way to securing network communications;

Research on threat modelling, attack surface enumeration and attack tree creation as part of holistic risk management process towards identifying the required trust level of target system based on optimal set of security schemes to be deployed;

In-depth exposure to security concepts, cryptography and protocols across various application types (e.g., cloud, web, IoT/Embedded, etc.);

Experience with security concepts in cryptography as well as authentication, authorization, identity and access control such as OAuth, SSO, JWT, PKIs;

Experience with application security features and key management systems backed by secure hardware, such as Keystore / Keychain, TPM / vTPM, HSM and SE;

Experience with applied cryptography and cryptographic protocols;

Familiarity with confidential computing, enclaves, and attestation primitives;

Leading a group of researchers and security developers towards the design of security architectures, through identifying technologies to be leveraged as well as designing new security schemes, and Proof of Concept implementation of the resulting security solutions;

Collaborate within a security cross-functional team so as to drive the design of security solutions and translate them into holistic architectures capturing various security and privacy requirements for the entirety of the target system.

What we offer:

Flexibility: Hybrid model to maintain a healthy work-life balance

Continuous Learning: Learning budget and ongoing training opportunities

Offsite Trip and Team Socials: Team trip to a secret destination once per year

Private Health Insurance: Private health insurance on the company's group program;

Workplace: Pleasant work-space with a fun and relaxing playroom;

Health: Gym discount;

Personal Development: A great opportunity to grow and work with the most amazing people in the industry;

Team: Being part of a friendly environment which at the same time offers challenging goals.