Software Security Engineer (All Levels), Qualcomm Incorporated
A Software Security Engineer is responsible for assisting product development teams throughout the company in detecting and mitigating security vulnerabilities in software design and implementation. Specific responsibilities may include identifying and assessing software vulnerabilities using both manual methods and automated tools, mentoring software developers in adopting secure coding techniques and secure coding standards, assisting product development teams in establishing static analysis and security testing processes, promoting security mindset throughout software development from design to implementation to testing, evaluating new technologies/tools to detect, triage, and mitigate software security defects, identifying and addressing weakness in existing software development life cycle with a goal to improve overall software security.
Applicants should possess at least two years of experience (work or academic) in the field of software security, like performing software security audits. Ability to engage with product teams independently with minimal supervision is a must. Applicants should have expertise in two or more of the following areas:
- Code review, analysis and vulnerability assessment (C, C++, ARM assembly,C#,Java)
- Security testing, e.g. fuzzing, instrumentation, monitoring
- Operating system security
- Mobile platform security
- Mitigation techniques
- Incident response
In-depth knowledge in the following specific areas will be considered a plus:
- Mobile operating system internals (Android, Windows Phone, iOS)
- Static analysis
- Firmware analysis and reverse engineering
- ARM architecture
Graduate degree in a security related field of Computer Science or Mathematics is a plus.
If interested, please apply directly to requisition G1889943
PhD student, Norwegian Information Security Laboratory, GUC
Large-Scale Online Learning for Intrusion Detection and Proactive Forensics
** Main objective of the research is to overcome limitations of existing intrusion-detection systems (IDS), which are presently mainly based on expert knowledge or contemporary online learning. For IDSs, the continuous learning of new and changing attack patterns, and the use of relevant attributes or features that represent abnormal behaviour in network-traffic data is of greatest importance in order to detect hostile activities in dynamic network environments. Online-learning systems with an embedded online-feature selection have a great potential to assist in understanding the nature of network intrusions as well as to assist in establishing the ability to process massive amounts of data in large-scale networks. Specific objectives of the proposed research are two-fold:
- To develop new computational-intelligent methods for online-learning in malware and intrusion-detection systems that can deal with the challenges of massive data, obfuscation, adversarial activities, changing environments and the lack of a real-labeled reference data and training dataset, and
- To develop new embedded-online-feature-selection methods without prior knowledge or limited number of features (open-system system approach)
** Specific background and skills in one or more of the following areas is highly desirable:
- Excellent MSc degree in computer science/engineering, mathematics or statistics
- Experience in numerical analysis, algorithms and complexity analysis
- Knowledge in machine learning and pattern recognition
- Programming ability in one or more of the following languages: Matlab, Python, Java,C, C++, or C#
- Fluent in English: oral and written communication skills
- Ability to communicate technical concepts clearly and effectively
- Scientific publications in re
Ph.D. Students and Post-Doc, University of Luxembourg
* 2 Ph.D. Students in Computer Security
* 1 Ph.D. Student in Socio-Technical Aspects of Security
Duration: 3 years (extension up to 4 years in total is possible).
For more information see URLs:
* 1 Post-Doc in Socio-Technical Aspects of Security
Duration 2 years (extension up to 5 years is possible).
For more information and for application see URL:
All the positions are related to the CORE-FNR project \\\"Socio-Technical Analysis of Security and Trust\\\" (STAST). STAST will be highly interdisciplinary. It teams up the Interdisciplinary Centre for Reliability, Security and Trust (SnT), the Applied Security and Information Assurance (APSIA), led by Prof. P. Y. A. Ryan who is also the principal investigator of the project, and Security and Trust of Software Systems (SaToSS), led by Prof. S. Mauw, and the Educational Measurement and Applied Cognitive Science (EMACS), ref. Dr. V. Koenig.
Report on Eurocrypt 2011, May 15-19, 2011, Tallinn, Estonia
Eurocrypt 2011, May 15-19, 2011, Tallinn, Estonia
Eurocrypt 2011 was held
at Sokos Viru Hotel, Tallinn, Estonia, on 15-19 May 2011. The
conference was organized in Sokos Viru Hotel, next to the old town of
Tallinn, and a majority of the participants lived either in the same
hotel or nearby. Participation fee was 500 USD (regular participants)
and 250 USD for students.
A total of 31 research papers, categorized into 11 sessions, were
presented, selected from 167 submissions. Ronald Cramer, CWI, and
Phong Nguyen from IBM Research delivered the invited lectures on the
topics "The Arithmetic Codex: Theory and Applications" and "Lattice
Reduction Algorithms: Theory and Practice", respectively.
The Rump Session was chaired by Nigel Smart who was helped by men in
The conference banquet was held at the Art Museum of Estonia. The best
paper award was also presented during the banquet to Eike Kiltz,
Krzysztof Pietrzak, David Cash, Abhishek Jain and Daniele Venturi for
their paper "Efficient Authentication from Hard Learning Problems".
The conference ended successfully on 19 May, having attracted about
305 participants (more than 60 being students), from approximately 40
countries, mainly from Europe (approximately 185), Asia (70) and North
America (40). We thank the sponsors for their generous support and
contributions to the success of the
Program Chair was Kenny Paterson and General Chair was Helger Lipmaa.