10 PhD Positions at Royal Holloway’s Centre for Doctoral Training in Cyber Security

At Royal Holloway we once again have ten PhD positions in Cyber Security nee Information Security. The catch is that almost all of those positions are reserved for UK residents. Note that this does not mean nationality, see funding page (there might also be some wiggle room in some cases). For more information see the CDT website and the ISG website for what kind of research we do. Closing date is 30 April.

Welcome to the EPSRC Centre for Doctoral Training (CDT) in Cyber Security at Royal Holloway. The Centre was established in 2013, and has as its main objective to produce cohorts of highly-trained researchers with a broad understanding of cyber security.

The CDT is hosted by the Information Security Group (ISG), and provides multidisciplinary training to annual cohorts of around ten students each. The students follow a 4-year doctoral programme: the first phase consists of a taught component comprising 25 per cent of the programme. The remaining three years follow the more traditional path of doctoral studies, with each student undertaking research in an advanced topic in the field of cyber security. See the CDT Course of Study page for more information about the programme.

CDT recruitment typically runs from November to April, to select students for the CDT cohort starting every October. Selected applicants are awarded fully-funded PhD studentships (stipend and College fees) for four years. We consider applications from candidates with undergraduate and masters qualifications in a wide range of disciplines, including, but not limited to, mathematics, computer science, and electrical and electronic engineering.

We are now open for applications for the 2017/18 CDT cohort. We have a number of fully-funded studentships to award to qualified and eligible candidates, to start their PhD studies in September 2017. Closing date for receiving applications is 30 April 2017. We will however assess applications on an ongoing basis, and we reserve the right to make an offer to candidates before the closing date.

Please explore the links below to learn more about the entry requirements, funding and eligibility, and how to apply to Royal Holloway’s CDT in Cyber Security.


Two Lecturer Positions in the Information Security Group

My department – the Information Security Group at Royal Holloway, University of London – has two open positions. One 4 year teaching focused post and one permanent post with the usual research and teaching profile (similar to, say, a Junior Professor in Germany). It’s a nice place to work, there’s good research going on from cryptography and system security to human and social aspects of information security and the ISG hosts one of the two UK Centres for Doctoral Training in Cyber Security which means we have funding for 10 PhD students per year at the moment. Most teaching is at the MSc level.

Continue reading “Two Lecturer Positions in the Information Security Group”

Lecturer Position in the Information Security Group

My department is hiring a new lecturer whose interests are related to, or complement, current strengths of the ISG. If you have questions get in touch either as suggested below or — if that works better for you — with me.

Lecturer in Information Security


Applications are invited for the post of Lecturer in the Information Security Group at Royal Holloway, University of London

Applications are invited from researchers whose interests are related to, or complement, current strengths of the ISG. We are particularly interested in applicants who will be able to help drive forward research related to Internet of Things (IoT) security.

Applicants should have a Ph.D. in a relevant subject or equivalent, be a self-motivated researcher, and have a strong publication record. Applicants should be able to demonstrate an enthusiasm for teaching and communicating with diverse audiences, as well as show an awareness of contemporary issues relating to cyber security.

This is a full time and permanent post, with an intended start date of 1st September, 2016, although an earlier or slightly later start may be possible. This post is based in Egham, Surrey, where the College is situated in a beautiful, leafy campus near to Windsor Great Park and within commuting distance from London.

For an informal discussion about the post, please contact Prof. Keith Mayes on keith.mayes@rhul.ac.uk.

To view further details of this post and to apply please visit https://jobs.royalholloway.ac.uk/. The Human Resources Department can be contacted with queries by email at: recruitment@rhul.ac.uk or via telephone on: +44 (0)1784 41 4241.

Please quote the reference: 0216-068

Closing Date: Midnight, 1st April 2016

Interview Date: To be confirmed

We particularly welcome female applicants as they are under-represented at this level in the Department of Information Security within Royal Holloway, University of London.

Encouraging female reverse engineers

Thomas Dullien is running a nice competition to address the gender gap in IT security or more precisely reverse engineering:

As a field, reverse engineering has undergone a rapid change in recent years:
a rise in importance and visibility has led to a rapidly growing community of
reverse engineers. More people are doing reverse engineering, better tools are
developed, and it has mutated from a “dark art” to an almost-mainstream

However, as the community grows, the most visible parts  remain unchanged.
While there are female reverse engineers in the field, they are still under-
represented in absolute numbers and visibility of their work in conference
attendance and presentations.

What can we, as a growing field, do to change this? Progress can be made on the
macro level by many small and decentralized contributions on the micro level.
So, when I heard about the Syscan speaker’s honorarium this year, I decided to
put it to good use.

I asked a few friends if they’d be willing to form a panel of judges for a
women-only reverse engineering challenge, with the first (and only) prize being
a ticket to fly to and attend Syscan Singapore 2013. Luckily for me, they
agreed 🙂

This looks interesting: Code Audit Feed

You’re a developer. And you’ve spent the last 2 years working with Java sockets in an uninteresting trading app. But you also happen to support anonymity – but have no idea how to get involved. Or you’re a security researcher who’s spent the last two months understanding the padding oracle backwards and forwards. Wouldn’t it be nice to see a personalized RSS feed of cryptography, anonymity, and privacy projects containing the keywords “java.net.Socket” or “CBC Mode”? Then you could skim commits, and if something interesting came up, you may be able to lend your expertise. That’s exactly what the Code Audit Feed is for.

The goal is to aggregate relevant open source projects, watch their commits, and deliver personalized information via RSS, email, and a web interface to encourage people to get involved with projects and audit and improve the code. Development and Design are in the early stages, with a github repo located here. If interested, you can find the developer(s) onthe crypto.is IRC channel.

Website: https://crypto.is/projects/audit/ (via: https://blog.crypto.is/TCP-Newsletter-One/)