×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Research Associate – AI-guided Attack Surface Assessment

Job in Germany, Pike County, Ohio, USA
Listing for: Université du Luxembourg
Full Time position
Listed on 2026-01-12
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 60000 - 80000 USD Yearly USD 60000.00 80000.00 YEAR
Job Description & How to Apply Below
Location: Germany

Research Associate – AI-guided Attack Surface Assessment

The University of Luxembourg is an international research university with a distinctly multilingual and interdisciplinary character.

The Interdisciplinary Centre for Security, Reliability and Trust ( SnT ) at the University of Luxembourg is a leading international research and innovation centre in secure, reliable and trustworthy ICT systems and services.
We look for researchers from diverse academic backgrounds to contribute to our projects in areas such as:
Network Security, Information Assurance, Model-driven Security, Cloud Computing, Cryptography, Satellite Systems, Vehicular Networks, and ICT Services & Applications.

Your role

The SnT is seeking a Postdoc to support the research and development work within the SEDAN group. We seek a candidate with expertise and/or interest in the following relevant fields: machine learning and cybersecurity.

The candidate will have the opportunity to work on a collaborative project with a leading industry in cybersecurity allowing thus to validate and receive feedback from on-the-field cybersecurity practitioners. The project aims at improving the assessment of the attack surface of an organization. This is essential to identify all possible entry points an external attacker could use to break into the IT system.

Because attack surface became large and diverse [Rizz
20], Automated External Attack Surface Management (EASM) cannot be limited to naive IP address scanning or simply relying on incomplete CMDBs [Kie
23]. Thus, multiple tools are used by experts with strong knowledge and previous experience. The main objective of the project is to automate this human-based cognitive process thanks to the use of Deep-Reinforcement Learning (DRL) to orchestrate the joint use of multiple attack surface tools, Large-Language Models (LLMs) to refine their configurations and graph-based Machine Learning (ML) to detect anomalies (such as a new unknown possible entry point) and provide actionable recommendation according to the recovered attack surface.

A tool like AMASS[1] from OWASP already acts as an interface through multiple tools. Although it still relies on manual configuration or scripting, such types of tools will be considered to serve as a basis to support modelling and interacting with existing tools.

The postdoc will thus have to define an orchestrator capable of communicating with existing tools by defining necessary interfaces and most of all the intelligent iterative engine based on reinforcement learning. The developed orchestrator thus consists in interconnecting existing open-sources tools for EASM with an orchestrator to be defined. This requires the definition and development of a unified language alongside the necessary interfaces.

LLMs will be used to iteratively interpret results obtained by to the execution of the EASM tools to support an orchestrator to refine their configurations. Indeed, the space of exploration is almost infinite and is often based on text-based information (domain names, service provider names, software names, certificates, etc.) from which a particular semantic can be inferred. At the end of the processing pipeline, a component will aggregate the accumulated knowledge about the discovered attack surface.

The ultimate objective is to provide useful and prioritized recommendations by detecting anomalies in the external attack surface, knowing that a system cannot be totally isolated.

In addition, the candidate will be also involved in project management, reporting and dissemination. The project is an academic project oriented but applied research. It is a unique opportunity to develop new concepts with a close collaboration with industry.

During postdoc, the candidate will have the opportunity to participate and propose other projects within the group and so also develop his/her/their own research agenda. We are working on various topics related to applied ML and cyber-security, including applications and security of LLMs.

Your profile

The candidate should possess a PhD degree in Computer Science/engineering or Telecommunication Engineering,

What we’re looking for:

  • A…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search