Research Associate in Software Security

The Research Associate will work on the EPSRC project titled “Serious Coding: A Game Approach to Security for the New Code-Citizens” (SECRIOUS) and join a team of Heriot-Watt researchers in the field of Software Security and Human Computer Interaction. The overall project has three research associates, two at Heriot-Watt University and one at Glasgow School of Art whose specialist area is games.

The aim of the project is to develop a method and platform for serious games to raise security understanding among software developers. This involves preparing materials for expert and non-expert coders in collaboration with HCI, security and games experts.

The vision is to engage the wide public of coders to consider and understand security when coding. A number of user centered and game design events will co-design a number of online code-based games that will be showcased in the last year of the project. Players data will be collected and analysed to evaluate the impact of the games. The components and games developed as part of the project are expected to be under open licence to allow for re-use and further development.

The position is concerned with the work packages of the project involving both the preparation of materials and contents on software security and secure development. The main part of the work will focus on the development of a GitLab-based platform for online coding games and its software components (the development is expected to use multiple programming languages, i.e. Python, C#). They will specify requirements for the GitLab-based platform in collaboration with the rest of the project team, to develop and deploy components for the game platform in collaboration with game developer experts. The successful candidate will have a strong background in and research interest in software security, software engineering and sociotechnical methods for security. They will also have a strong interest in applying their expert software security and software engineering skills to co-design, build, deploy and evaluate the code-based platform for secure coding.

The position holder will have a PhD or Masters (MSc) in a Software Security or Software Engineering or closely related disciplines. Some experience of working with a software engineering company or on a funded research project would be beneficial. The project involves a high amount of communication with team members and the wider public. A clear ability to confidently communicate information at a range of technical levels is critical, while an ability to assimilate large amounts of data and present this in visual and written report form, or to present to a variety of audiences is important.

The position holder will be based at Heriot-Watt University. This project involves travel to partners of the project based in Edinburgh, Glasgow and St Andrews, and taking part in project events across the UK. It will also include national and international travel to key research conferences.