SINTEF

SINTEF is one of Europe's largest research organisations, with multidisciplinary expertise in the fields of technology, the natural sciences and the social sciences. SINTEF is an independent foundation and has conducted contract research and development projects for the private and public sectors since 1950. SINTEF has 2000 employees from 75 countries and annual revenues of three billion Norwegian kroner.

Vision: Teknologi for a better society.

SINTEF Digital supplies research-based expertise and technology for the development of systems, products and services in the fields of micro and sensor systems, monitoring and communication systems, information systems and numerical modelling software, health research and technology management. We operate a modern micro-/nanolaboratory (MiNaLab) that is among the world’s leading laboratories in the development and small-scale production of MEMS and radiation sensors.

SINTEF Digital is searching for Postdoctoral fellow The position’s field of research/research project; Software Security in Agile/DevOps Software Development

About the project:

SoS-Agile (http://www.sintef.no/sos-agile) is a research project financed by the IKTPLUSS programme of the Norwegian Research Council. The project is a collaboration between SINTEF Digital, NTNU - IDI, and software companies in Norway. The overall research problem to be addressed by the project is the integration of software security and agile software development, and addressing the general lack of a scientific approach to security research.

The postdoctoral candidate will contribute to the project within the following areas:

1. Responsibility for Doing Action Research on Security Architecture in Agile/DevOps Projects: Security is a quality attribute that has both architectural and coding implications — it is necessary to get both right to create and maintain secure systems. However, most of the existing research on making systems secure has focused on coding, and there is little direction or insight into how to create a secure architecture.
2. Treat Modeling and Architecture Analysis Methods: Architectural risk assessment is a risk management process that identifies flaws in a software architecture and determines risks to business information assets that result from those flaws. Through the process of architectural risk assessment, flaws are found that expose information assets to risk, risks are prioritized based on their impact to the business, mitigations for those risks are developed and implemented, and the software is reassessed to determine the efficacy of the mitigations. The focus of the post-doctoral researcher will be on investigating empirically the effectiveness of different methods for architectural risk analysis for secure agile software development, eventually establishing a new methodology.
3. Publications: Publish papers in the main conferences and journals of Software Engineering and Software Security research.
4. International Collaboration: Establish collaboration with the top researchers in the area.

Qualification requirements:

Successful applicants must have a doctoral degree in software engineering, Computer Science, cyber security or a similar discipline, with strong skills in one or more areas such as empirical software engineering, software security, software architecture, security risk analysis. Applicants with expertise in software security will be preferred, but also other candidates will be considered. The applicant is expected to have great organizational skills, such as the ability to plan, coordinate resources and meet deadlines. Scandinavian language skills would be a plus.

On the cover letter, applicants are required to justify their candidateship by explicitly explaining their personal motivation and academic aptitude (general applications will not be considered).

The CV should detail the applicant’s academic results, publications, relevant specialization, work or research experience and personal qualifications. Excellent English skills, written and spoken, are required. Applicants from non-European countries where English is not the official language must present an official language test report. The following tests can be used as such documentation: TOEFL, IELTS or Cambridge Certificate in Advanced English (CAE) or Cambridge Certificate of Proficiency in English (CPE). Minimum scores are: TOEFL: 600 (paper-based test), 92 (Internet-based test), IELTS: 6.5, with no section lower than 5.5 (only Academic IELTS test accepted), CAE/CPE: grade B or A. Formal regulations: Must have a doctoral degree within a relevant area.

We offer:

• Competitive salary.
• Challenging applied research tasks.
• A good work environment with skillful, experienced, and creative research colleagues.
• Well-established national and international scientific and industrial networks.
• A large degree of autonomy, and flexible working hours.
• Social benefits (pension plan, insurance, possibility for kindergarten, etc.).

Duration:

The successful candidate will be appointed for a period of 1 year, with possibility of extension.

Applicants are kindly requested to send a diploma supplement or a similar document, which describes in detail the study and grading system.

Web: www.sintef.no

Kontakt: Daniela Soares Cruz (Senior Research Scientist)

Telefon: 94249891

E-post: daniela.s.cruzes@sintef.no

Kontakt: Martin Gilje Jaatun (Senior Research Scientist)

Telefon: 90026921

E-post: martin.g.jaatun@sintef.no

Apply for position