Postdoc in Cyber Resilience for the Shipping Industry

The Department of Applied Mathematics and Computer Science (DTU Compute) at the Technical University of Denmark (DTU) invite applications for a Postdoc position in the area of cyber resilience for the shipping industry. The Postdoc will be a part of the CyberShip research project (Cyber Resilience for the Shipping industry) which is funded by the Danish Maritime Fund and the Orients Fund. CyberShip is a joint project between DTU Compute and DTU Management Engineering and Postdoc will work together with another Postdoc at DTU Management Engineering.

DTU Compute is Denmark´s largest environment for mathematics and computer science and encompasses both in-depth theory and practical applications. This allows converting new ideas into innovative products and provide public sector consultancy - to the benefit of both the business community and public sector institutions. The Postdoc will be affiliated with the Cyber Security Section at DTU Compute, which examines the methods, techniques and tools for securing computer systems that are accessible through a network, typically the Internet. Most networked computing systems can be considered socio-technical systems and the successful defence against cyber-attacks requires consideration of a broad range of human and technical factors, from the general security awareness among agents in an organisation to the proper enforcement of security policies through cryptography and access control mechanisms.

Responsibilities and tasks
The shipping industry has become more vulnerable to cyber-attacks in recent years, because of its dependence on information technology and increasingly complex networks. Cyber systems are incorporated into almost every facet of maritime operations, such as financial and human resources management, security systems, navigation (Global Navigation Satellite Systems (GNSS), Automatic Identification System (AIS), Electronic Chart Display Systems (ECDIS), etc.), communications, electronic certificates, cargo tracking, pre-arrival processing and other key systems and equipment. All maritime structures (including ships and offshore facilities) as well as the connected infrastructure (e.g. offices of shipping companies, ports etc) are vulnerable. Currently, the awareness regarding cyber security aspects either is at a very low level or completely disregarded.

The aim of the CyberShip project is to propose a framework for improving the resilience of the shipping industry to cyber risks, with the ship being its main focus. This novel theoretical framework will combine traditional risk management with systems analysis and control theory to aid the decision making process of shipping companies in the detection, identification, and prevention of cyber-attacks, as well as guide the recovery and response process and organizational adjustment (learning process) following a cyber-attack. To support the decision making process a set of tools will be developed for the assessment of identified key performance indicators (KPIs). Finally, a set of recommendations will be produced to direct the development of shipping cyber resilience in organizations via theoretically sound approaches such as scenario planning and real options.

A strong emphasis through the CyberShip project and thus the postdoc position is put on bridging the gap between traditional risk management and IT Management, rendering an operational framework model possible for implementation within the shipping industry. The framework model will consider both systems analysis, to identify the network characteristics, which allow it to react to disruptions, derived from cyber-attacks, and traditional risk management approaches. The postdoc will thus contribute to the development of an operational framework model that can be applied directly in the industry with the purpose of reducing the risk of cyber-attacks on ships.

The specific research area of the postdoc should be able to contribute to the following tasks:

• Identification of the systems and cyber components of a modern ship
• Threat and Attack modelling, including identification of potential attack vectors and establishing the complete attack surface of a modern ship
• Definition of intended interactions among components to help identify Key Performance Indicators and support the development of cyber-attack prevention and response measures
• Definition of a set of KPIs to measure resilience towards cyber-attacks
• Definition of measures at the strategic (design) as well as the operational level that are adopted to minimize or reduce the risk of a cyber-attack, and provide an efficient and effective prevention mechanism
• Development of tools to assess the effectiveness of the measures
• Evaluation of measures according to the set of tools and KPIs 
• Revision of the framework model on the background of selected case studies
• Definition of specific recommendations and guidelines on cyber resilient measures

Other content of the position:

• Research with some teaching. It may also involve handling other assignments to a limited extent.

Qualifications
Candidates should have

• A Ph.D. in computer science, computer engineering, or networking, with a focus on cyber risk/security, network security, or similar, is required (Ph.D. students who have handed in, but not yet defended their thesis are welcome to apply)
• Teaching experience in related subjects will be a plus
• Demonstrated impact in the field of cyber security (as described above)
• Participation in academic collaborations in relevant areas
• Engagement with industry and public organisations in the shipping industry
• Relevant publication track record
• Ability to promote and disseminate research results to a non-academic audience

We offer
We offer an interesting and challenging job in an international environment focusing on education, research, scientific advice and innovation, which contribute to enhancing the economy and improving social welfare. We strive for academic excellence, collegial respect and freedom tempered by responsibility. The Technical University of Denmark (DTU) is a leading technical university in northern Europe and benchmarks with the best universities in the world.

Salary and terms of employment
The appointment will be based on the collective agreement with the Confederation of Professional Associations. The allowance will be agreed with the relevant union. The period of employment is 2 years.

Further information

Further information may be obtained from associate professor Christian D. Jensen, cdje@dtu.dk, tel.: +45 4525 3724.

You can read more about the Cyber Security division on www.compute.dtu.dk/english/research/Cyber.

Application procedure

Please submit your online application no later than 1 September 2017. Apply online via the "Ansøg" link.

Applications must be submitted as one PDF file containing all materials to be given consideration. To apply, please open the link "Apply online," fill in the online application form, and attach all your materials in English in one PDF file.

The file must include:

• Application (cover letter)
• CV
• Diploma (MSc/PhD)
• List of publications

Applications and enclosures received after the deadline will not be considered.

All interested candidates irrespective of age, gender, disability, race, religion or ethnic background are encouraged to apply.

Please write in your application that you've seen the job at Jobfinder