FBK is looking for a Researcher in the field of Secure Software Engineering for the Cybersecuri[...]

Organisation/Company Fondazione Bruno Kessler Research Field Computer science Researcher Profile Recognised Researcher (R2) Positions PhD Positions Country Italy Application Deadline 16 Jan 2026 - 23:55 (Europe/Rome) Type of Contract Temporary Job Status Full-time Hours Per Week 38\ Offer Starting Date 1 Feb 2026 Is the job funded through the EU Research Framework Programme? Other EU programme Is the Job related to staff position within a Research Infrastructure? No

Fondazione Bruno Kessler (FBK) is a private research institution devoted to excellence in research in numerous disciplines and designated to the role of keeping the Autonomous Province of Trento in the mainstream of European and international research. Each research area is assigned to a specific research Centre, of which there are twelve totals. Information regarding the research Centres, their activities and production are available at http://www.fbk.eu/research-centers .

In particular, the FBK Cyber Security Centre (CS) develops digital technology and cyber security to foster collaboration between the various stakeholders through a combination of IT risk management techniques (in order to develop highly innovative security solutions that will mitigate vulnerabilities and reduce the risk of attacks) as well as trust management techniques (to improve the interaction between people and technology). As part of the FBK mission, which aims to achieve results of scientific excellence and to produce an impact on society, the Center's mission is to make these techniques available to the largest number of organizations, including SMEs, which account for a substantial part of the EU economy but lack cybersecurity expertise. To this end, integrating automated cyber risk assessment support with trust management that will have the ability to produce operational suggestions to assist ICT solutions designers, developers and administrators in their daily activities is critical.

The candidate will be working in the SaFEWaRe (Secure Code Lifecycle for Applications and Networking) Unit, of FBK Cyber Security Center. SaFEWaRe focuses on enhancing software security. Our goal is to provide tools and practices that secure the code throughout its entire lifecycle and to ensure that code adheres to international regulations and standards (e.g., NIS2, EU AI Act, GDPR). Artificial Intelligence (AI) plays a dual role in our work: as a challenge, we focus on securely integrating AI into software systems, and, as a solution, we harness AI to enhance software analysis and reduce cyber risks through improved accuracy and automation.

We are also engaged in industrial software development projects, which provide a robust foundation for our research; offering both practical inspiration and a means for real-world validation.

This position is offered within the project IPCEI Next Generation Cloud Infrastructure and Services (CIS): 8ra and the FBK CAITE project.

The 8ra Initiative is a strategic European endeavour dedicated to create a resilient and scalable digital infrastructure tailored to Europe’s needs. At its core is the Important Project of Common European Interest on Next Generation Cloud Infrastructure and Services (IPCEI-CIS) , bringing together 12 EU member states and about 120 industrial and research partners to drive Europe’s digital sovereignty. The main goal of IPCEI-CIS is to establish a "Multi-Provider Cloud-Edge Continuum" that operates independently of any single provider. This continuum embodies the seamless fusion of cloud and edge computing, enabling the flexible allocation of resources and applications between the cloud and the network edge. In 8RA, FBK is responsible for the project Cybersecurity & AI at the Edge (CAITE) whose aim is twofold. First, it aims to bring AI at the edge, by providing scalability and resource efficiency through the development of cooperative, distributed AI algorithms, optimising data, energy, and processing resources while adapting to the different computational environments and capabilities. Second, the project emphasises the creation of security, privacy-enhancing, and trust-aware services to ensure resilience and compliance in distributed AI-enabled applications. Three research centers of FBK cooperate and develop CAITE: the Augmented Intelligence Center , the Center for Cybersecurity, and the Digital Society Center .

The SaFEWaRe research unit is seeking a motivated Researcher in the field of Secure Software Engineering and Software Regulatory Compliance. The selected candidate will contribute to activities aimed at delivering tools and techniques that enable software developers to produce secure code in compliance with regulations mandated by governments (e.g., NIS2, Eu-AI-Act, GDPR) and standards set by organizations (e.g., ISO).

The successful candidate will contribute to the following tasks:

• Carry out applied research on Secure Software Engineering and Software Regulatory Compliance;
• Collaborate with project partners (academic and industrial) in both national and international initiatives;
• Contribute to scientific publications, dissemination activities, and project proposals;
• Supervise and mentor students during internships and thesis projects.

The selected candidate may also be involved in additional activities or projects within the Centre, depending on organizational needs.

The ideal candidate must have the following requirements:

• Phd in Computer Science, Software Engineering, or related fields or equivalent experience;
• Strong understanding of secure coding practices and principles (e.g., OWASP Top 10);
• Familiarity with software engineering techniques (e.g., secure software development lifecycle (SDLC));
• Solid understanding and practical experience in Artificial Intelligence (AI) and Machine Learning (ML) concepts, algorithms, and frameworks; Hands-on experience with popular ML libraries and tools (e.g., TensorFlow, PyTorch, scikit-learn);
• Familiarity with cloud architecture principles, scalability, and security best practices; Experience with containerization and orchestration tools (Docker, Kubernetes);
• Ability to contribute to the writing of scientific articles and project proposals;
• Strong sense of curiosity and willingness to learn and develop;
• Ability to work both independently and in a team environment;
• Good communication and relational skills;
• Strong orientation to results, determination, flexibility and aptitude for problem-solving.

Furthermore, the following elements will be positively evaluated:

• Understanding of regulatory frameworks and standards relevant to software development (e.g., NIS2, Eu-AI-Act, GDPR); experience in software regulation compliance;
• Experience on operational fulfilment (with automated and semi-automated tools and techniques) of cybersecurity requirements deriving from regulations;
• Good knowledge of the Italian language (both oral and written).