Wednesday, January 31, 2018

DEADLINE EXTENDED: Undergraduate Research Opportunity at IU

UPDATE:  We've extended the application deadline to February 18, 2018.  Please direct any questions to .

The NSF Cybersecurity Center of Excellence (CTSC) is seeking an undergraduate research assistant at Indiana University Bloomington to aid in the development of a software engineering security guide for NSF-funded science and research projects. The student will work under the supervision of Chief Security Analyst Susan Sons to through data on unusually high-impact vulnerabilities across many types of software, as well as on which vulnerabilities most commonly have impact, to and in drawing and explaining conclusions about which types of software weaknesses or development problems should be focused on in developer education and in the first security evaluations on software in an unknown security state.

The student’s work would be comprised of about 60% mining existing databases on software weaknesses and vulnerability reports, about 20% writing up results on that process, with a focus on the top vulnerabilities, and about 20% fleshing out the teaching materials by integrating feedback from outside reviewers and information gained from testing various software tools’ abilities to identify these selected top vulnerabilities.

The student will be appropriately credited, based on work completed, in the final publication.

Schedule and Compensation:

Work will commence in mid February (schedule flexible) with conclusion in May 2018. The student will be expected to work 20 hours per week on a flexible schedule for a $300/week stipend for up to 22 weeks. Primary place of work is the IU Innovation Center at 2719 E Tenth Street, with remote work possible.

Required skills:
  • Experience using an appropriate programming language (e.g. Python or Perl) to search text and database records for information.
  • Ability to take on moderately-sized technical writing tasks.
  • Excellent task management skills: ability to take on tasks or projects, keep track of relevant information, ask for help when needed, and provide consistent feedback on project status with attention to quality and deadlines.
  • Interest in cybersecurity (experience a plus but not required).

Application Process:

Applications will be reviewed by a committee from CTSC, with a decision to be made by February 9th. Candidates should email the following information to Susan Sons,, by 5pm Eastern on February 18th, 2018:
  1. University Transcripts
  2. Letter of Recommendation from a faculty member
  3. A 250-300 word essay answering “How will this experience benefit me?”
  4. A 250-300 word essay answering “What are my expectations for this experience?”
Applications will be reviewed by a panel of CTSC Analysts.