Post doctoral in Cybersecurity in Healthcare - CDD

Job description

ABOUT TELECOM SUDPARIS

Telecom SudParis is a public graduate school for engineering, which has been recognized on the highest level in the domain of digital technology. The quality of its courses is founded on the scientific excellence of its faculty and on teaching techniques that emphasize project management, innovation and intercultural understanding. Telecom SudParis is part of the Institut Mines-Telecom, the number one group of engineering schools in France, under the supervision of the Minister for Industry. Telecom SudParis with Ecole Polytechnique, ENSTA Paris, ENSAE Paris and Telecom Paris are co-founders of the Institut Polytechnique de Paris, an institute of Science and Technology with an international vocation.

Its assets include: a personalized course, varied opportunities, the no.3 incubator in France, an ICT research center, an international campus shared with Institut Mines-Telecom Business School and over 60 student societies and clubs.


Missions

Improving the crisis management processes in the context of cyberattack on Field hospital infrastructure


Context

As technology is being used in modern day healthcare, the healthcare industry has been able to make its heritage more efficient. At the same time, the  deployment Cyber-Physical systems through both the medical devices, and other Health Internet of Things (HIoT), in turn exposes them to cyber threat actors. In addition, the healthcare industry’s attack surface area increases with the constant generation on Healthcare data (which is sometimes referred to as the ‘new gold’ by cybersecurity experts) due to its increasingly high demand in the underground cyber-market. Also, the stakeholders that are in both direct and indirect contact with the healthcare cyber infrastructure are also possible targets of the cyberthreat actors
in gaining access to these health data records and other motivedriven targets that may cause crisis within the facility.
In this case, certain cybersecurity assessment methods are deployed to assess the current posture of the infrastructure, followed by a structured deployment of training tools in the form of professionally curated exercises. These will aim to promote a holistic approach to the management cyberthreats targeted towards the healthcare facility, and the healthcare ecosystem as a whole.


Activities

The research will focus on the improvement of the method used in evaluating cybersecurity in the health systems by focusing on the an evaluation model for mobile field hospitals. This improved model that has been automated in the form of a functional Python-based software will also be  systematically implemented and packaged for direct deployment in the field for instant assessments.
The main objectives of the research includes the aim to coimprove the design processes of the evaluation model on the one hand, and on the other hand of the structured training exercises to be developed specifically for the Field hospital infrastructure users and stakeholders. This will be carried out by identifying and integrating:
(1) the interactions between the fully evaluated cyber infrastructure and its evaluations processes and, (2) the development and implementation of the a structured cyber-immersed simulation training.
In this context, the objective of the Post-Doctorate is to improved/develop a better model and for the co-design and recoding of the python-based automated software. This will in turn leverage the use of the results obtained to better understand the requirements needed to improve the cyber-immersed simulation trainings in the form of advanced Table-top exercises (TTX).
This methodology will be based on the identification and analysis (carried out within the lab environment) of the methods and tools used during the design of the original model and TTX.

Job requirements

Training

- Doctorate or PhD for less than 3 years


Essential skills, knowledge and experience

- Python

- Knowledge of cybersecurity and network security

- Project management

- Knowledge of ethical hacking

- Knowledge of penetration testing and/or analysis of user-centric training to respond to cyberattacks


Abilities

- Discretion, confidentiality

- The ability to work in a team

- Understanding and analysis of stakeholder needs

- Analytical mind


Additional information and application

- Application deadline: October 16, 2022

- Type of contract: CDD 1 year

- Category and profession of the post (internal): II - P, Post-doctoral

- Position location: Evry-Courcouronnes (91) - FRANCE

- The positions offered for recruitment are open to all with, on request, accommodations for candidates with disabilities

- Job open to public service contractors

- Working conditions: telework possible, restaurant and cafeteria on site, accessibility by public transport (with employer participation) or close to main roads, staff association and sports association on the Evry campus

- Persons to contact: Hervé DEBAR