Fondazione Bruno Kessler (FBK) is a private research institution devoted to excellence in research in numerous disciplines and designated to the role of keeping the Autonomous Province of Trento in the mainstream of European and international research. Each research area is assigned to a specific research Centre, of which there are twelve totals. Information regarding the research Centres, their activities and production are available at http://www.fbk.eu/research-centers.
In particular, the FBK Cyber Security Centre (CS) develops digital technology and cyber security to foster collaboration between the various stakeholders through a combination of IT risk management techniques (in order to develop highly innovative security solutions that will mitigate vulnerabilities and reduce the risk of attacks) as well as trust management techniques (to improve the interaction between people and technology). As part of the FBK mission, which aims to achieve results of scientific excellence and to produce an impact on society, the Center's mission is to make these techniques available to the largest number of organizations, including SMEs, which account for a substantial part of the EU economy but lack cybersecurity expertise. To this end, integrating automated cyber risk assessment support with trust management that will have the ability to produce operational suggestions to assist ICT solutions designers, developers and administrators in their daily activities is critical.
Workplace Description
The candidate will be working in the SaFEWaRe (Secure Code Lifecycle for Applications and Networking) Unit, of FBK Cyber Security Center. SaFEWaRe focuses on enhancing software security. Our goal is to provide tools and practices that secure the code throughout its entire lifecycle and to ensure that code adheres to international regulations and standards (e.g., NIS2, EU AI Act, GDPR). Artificial Intelligence (AI) plays a dual role in our work: as a challenge, we focus on securely integrating AI into software systems, and, as a solution, we harness AI to enhance software analysis and reduce cyber risks through improved accuracy and automation.
We are also engaged in industrial software development projects, which provide a robust foundation for our research; offering both practical inspiration and a means for real-world validation.
Background information and description of research projects
This position is offered within the project IPCEI Next Generation Cloud Infrastructure and Services (CIS): 8ra and the FBK CAITE project.
The 8ra Initiative is a strategic European endeavour dedicated to create a resilient and scalable digital infrastructure tailored to Europe’s needs. At its core is the Important Project of Common European Interest on Next Generation Cloud Infrastructure and Services (IPCEI-CIS), bringing together 12 EU member states and about 120 industrial and research partners to drive Europe’s digital sovereignty. The main goal of IPCEI-CIS is to establish a "Multi-Provider Cloud-Edge Continuum" that operates independently of any single provider. This continuum embodies the seamless fusion of cloud and edge computing, enabling the flexible allocation of resources and applications between the cloud and the network edge. In 8RA, FBK is responsible for the project Cybersecurity & AI at the Edge (CAITE) whose aim is twofold. First, it aims to bring AI at the edge, by providing scalability and resource efficiency through the development of cooperative, distributed AI algorithms, optimising data, energy, and processing resources while adapting to the different computational environments and capabilities. Second, the project emphasises the creation of security, privacy-enhancing, and trust-aware services to ensure resilience and compliance in distributed AI-enabled applications. Three research centers of FBK cooperate and develop CAITE: the Augmented Intelligence Center, the Center for Cybersecurity, and the Digital Society Center.
Job Description
The SaFEWaRe research unit is seeking a motivated Researcher in the field of Secure Software Engineering and Software Regulatory Compliance. The selected candidate will contribute to activities aimed at delivering tools and techniques that enable software developers to produce secure code in compliance with regulations mandated by governments (e.g., NIS2, Eu-AI-Act, GDPR) and standards set by organizations (e.g., ISO).
The successful candidate will contribute to the following tasks:
- Carry out applied research on Secure Software Engineering and Software Regulatory Compliance;
- Collaborate with project partners (academic and industrial) in both national and international initiatives;
- Contribute to scientific publications, dissemination activities, and project proposals;
- Supervise and mentor students during internships and thesis projects.
The selected candidate may also be involved in additional activities or projects within the Centre, depending on organizational needs.
Job requirements
The ideal candidate must have the following requirements:
- Phd in Computer Science, Software Engineering, or related fields or equivalent experience;
- Strong understanding of secure coding practices and principles (e.g., OWASP Top 10);
- Familiarity with software engineering techniques (e.g., secure software development lifecycle (SDLC));
- Solid understanding and practical experience in Artificial Intelligence (AI) and Machine Learning (ML) concepts, algorithms, and frameworks; Hands-on experience with popular ML libraries and tools (e.g., TensorFlow, PyTorch, scikit-learn);
- Familiarity with cloud architecture principles, scalability, and security best practices; Experience with containerization and orchestration tools (Docker, Kubernetes);
- Ability to contribute to the writing of scientific articles and project proposals;
- Language assessment according to the Common European Framework of Reference for Languages (CEFR): level of knowledge required. Knowledge of English will be verified during the interview on a technical or scientific topic and must be equal to or exceed level B2. Definitions of levels can be found at the following link https://www.coe.int/en/web/common-european-framework-reference-languages/level-descriptions;
- Strong sense of curiosity and willingness to learn and develop;
- Ability to work both independently and in a team environment;
- Good communication and relational skills;
- Strong orientation to results, determination, flexibility and aptitude for problem-solving.
