Damien Leduc, EPITA alumnus and ethical hacking specialist!

Damien Leduc, EPITA alumnus and ethical hacking specialist!

Graduating with a Systems, Networks and Security (SRS) major, Damien Leduc (EPITA class of 2008) has made ethical hacking his profession. This career path began during his end-of-studies internship and quickly continued at the giant BT (ex-British Telecom), which he joined in 2011 and now holds the position of Ethical Hacking Manager for Europe. This EPITA Alumnus discusses the approach to restore the often negative image of a hacker, while helping a large number of companies strengthen their IT security.

Damien Leduc

What does ethical hacking consist of?

Damien Leduc: The principle is to evaluate the client’s computer network, from the point of view of a hacker. This means hacking our clients, in the same way that a malicious hacker would, in order to identify weaknesses and thus help improve network security. At BP, we offer this service to our customers who wish to improve their IT security or who need it for network evaluation and assessment. Requests may come from IT project managers, who want a status report on their projects, as well as from IT managers, IT security teams, management or even potential clients who want to check a company’s system before becoming their customers.

What skills are required to “hack for a good cause”?

You need to have a very good technical background in all areas of computer science and be familiar with all technologies, including the most recent. You must also be intellectually capable of meticulously looking for even the smallest weakness, and know how to reverse the situation, asking yourself “how to hack the system” before determining “how to secure it”. Basically, it’s about being curious and striving to understand how things work and how they serve the company, without simply using a purely technical approach. Of course, you also have to be very rigorous so that you do not damage the IT systems you analyze.

What is your role today?

As a manager, I spend a great deal of time supervising the members of my team. This involves managing individuals, organizing projects, setting up regular reviews, maintaining relationships with customers, presenting our service offer using a pre-sales approach… In addition, I also work at keeping my skills up to date in order to stay on top of what is happening today and in the future. It’s about being on the lookout, constantly.

What do you like most about your job?

I have an exciting job! I have to admit that it is fun to look for loopholes and break into computer systems, when done legally and vigilantly. It is a very interesting job where you explore many different subjects and speak with different individuals from a variety of professions, which makes each mission unique. However, as soon as you take on a more managerial role, you quickly lose your grasp of the technical side. Hence, the importance of continuous monitoring!

Finally, what do you remember from your time at EPITA?

Many things! First of all, the SRS Major provided me with a solid technical foundation, which is essential when speaking with all types of individuals, as well as a general overview of computer systems. The school – and this is probably the most important – also taught me how to learn, in order to quickly grasp different subjects and technologies. Finally, I also have very good memories of my experience as a YAKA-ACU teaching assistant, working with younger students. I recommend that all EPITA students try to become an assistant, because it has a lot of advantages. Not only does it allow you to learn a great deal and work during your studies, on your own campus, but it also enables you to reinforce your technical skills.  Generally speaking, you tend to understand things better once you have taught them. It is also great on a human level, being able to teach younger students and working in a group of about twenty assistants. It definitely teaches you more about yourself and helps you acquire all sorts of “soft skills”, the notion of responsibility, collaboration, etc.