Computer Scientist (f/m/x) (Cyber) Security of Critical Infrastructure and Air Traffic Systems

Job Description

## What to expect Increasing digitalisation and networking in air traffic make cyber security a key aspect for the protection of critical infrastructures. Air traffic management (ATM) and air traffic control in particular rely on highly available, secure and resilient systems to ensure smooth and protected operations. In view of new threat scenarios, it is essential to systematically integrate security concepts from the outset ("security by design").

At the Institute of Flight Guidance, measures are being developed to increase cyber resilience in order to protect air traffic system networks against unauthorised interference. This includes identifying potential points of attack, analysing threat scenarios and developing and validating robust security architectures. In addition to technical protective measures, the human factor is also taken into account as a decisive element in security strategies.

New methods for security assessment and concept validation are to be developed and existing approaches adapted to the special requirements of air transport. The task includes the development and application of procedures for the assessment of cyber security, the verification of their effectiveness and their implementation in specific projects to secure critical infrastructures in air transport. ## Your tasks - Research into security assessment methods for air traffic systems and infrastructures, particularly in the field of air traffic management and air traffic control - Analysing threat scenarios and security requirements to identify potential vulnerabilities in ATM systems and infrastructures - Develop and implement new assessment techniques, including penetration testing and application of the NIST Cybersecurity Framework, for security testing of software components and data exchange procedures - Conducting simulations and experiments to test the cybersecurity of ATM systems under real and simulated conditions - Development and operation of an aviation security laboratory, including the specification, integration and testing of relevant system components - Collaboration in the development of a dynamic security management concept for aviation for the continuous improvement of security architectures - Documentation and publication of research results, both in internal project reports and at international conferences and in scientific journals ## Your profile - Completed scientific university degree (Master's/Diploma Uni) in computer science (e.g.

computer engineering) or other degree programmes relevant to the job - Programming experience in Python, C/C++ or Java for security-critical applications - Experience with network security and protocols (e.g. TLS, IPSec, Zero Trust) - Knowledge of cybersecurity methods (e.g. penetration testing, NIST Cybersecurity Framework, PART-IS) - Experience in modelling and simulating security-critical systems - Knowledge of threat modelling and risk analyses for critical infrastructures - Creative drive, team spirit and an independent, scientific way of working>