Category Archives: Jobs

Hiring for the Cambridge Cybercrime Centre

We have three open positions in the Cambridge Cybercrime Centre: https://www.cambridgecybercrime.uk.

We wish to fill at least one of the three posts with someone from a computer science, data science, or similar technical background.

BUT we’re not just looking for computer science people: to continue our multi-disciplinary approach, we wish to fill at least one of the three posts with someone from a criminology, sociology, psychology or legal background.

Details of the posts, and what we’re looking for are in the job advert here: http://www.jobs.cam.ac.uk/job/17827/.

New security lecturer

We’re delighted to announce that the new security lectureship we advertised has been offered to Alice Hutchings, and she’s accepted. We had 52 applicants of whom we shortlisted three for interview.

Alice works in the Cambridge Cybercrime Centre and her background is in criminology. Her publications are here. Her appointment will build on our strengths in research on cybercrime, and will complement and extend our multidisciplinary work in the economics and psychology of security.

PhD studentship in side-channel security

I can offer a 3.5-year PhD studentship on radio-frequency side-channel security, starting in October 2018, to applicants interested in hardware security, radio communication, and digital signal processing. Due to the funding source, this studentship is restricted to UK nationals, or applicants who have been resident in the UK for the past 10 years. Contact me for details of the project proposal.

The University is Hiring

We’re looking for a Chief Information Security Officer. This isn’t a research post here at the lab, but across the yard in University Information Services, where they manage our networks and our administrative systems. There will be opportunities to work with security researchers like us, but the main task is protecting Cambridge from all sorts of online bad actors. If you would like to be in the thick of it, and you know what you’re doing, here’s how you can apply.

More Jobs in the Cloud Cybercrime Centre

The Cambridge Cloud Cybercrime Centre (more information about our vision for this initiative are in this earlier article) has up to three Research Associate / Research Assistant positions to fill.

We are looking for enthusiastic researchers to work with the substantial amounts of cybercrime data that we will be collecting. The people we appoint will have the chance to define their own goals and objectives and pursue them independently or as part of a team. We will also expect everyone to assist with automating the processing of our incoming data feeds and adding value to them.

We are not necessarily looking for existing experience in researching cybercrime, although this would be a bonus. However, we are looking for strong programming skills — and experience with scripting languages and databases would be much preferred. Good knowledge of English and communication skills are important.

Please follow this link to the advert to read the formal advertisement for the details about exactly who and what we’re looking for and how to apply — and please pay attention to our request that in the covering letter you create as part of the application you should explain which particular aspects of cybercrime research are of interest to you.

Three exciting job openings in security usability

We are looking for three more people to join the Cambridge security group. Two job adverts, intended for postgrads or postdocs, are already out now. A third one, specifically aimed at a final year undergraduate or master student, strong on programming but with no significant work experience, is currently making its way through the HR pipeline and should appear soon. Please pass this on to anyone potentially interested.

With the Pico project (see website for videos, papers and more) we wish to liberate humanity from the usability and security problems of passwords. We are looking for a UX designer to help us in our quest to produce a user-centred, effective and pleasant to use solution and for two software engineers with a security mindset to help us build it and make it robust against attacks. Would you like to join us and contribute to eliminating the annoyance and frustration of passwords from the daily experience of billions of computer users?
  1. User experience (UX) designer
    Research Associate or Assistant (with/without PhD)
    Start date: ASAP
    Details and link to application form: http://www.jobs.cam.ac.uk/job/9244/
  2. Senior software engineer / software engineer
    Research Associate or Assistant (with/without PhD)
    Start date: ASAP
    Details and link to application form: http://www.jobs.cam.ac.uk/job/9245/
  3. Software engineer
    Research assistant (having just completed a bachelor or master in CS/EE)
    Start date: June 2016
    Watch this space: the ad should go live within a week or so
    https://www.mypico.org/jobs/

Four cool new jobs

We’re advertising for four people to join the security group from October.

The first three are for two software engineers to join our new cybercrime centre, to develop new ways of finding bad guys in the terabytes and (soon) petabytes of data we get on spam, phish and other bad stuff online; and a lawyer to explore and define the boundaries of how we share cybercrime data.

