The selection procedure has been extended to end of september because the project starting date has been delayed to later in autumn 2020 due to the coronavirus situation

The gist of the project is to develop semi-automated methods for cyber-security incident response. This requires applications at the intersection between Computer Security (for attack detection and response planning) and Human-Computer-Interaction (for effective communication and trust-building techniques between the system and the operator).



Project description

The overall goal of SeReNity is to develop the technologies needed to move towards automated incident response in the cybersecurity domain. This requires not only reliable detection and alert prioritization techniques, but also an effective integration of event data and automated analysis results in the response process.

The candidate in this project will work with state-of-the-art detection and alerting technologies deployed in the Security Operation Center (SOC) operated by the Department of Mathematics and Computer Science at the Eindhoven University of Technology, and in collaboration with an industrial leader in the domain of cyber-attack detection and response.

The PhD student applying to this position will have the opportunity to work on technical as well as human-level aspects of information security; the goal is to develop methods and techniques to effectively and timely extract and communicate information on security incidents to the (human) analysts operating the SOC. These techniques should aim toward a semi-automated response process, whereby the provided information can be immediately 'operationalized' into a response strategy or plan. This requires not only technical and analytical developments in the area of attack detection, but also the evaluation of trust-building techniques to increase the operator's confidence in the provided information.

An extensive project description is available on request.



Tasks:

• carry out research within the project, in cooperation with the other parties involved;
• develop the techniques and tool prototypes required by the project, in cooperation with the other parties involved;
• contribute to the writing of scientific papers;
• finishing a PhD thesis within four years;
• contributing to the teaching activities of the Security group.

We are looking for a candidate who meets the following requirements:

• an MSc in Computer Science, Mathematics or closely related field with above average results;
• a research oriented attitude;
• interest in computer security and human computer interaction;
• knowledge  of attack detection and computer networks is a plus;
• good communicative skills in English, both written and oral;
• ability to work in a team, cooperate with the industrial partners;

We offer:

• full-time employment as a PhD-candidate for a period of 4 years;
• gross salary between € 2.325,00 per month (first year) and € 2.972,00 per month (last year);
• annually 8% holiday allowance and 8.3% end of year allowance;
• support with your personal development and career planning including courses, summer schools, conference visits etc.;
• a broad package of fringe benefits (including an excellent technical infrastructure, child care, moving expenses, savings schemes, coverage of costs of publishing the dissertation and excellent sports facilities).