POSITION - Director
The Faculty of Computer Science and Engineering of Innopolis University is looking to recruit the Director of the Information Security Institute. The position involves both managerial duties, teaching, and research. We are looking for a professional who can make the difference in our university, lead the institute team, make ground-breaking research, teach effectively a very talented student body, attract research funds, and entertain a worldwide network of colleagues.
The Institute consists of the following departments:
• Networks and Blockchain Lab
• Cloud Systems and Virtualization Lab
• Cyberphysical Systems Lab
• Security and Networks Engineering Master's Program
Some of the directions of research and teaching include:
1. Networks and Network Security.
2. Secure Systems and System Development.
3. Large Systems, DevOps, and DevSecOps.
4. Operating Systems and Reverse Engineering.
5. Offensive Technologies, CyberCrime and Forensics.
• PhD degree and published research in software security, secure systems, exploitation and reverse engineering
• Managerial experience
• 3+ years of industry experience in the related area
• Professional security and network certifications (CISSP, CEH, OSCP, CCNA, CCNP, etc.)
COMPENSATIONS AND BENEFITS
Usually, the initial appointment is 3-years with expectation for renewal. The monthly salary is negotiable, starting from 400 000 RUB , with additional benefits, including the low taxation level of Russia (max.15%), 56 days of annually paid vacations, paid health care coverage, relocation, housing allowance, tickets home twice a year, school/kindergarten.
Responsibility of the Director of the Information Security Institute will include managing the institute, teaching two to three semester-long courses to graduate students during the academic year, for a total of max 90 hours of frontal astronomical lecturing, leading research activities, advising and mentoring students, and other activities related to developing and maintaining the intellectual and cultural environment of the University. With this position, suitable support is provided by the university to publish papers, attend conferences, and supervise MS and PhD students.
to send a resume.
The Faculty of Computer Science and Engineering of Innopolis University invites highly promising Assistant Professors who have recently graduated or are close to graduation (completion expected by May 2022) or high-caliber Associate/Full Professors and who can teach in English (the language of instruction).
Specifically, we want candidates to join the faculty of our industry-oriented Master's program "Security and Network Engineering". A candidate should be familiar with real-world modern technologies and skills that are required by industry, be ready to update course content accordingly, advise students on projects, and collaborate with industry if it is involved in the educational process. We target professionals who can make the difference in our institution, managing their labs, making ground-breaking research, teaching effectively a very talented student body, attracting research funds, and entertaining a worldwide network of colleagues. With this position, suitable support is provided by the university to publish papers, to attend conferences, and to supervise MS and PhD students.
We are looking for candidates that will be able to develop/update and teach some of the following courses:
1. Classical Internet Applications (graduate)
The primary focus of this course is to learn Linux-based internet services, common internet protocols and applications as well as to have a general understanding of computer systems and architecture. Topics that need to be covered: Operating system architecture and its main concepts (OS kernel, system libraries, system calls, network services, booting services), DNS protocol, DNS over HTTPS, Mail protocols, Web servers, Web APIs (REST, SOAP).
2. Secure Systems and Networks (graduate)
This course is about engineering concepts and techniques to develop secure systems from an IT infrastructure point of view. How to monitor it, audit and implement security controls. Topics that need to be covered: Modern applied cryptography (symmetric/asymmetric encryption, hash functions, digital signature, PKI infrastructure). Installation and administration of secure protocols in IT infrastructure (ssl/tls, ssh, sftp, ipsec, vpn, https). Active Directory and related technologies (LDAP, Kerberos). Infrastructure Security (IDS/IPS systems, Firewalling, Logging, Monitoring, DMZ, Proxying, building defense-in-depth).
3. Advanced Security (graduate)
This course focuses on security aspects in software vulnerabilities and techniques that are needed to find and analyze them and be able to provide secure patches and enhancements. Also, course coverage includes such related areas as software security design and architecture, software security testing, and secure coding techniques. Topics that need to be covered: Web applications security. Mobile applications security, Memory corruption and binary programs related vulnerabilities, Secure coding, Software security testings (DAST/SAST), Software security design and architecture.
4. InterNetworking and Routing (graduate)
InterNetworking and Routing is the course that provides students with fundamental knowledge about inter-networking and routing. The course starts with some basic material about routing, such as the definition of path cost and the classification of routing algorithms. A networking infrastructure deploys a variety of algorithms for routing packets, classified as those using optimal routes and those using non-optimal routes. This course includes hands-on exercise and the students will practice their skills on the real hardware and software. This course also introduces various topics on security aspects for the network design and administration such as secure protocols used on the application layer, VPN technologies, network segmentation, and access control techniques. Basics of networking concepts (OSI model, subnetting, addressing, gateway, firewalling). STP and Vlans. IPv6. Secure protocols (SSH, HTTPs, SFTP, TLS, SSL). Network Segmentation, isolation. Routing protocols (RIP, OSPF, MPLS, BGP). Tunneling, VPN.