The fourth is in Security analysis of semiconductor memory. Could you help us come up with neat new ways of hacking chips? We’ve invented quite a few of these in the past, ranging from optical fault induction through semi-invasive attacks generally. What’s next?

Job Ads: Cloud Cybercrime Centre

The Cambridge Cloud Cybercrime Centre (more information about our vision for this brand new initiative are in this earlier article) now has a number of Research Associate / Research Assistant positions to fill:

  • A person to take responsibility for improving the automated processing of our incoming data feeds. They will help develop new sources of data, add new value to existing data and develop new ways of understanding and measuring cybercrime: full details are here.
  • A person with a legal background to carry out research into the legal and policy aspects of cybercrime data sharing. Besides contributing to the academic literature and to the active policy debates in this area they will assist in negotiating relevant arrangements with data suppliers and users: full details are here.

and with special thanks for the generosity of ThreatSTOP, who have funded this extra position:

  • We also seek someone to work on distributed denial-of-service (DDoS) measurement. We have been gathering data on reflected UDP DDoS events for many months and we want to extend our coverage and develop a much more detailed analysis of the location of perpetrators and victims along with real-time datafeeds of relevant information to assist in reducing harm. Full details are here.

Please follow the links to read the relevant formal advertisement for the details about exactly who and what we’re looking for and how to apply.

Cambridge Cloud Cybercrime Centre

We have recently won a major grant (around £2 million over 5 years) under the EPSRC Contrails call which we will be using to set up the “Cambridge Cloud Cybercrime Centre”:

https://www.cambridgecybercrime.uk/

The will be a multi-disciplinary initiative combining expertise from the University of Cambridge’s Computer Laboratory, Institute of Criminology and Faculty of Law. We will be operational from 1 October 2015.

Our approach will be data driven. We have already negotiated access to some very substantial datasets relating to cybercrime and we aim to leverage our neutral academic status to obtain more data and build one of the largest and most diverse data sets that any organisation holds.

We will mine and correlate these datasets to extract information about criminal activity. Our analysis will enhance understanding of crime ‘in the cloud’, enable us to devise identifiers of such criminality, allow us to build systems to detect this type of crime when it occurs, and aid us in showing how it is possible to collect extremely reliable evidence of wrongdoing. When it is appropriate, we will work closely with law enforcement so that interventions can be undertaken.

Our overall objective is to create a sustainable and internationally competitive centre for academic research into cybercrime.

Importantly, we will not be keeping all this data to ourselves… a key aim of our Centre is to make data available to other academics for them to apply their own skills to address cybercrime issues.

Academics currently face considerable difficulties in researching cybercrime. It is difficult, and time consuming, to negotiate access to real data on actual abuse and then it is necessary to build and deploy data collection tools before the real work can even be started.

We intend to drive a step change in the amount of cybercrime research by making datasets available, not just of URLs but content as well, so that other academics can concentrate on their particular areas of expertise and start being productive immediately. These datasets will be both ‘historic’ and, where appropriate ‘real-time’.

We will maintain high ethical standards in everything we do and will develop a strong legal framework for our operations. In particular we will always ensure that the data we handle is treated fully in accord with the spirit, and not just the letter, of the agreements we enter into.

We will shortly be hiring for the first few research positions … pointers to the job adverts will appear on this blog.

PhD studentship: Model-based assessment of compromising emanations

We have a fully funded 3.5-year PhD Studentship on offer, from October 2014, for a research student to work on “Model-based assessment of compromising emanations”. The project aims to improve our understanding of electro-magnetic emissions that are unintentionally emitted by computing equipment, and the eavesdropping risks they pose. In particular, it aims to improve test and measurement procedures (TEMPEST) for computing equipment that processes extremely confidential data. We are looking for an Electrical Engineering, Computer Science or Physics graduate with an interest in electronics, software-defined radio, hardware security, side-channel cryptanalysis, digital signal processing, electromagnetic compatibility, or machine learning.

Check the full advert and contact Dr Markus Kuhn for more information if you are interested in applying, quoting NR03517. Application deadline: 23 June 2014.