Furthermore, the following elements will be positively evaluated:
- Understanding of regulatory frameworks and standards relevant to software development (e.g., NIS2, Eu-AI-Act, GDPR); experience in software regulation compliance;
- Experience on operational fulfilment (with automated and semi-automated tools and techniques) of cybersecurity requirements deriving from regulations;
- Good knowledge of the Italian language (both oral and written).
Employment
Type of contract: fixed-term contract
Working hours: full-time (38 h per week)
Start date: Preferably February 2026
Duration: 24 months
Contract type: CCPL Research Foundation Personnel (https://trasparenza.fbk.eu/ita/Personale/Contrattazione-collettiva/Rinnovo-CCPL-delle-Fondazioni) for a Third level Researcher, the current gross annual remuneration is Euro 44.528,13
Workplace: Povo, Trento (Italy)
Benefits: flexi-time, company subsidized cafeteria or meal vouchers, internal car park, welcome office support for visa formalities and for research in accommodation, supplementary pension (Resaver, Laborfonds) and health fund (Sanifonds), family-work balance, free training courses, support on bank account opening, discount on public transport, sport, language course fees, counseling and psychological support service. More info at https://www.fbk.eu/en/work-with-us/
Application
Interested candidates are requested to submit their application by completing the online form (https://jobs.fbk.eu/). Please make sure that your application contains the following attachments (in pdf format):
- detailed CV (including relevant academic information such as a list of selected publications, and a link to an updated academic profile, for example Google Scholar);
- cover letter indicating why the candidate is suitable for this position.
Application deadline: 16/01/2026
Selection process and assessment criteria
The Evaluating Committee will be appointed by the People Innovation for Research Director at the end of the application deadline.
The recruiting process will be handled in accordance with the “Gender and generational equal opportunities, as well as the employment inclusion of people with disabilities in public contracts financed with the resources of the PNRR and PNC” guidelines and with the Foundation's Gender Equality Plan.
The Committee may compile the short-list of the candidates admitted to the interview, remotely or in presence. The short-list shall be compiled based on the requirements set out in the call (contained in the requirements of the job description), with the support of the screening of CVs and any other required documents.
Candidates with a minimum score will be admitted to the interview phase. Shortlisted candidates must do at least one interview with the Committee.
In case of specific need, the Selection Committee can also meet remotely, by teleconference or videoconference, provided that all members can be identified and that they are able to follow and intervene in the discussion, as well as to receive, transmit and view documents.
During the evaluation step, evaluation support tools such as tests or questionnaires may be used. Furthermore, group tests and/or practical tests may be administered.
Evaluation criteria
The selection process includes two evaluation moments led by the Commission: the screening and the interview phase.
The screening process will be based on the evaluation of the qualifications and expertise that the candidate expresses on the resume. A maximum of 40 points will be allocated to this assessment phase and only candidates obtaining at least 25 points will be admitted to the interview.
The interview scores will be assigned to candidates by the Commission according to the following criteria: the presentation of their research profile; the knowledge about the scientific domain, the experience in working for research projects and the language skills.
A maximum of 60 points will be allocated to this assessment phase. The interview is considered as “passed” if the applicant obtains at least 45 points.
The final score will be used to generate the final suitability list for each job position.
Results of the selection process
All candidates will be notified via email once the selection process has been completed.
The suitability list may be used to fill the position in case the successful candidate doesn’t accept the job offer.
At the website https://jobs.fbk.eu/ in the "Selection results" section, will be published the details of the selection process and the final results.
Diversity & Inclusion policy
FBK actively seeks diversity and promotes inclusion in the workplace. The main aims of the FBK Diversity & Inclusion policy are to:
- promote gender equality across the research domains and on all levels by encouraging qualified female candidates to apply for job positions and by implementing specific improvements and measures as stated in the Gender Equality Plan (GEP)
- foster young talents development by offering opportunities to grow
- become a disability-inclusive organization by encouraging applications from candidates with a disability (Law 68/99). We provide special assistance to applicants during the recruitment procedure and reasonable arrangements for disabled staff
- promote a healthy work-life balance by offering a package of flexible working arrangements and facilities (telework, individual working time, parental leave, etc).
The FBK operates in compliance with current legislation concerning fixed-term contracts. Candidates with disabilities are invited to state whether they belong to the categories referred to in Law 68/99, and to indicate this in the curriculum vita sent in application for recruitment.
Processing of personal data
Pursuant to art. 13 of EU Regulation No. 2016/679 (GDPR), we inform you that your personal data shall be processed for the management of the selection process and of the obligations connected to it, through manual, electronic and informatic means and will be guaranteed within privacy and security standards as indicated in the full privacy policy.
In order to ensure and respect the principles of publicity, transparency and impartiality, the name of the successful candidate and the names of suitable candidates will be published on the FBK website following acceptance of the position.
For further information, please contact the People Innovation for Research Department at jobs@fbk.eu.