5. Advanced Networking (graduate)
Advanced Networking is the core course that provides students with advanced knowledge about computer networks in order to obtain confidentiality, integrity, and availability of information. The course is focusing on security aspects to design and control IT infrastructure over the networks, including learning about the general type of network attacks as well as techniques included in the common penetration testing scenarios. Topics that need to be covered: IDS/IPS systems and network infrastructure (concepts, design, configuration, troubleshooting). Covert channels, Deep packet inspection, SNMP protocol. Scanning, networks reconnaissance, attacks against routing protocols (routing manipulation and attacks), BGP hijack, MiTM attacks. Security Operation Center (concept, architecture, design, implementation, configuration, testing). Network automation (automation of network configuration, packet crafting). Traffic analysis (capturing, proxying, sniffing), usage of SPAN. Advanced network attacks (moving inside the enterprise network, network pivoting, proxying, anonymity).
6. Large Systems (graduate)
The course focus on large organizations' complex architectures where products and protocols of multiple vendors have to inter-operate. The main purpose of the course on understanding the challenges and building a scalable IT infrastructure that is flexible and efficient to manage. The course covers also aspects of DevOps engineering which combines software development with IT operations and aims to provide a holistic way to develop, deploy, operate and monitor software. Topics that need to be covered: Virtualization and Cloud Computing. Data-centers and Infrastructure management methodologies. Source Code Management and Configuration Management Systems. Continuous Integration. Quality assurance and Continuous Testing. Packaging, Releasing, and Continuous Deployment Microservices, orchestration technologies. Monitoring, logging, load-balancing and scaling.
7. Offensive Technologies (graduate)
Offensive Technology introduces methods and tools to assess the security of different services and protocols therein. The course aims to expose the students to real-world problems from a security point of view and let them find vulnerabilities in both software and hardware. In this course the students will particularly focus on software security and penetration techniques, reverse engineering, advanced memory exploit/mitigation, and fuzzing techniques. Topics that need to be covered: Reverse engineering, Offensive tools and IT infrastructure attack methods, Scanning and Fuzzing, Advanced exploitation techniques, Red teaming.
8. CyberCrime and Forensics (graduate)
The course teaches on modern tactics and techniques of high-tech crimes, including counter-forensics methods. The main purpose of this course is to provide for students the necessary knowledge and abilities to obtain and analyze digital evidence in a way to provide investigations that will comply with the current law and regulations. Another purpose for the course is to learn for students how to counteract ongoing computer incidents, intrusions and to perform threat hunting in the computer systems. Topics that need to be covered: Modern high-tech crimes techniques and the law. Data acquisition and securing digital evidence. Computer systems artifacts and their analysis methods (Windows, Linux, mobile OS). Volatile data analysis. Incident response and threat hunting across the enterprise IT infrastructure. Blue teaming.
9. Secure System Development (undergraduate)
The course is about secure system development and software that needs to be secure to avoid security risks. The course provides skills for future developers, security engineers to develop secure software and systems. As a part of the course students learn how to find and fix vulnerabilities, implement protections, automate secure processes, and make secure practices a part of your software development life cycle (SDLC). Network security architecture. Logging and monitoring. Mobile security. Software security design and architecture. Secure SDLC. Secure coding/patching. Secure CI/CD environments.
QUALIFICATIONS AND REQUIREMENTS
• Having professional security and network certifications (CISSP, CEH, OSCP, CCNA, CCNP, etc.)
• More than 3 years of industry experience in the related area
• Having a Master’s degree in Information Security and related areas
• Having PhD and doing research related to software security, designing secure systems, exploitation and reverse engineering
• Having an experience with providing teaching activities for industry professionals
Responsibility of the newly recruited assistant professors will include teaching three to four semester-long courses to undergraduate or graduate students during the academic year, for a total of max 120 hours of frontal astronomical lecturing, leading highly regarded research activities, advising and mentoring students, contributing to community services and other activities related to developing and maintaining the intellectual and cultural environment of the University.
COMPENSATIONS AND BENEFITS
Usually, the initial appointment is 3-years with expectation for renewal. The salary is very attractive, aligned with the best institutions worldwide, with additional benefits, including the low taxation level of Russia (max.15%), 56 days of annually paid vacations, paid health care coverage, relocation, housing allowance, tickets home twice a year, school/kindergarten.
to send a resume