Post-Doctoral Research Assistant (two posts available)

Closing Date: Monday 07 August 2017
Interview Date: Wednesday 23 August 2017
Start date: 2 October 2017
Duration: 2 years
Salary: £36,077 to £40,317 per annum - including London Allowance

The Systems Security Research Lab at Royal Holloway, University of London, is seeking to appoint 2 Post-Doctoral Research Assistants (PDRAs) to work on the EPSRC-funded project titled "MobSec: Malware and Security in the Mobile Age"

The overall goal of MobSec is to improve the security of mobile devices by reducing the risk from installing and using third party applications. Outcomes of the project so far include a large-scale study on the impact of vulnerabilities in hybrid Android apps as well as novel techniques for facilitating and interpreting the results of dynamic analysis of Android apps and malware. For example, a recent result from MobSec, which will be presented at USENIX Security 2017, shows how to identify concept drift in machine learning models used for malware classification.

The Principal Investigator Dr Lorenzo Cavallaro's research expertise is in systems security and malware analysis with interests in program analysis and machine learning – two main disciplines underlying Dr Cavallaro's research; in addition, the project benefits from the expertise of Dr Johannes Kinder (co-Investigator, program analysis and symbolic execution) and a partnership with McAfee Labs, as well as strong links with other key players (e.g., Google’s Android Security team).

There are two post available from Oct 2, 2017 or as soon as possible thereafter (not later than Nov 4, 2017) for a fixed term period of 24 months each. This post is based in Egham, Surrey, where Royal Holloway, University of London is situated in a beautiful, leafy campus near to Windsor Great Park and within commuting distance from London.

Royal Holloway, University of London is one of the fourteen Higher Education Institutions (HEIs) in the UK recognised by the UK National Security Centre (NCSC) as a Centre of Academic Excellence in Cyber Security Research, and only one of the two HEIs awarded with a Centre for Doctoral Training in Cyber Security.

For an informal discussion about the post, please contact the PI, Dr Lorenzo Cavallaro, at or +44 (0)1784 414381.


We are looking for a motivated aspiring researcher with a strong track record related to system security, with a particular focus on either program analysis or machine learning. World-class research in an applied field such as ours requires collaboration, so you should be a team-player. Please also refer to the person specification in the job portal for more details.

How to Apply

Please apply via the Royal Holloway job portal. The RHUL Recruitment Team can be contacted with queries by email. To apply, please complete the application form and submit (i) a CV, (ii) a cover letter outlining how you fit into the project, and (iii) a personal research statement. Applications with missing documentation may not be fully considered.

PhD Studentship in Program Analysis for Security (CDT)

Supervisor: Dr Johannes Kinder
Start date: October 2017
Duration: 4-5 years
Annual Stipend: about £20,000 (tax free)

Every day we trust our web, mobile, and desktop applications to operate correctly and to safeguard our personal data. Unfortunately, numerous security incidents have shown that often this trust is misplaced: software and systems crash, leak sensitive information, or get infected by malware. The core of the problem is usually a software bug that opened a particular vulnerability. We must identify such vulnerabilities early, before they can cause damage. Powerful methods from static and dynamic program analysis, such as symbolic execution, promise to find bugs and vulnerabilities automatically by inspecting the code and its runtime behaviour.

We are looking for qualified students to work with Dr Johannes Kinder and other members of the group in the field of program analysis and automated software verification with application to system security. This offers a unique opportunity to combine theory and practice: we are not only interested in elegant formalisms, but also in building robust tools that work on real applications. In the past, we have built tools that use temporal logic to detect malware or abstract interpretation to disassemble x86 binaries, for example.

The successful applicant will be hosted at the Department of Computer Science and the Information Security Group (ISG) of Royal Holloway, University of London. Both departments are leading research centres in their respective areas. As a result, the student will benefit from a thriving and dynamic research environment and may collaborate with PhD students and researchers with interest in the field.

The student will be enrolled in the Centre for Doctoral Training at ISG, which includes a taught course element in Information security. More information is available on the ISG's CDT web pages.


Applicants should have or be expecting to obtain a first class honours degree or a masters degree in Computer Science or similar subject. In addition, applicants should be very confident about their programming skills and their background in logic and algorithms. Practical experience in systems security is a plus.

To qualify for the doctoral training centre, applicants need to satisfy EPSRC's eligibility requirements.

How to Apply

Applications will be reviewed on a rolling basis as they are received. For informal inquiries about the position, please contact Johannes Kinder. To apply, please use the Royal Holloway online application system.