Research position in Automated Assistants for Actionable Security

Fondazione Bruno Kessler (FBK) is a private research institution devoted to excellence in research in numerous disciplines and designated to the role of keeping the Autonomous Province of Trento in the mainstream of European and international research. Each research area is assigned to a specific research Centre, of which there are twelve totals. Information regarding the research Centres, their activities and production are available at http:/

.

In particular, the
FBK Cyber Security Centre (CS)
develops digital technology and cyber security to foster collaboration between the various stakeholders through a combination of IT risk management techniques (in order to develop highly innovative security solutions that will mitigate vulnerabilities and reduce the risk of attacks) as well as trust management techniques (to improve the interaction between people and technology). As part of the FBK mission, which aims to achieve results of scientific excellence and to produce an impact on society, the Center's mission is to make these techniques available to the largest number of organizations, including SMEs, which account for a substantial part of the EU economy but lack cybersecurity expertise. To this end, integrating automated cyber risk assessment support with trust management that will have the ability to produce operational suggestions to assist ICT solutions designers, developers and administrators in their daily activities is critical.

Workplace Description

The candidate will be working in the
Security & Trust Research Unit (ST)
. ST researchers develop innovative tools for the (automatic) validation of security protocols. One such tool is TLSAssistant, which automates the security assessment of cloud infrastructures by utilizing international technical guidelines to validate and promote a secure deployment that is free of vulnerabilities and misconfigurations that might hinder the secure use of the transport layer. TLSAssistant also generates actionable reports able to guide service providers in seamlessly securing new and existing deployments. In the context of the project IPCEI-CIS, TLSAssistant will be integrated into cloud infrastructures to secure the usage of container-to-container and cloud-native transmissions. The ST research unit of FBK-CS is looking to hire a dynamic and highly motivated developer to support the aforementioned research activity. The selected figure will support research in the design and development of tools for the automatic validation of security protocols (spanning from TLS, the de facto standard for secure data transmission over networks, SSH and QUIC). The aim is to assist users in developing correct implementations and configurations, identifying vulnerabilities, and proposing countermeasures to mitigate them. The ultimate goal is to enhance the security posture of systems used worldwide.

Job Description

The purpose of FBK's Tenure Track program is to offer high level professionals the opportunity of pursuing a structured career path in order to become a tenured researcher contributing to the long- term strategy of the organization.

Within this framework, FBK-CS is seeking a dynamic, highly motivated researcher in the field of Cyber Security with a focus on the assisted security and compliance assessment of cryptographic protocols for digital identity solutions or distributed systems based on a Zero Trust architecture. Cryptographic protocols (e.g., QUIC, OAuth/OpenID Connect, TLS) are the key enabler for digital identity solutions and the protection of data in distributed systems and cloud-edge infrastructures. For these reasons, the secure design and deployment of cryptographic protocols is a mandatory prerequisite for building trust in digital ecosystems and is an obligation shared by security practitioners, IT administrators, smart applications and users. The challenge is to deal with the complexity of the modern cryptographic protocols and application scenarios (e.g., digital identity wallets and AI agents), by eliciting the relevant requirements, the expected security properties and attacker capabilities, and by providing methodologies to (easily) specify them. The resulting approach should be able to guide users during the design and deployment of cryptographic protocols, by providing actionable hints to specify the protocols and assessing their security and compliance with regulations, contributing to proper security in different layers of the communication stack and possibly providing end-to-end protection. The position involves the design, implementation, validation and integration of innovative methodologies capable of automating both conformance and compliance assessments of secure communication protocols including those for protecting point-to-point channels or messaging applications. For instance, TLS -a suite of cryptographic protocols that ensures confidentiality and integrity among two parties communicating across an unsecure channel-is the de facto standard when it comes to securing point-to-point transmissions and its wide deployment, together with the impact misconfiguration can cause, makes its validation a key point in current infrastructures. Similar observations hold for securing protocols supporting end-to-end communication at the application level or Virtual Private Networks.

Job responsibilities

The candidate will join the
Security & Trust Research Unit
of FBK-CS, and will work with partners involved in industrial collaborations or national and international research and innovation projects.

The candidate is expected to:

• Conduct research and innovative activities in the broad area of Cyber Security with a focus on the assisted security and compliance assessment of cryptographic protocols in the context of cloud-edge infrastructures.
• Participate in research and innovation projects, including those in the context of research and industrial collaborations with national and international bodies.
• Contribute to the center's publications, with a good degree of autonomy, proposing innovative topics at the group level.
• Contribute to the sustainability of the center by acquiring project funding and fostering collaborations.
• Contribute to the communication and dissemination of research outputs by engaging at national and international events.
• Co-advise students at Bachelor, Master, and PhD levels.

Job requirements

The ideal candidate should have:

• PhD in Cybersecurity or related fields;
• A relevant record of publications (related to the topic of the position) in high-impact journals and top-level conferences;
• Research experience in the following topics:
• automated analysis of network security protocols;
• vulnerabilities detection and actionable mitigations in cryptographic protocols (e.g., TLS);
• analysis of security policies and conformance requirements for cryptographic protocols (e.g., VPNs);
• study of PKI and trust management models (e.g., those based on OpenID Federation);
• analysis of revocation mechanisms in the context of X.509 certificates and Digital Credentials for digital wallets (e.g., EUDI Wallet).
• Intellectual autonomy, strong commitment to achieving assigned objectives, and applying research results in real-world applications;
• Excellent problem-solving skills and result orientation;
• Excellent verbal and written communication skills;
• Good team working attitude;
• Good self-organization and autonomous operation.
• Language assessment according to the Common European Framework of Reference for

Languages (CEFR): level of knowledge required. Knowledge of English will be verified during the interview on a technical or scientific topic and must be equal to or exceed level B2. Definitions of levels can be found at the following

descriptions;

Additional requirements:

• Teaching experience in security-related topics.
• Previous experience as a speaker at national and international conferences.
• Previous experience in designing and executing user studies.
• Previous experience with international research projects (EU Horizon, ERC, national or industry-funded) with evidence of contribution to system design, implementation, or security evaluation.
• Experience in mentoring and co-advising Bachelor, Master, and PhD students.
• Previous experience with dissemination events related to cybersecurity awareness.

Employment

Type of contract
: Tenure Track contract, leading to an FBK 3rd Level Researcher (R3) permanent contract

Working hours:
full-time (38 h per week)

Start date
: March 2026

Duration
: The duration of the Tenure Track contract will be determined by the Committee based on the scientific objectives and the assigned KPIs (at least one year, which may be reduced in accordance with the Committee assessment on the candidate's abilities and skills). The scientific objectives will be linked to IPCEI ME/CT project objectives. If the final assessment of the Tenure Track experience is positive, the selected candidate for the tenure track position will be offered a permanent R3 contract.

Contract type
: CCPL Research Foundation Personnel (

)

the current gross annual remuneration is Euro 44.087,26 corresponding to a Third level Researcher.

Benefits
: flexi-time, company subsidized cafeteria or meal vouchers, internal car park, welcome office support for visa formalities and for research in accommodation, supplementary pension (
Resaver
,
Laborfonds
) and health fund (
Sanifonds
), family-work balance, free training courses, support on bank account opening, discount on public transport, sport, language course fees, counseling and psychological support service. More info at

Application

Interested candidates are requested to submit their application by completing the online form (

).

Application deadline: 9th December 2025