What will you be doing?
This department employs approximately 30 professionals who work on issues related to the security of IT networks, systems and smartphones to help our clients and associates take charge of their ICT security, detect fraud, review their architecture or develop a security design for new systems. The division works in two locations: Groningen and Delft.
This master thesis project takes place in the context of a European FP7 research project SEGRID focussing on the protection of smart grids against cyber-attacks. The project focusses on threat and vulnerability modelling tools, such as Cyber Security Modeling Language (CySeMoL). CySeMol was developed at the Royal Institute of Technology of Stokholm (KTH). Given an ICT system architecture CySeMol can generate various attack paths (a series of attack steps) that would potentially be possible to attack that architecture, and combines the conditional probabilities of attack steps into an aggregated expected likelihood of success for the whole attack path. CySeMol is currently targeted at employment during the design phase. Within the SEGRID project we will explore how we can extended the usages of CySeMol to security operations phase. For this we will need to generate a model of an existing ICT infrastructure.
Within the master project you will work on automatic model generation of an existing ICT infrastructure, by using information from different sources such as vulnerability scanners (e.g. nmap), configuration management system, intrusion detection systems, etc.. In addition, you will investigate how a threat and vulnerability modelling tool, such as CySeMol, can be used to support security operations, including security monitoring, incident response, and threat intelligence management.
What do we require of you?
You are working on a Master’s degree on Information Science and you would like to work on ICT security. You are familiar with information security, experience with programming and IP network technology. You are analytical and you are capable of working autonomously. In addition, you have good communication skills and you are creative and innovative. However, most important is your motivation to work in the cyber security field.
What can you expect of your work situation?
TNO is an independent research organisation whose expertise and research make an important contribution to the competitiveness of companies and organisations, to the economy and to the quality of society as a whole. Innovation with purpose is what TNO stands for. With 3000 people we develop knowledge not for its own sake but for practical application. To create new products that make life more pleasant and valuable and help companies innovate. To find creative answers to the questions posed by society. We work for a variety of customers: governments, the SME sector, large companies, service providers and non-governmental organisations. Working together on new knowledge, better products and clear recommendations for policy and processes. In everything we do, impact is the key. Our product and process innovations and recommendations are only worth something if our customers can use them to boost their competitiveness.
What can TNO offer you?
You want to work on the precursor of your career; a work placement gives you an opportunity to take a good look at your prospective future employer. TNO goes a step further. It’s not just looking that interests us; you and your knowledge are essential to our innovation. That’s why we attach a great deal of value to your personal and professional development. You will, of course, be properly supervised during your work placement and be given the scope for you to get the best out of yourself. Naturally, we provide suitable work placement compensation.
Has this vacancy aroused your interest?
Then please feel free to apply on this vacancy! For further questions don’t hesitate to contact us.
Contactpersoon: Frank Fransen
Phone number: +31 (0)88-86 67729