Paul GEDEON (EPITA Class of 2020): Motivation matters more than you imagined

Joining EPITA Job dating event as a recruiter instead of a student last May, Paul Gedeon, a graduate from the Master of Science Computer Science – Computer Security program, shared how he landed an internship and then a job at Red Alert Lab. He has been promoted twice so far since he joined the company in 2020. How does he achieve it? Find out more below!

Why did you choose your degree at EPITA?

In the Bachelor’s, I started with a Bachelor of Computer Science, then I changed to ICT when it was opened in Lebanon. Afterwards, I wanted to do computer security, but Lebanon didn’t really have computer security standards nor recognition. Even in some of the banks in Lebanon, they still used unsecure protocols like HTTP. To Lebanese, people working in the cybersecurity field are considered as technicians, instead of specialists. For example, we don’t have regulations for ethical hacking. Even you hack something in Lebanon, you are not sued because there is no data protection. This was why I wished to study overseas, so that I can be trained in the right way and understand cybersecurity concepts correctly. In this way, when I return to Lebanon, I can propose and apply solid methodology there, and harmonize the cybersecurity field.

Having this idea in mind, I started researching studies abroad. At first, I applied for public universities as everyone else. Then I spoke to my uncle and told me that EPITA is a good university and is number one in the computer science field. So, I said why not try. This was my first attempt and got accepted to the MSc Computer Science in Computer Security. It was a very nice feeling when I got accepted. Then I checked the curriculum and I felt intrigued to try to see what was going to happen next.  

What courses did you enjoy the most? How does your study relate to your career?

There are a lot of courses, not just technical ones, that have helped me. Most of them are project management, such as digital marketing, helped me to understand people’s needs. During the courses, I learned how to analyze things in a more efficient and smooth way. As for technical courses, there are a lot of enjoyable ones, such as Penetration Testing, Network Security, Network and Protocol Architecture. All of them helped me in a way.

The curriculum at EPITA was well planned. It first introduced ideas in a global view, then narrowed down to details, and finally helped us to specialize in a particular field. If I must mention only one course, I would say Penetration Testing has really helped my career. Right now, since I am a project manager, I find the project management course helpful too, since it taught me how to organize, lead the project, assign team members and follow the deadlines.

What is your favorite memory from studying at EPITA?

I have a lot of good memories at EPITA. We went to an Integration Week at the beginning of the semester, when I was leading a group, of which all of us were wearing an orange cap. It was the first time I integrated into an international community of 21 different nationalities.  Exchanging different ideas with classmates from a variety of cultural background and taking the Getting over Cultural Shock class were an enriching experience. I remember that there were classmates coming from Poland, Spain, India, China, etc. And I made a lot of friends coming from different countries. Because of this experience, I decided to become the student representative of my specialization.

How did EPITA help you find your internship and job?

I found my internship during the EPITA’s job dating event. The first company that has presented was Red Alert Lab. I was amazed by their presentation and work. At that time, I have selected only that company. I remember telling myself that I am going to this company no matter what. I didn’t apply to any companies except Red Alert Lab. Well, I did apply to as backup plan, and I was given an offer. Anyway, I had an interview with the COO of the company at that time. I tried my best and was given an internship offer from Red Alert Lab after the event.

What was your internship?

I was hired as an IoT security evaluator in Red Alert Lab, which was a start-up that has been established for 3 years by the time I did my internship. They were in the process of creating a virtual machine for evaluation and penetration machine. They needed to separate two virtual machines, one for hardware security and another one for evaluation and penetration machine, which means everything wireless and about networking.

Here lied my challenge. At EPITA, we have only learned web security, which meant everything related to communications. It was something that I mastered, and I had no problem for that. However, some protocols such as the UART and JTAG etc. were new to me. I knew how to test wireless communication, mobile applications and explore their vulnerabilities, but not much beyond. After the internship, I know that we could put something on the board and the router itself and exploit it. I had never done it before. This technique extended my understanding of cybersecurity, especially about IoT, such as Zigbee, Bluetooth, Radio Frequencies, LoRa protocols that I had never heard of before. During the internship, I was in charge of part of the activities such as evaluating the security robustness of several IoT devices based on different recognized cybersecurity standards like OWASP, ETSI 303 645, Common Criteria (CC).

What is your job role now?

About one month before I did my oral defense, Red Alert Lab offered me a permanent job contract as an IoT security evaluator. I am actually still having the same job title, but at manager level, say IoT security manager. By the end of my internship, I had been handling two projects, which were related to what I studied at EPITA: web security. Afterwards, I had smaller projects. Then I started to orient towards the hardware security, evolved from here. I did five projects on IoT, then become more autonomous and handled the project myself. I feel like I made big achievement so far, and hopefully more to come [laughs].

Next, they gave me a European project: Horizon 2020 project. It is a very interesting project, during which I have a chance to meet people from all across the EU. One of the projects was an automated hospital which aims to treat CAR-T cells. Our job was to create a security infrastructure architecture based on some cybersecurity standards like 62443, a standard for industrial automated system. This project will be due in 2025.

Other projects include creating an automated airplane, and a supply chain of art based on the blockchain. Right now, I am currently working on a medical project called Entrust. The project envisions a Trust Management Architecture intended to dynamically and holistically manage the lifecycle of connected medical devices, strengthening trust and privacy in the entire medical ecosystem. I also work with Cyber Campus, where I am now working with a taskforce caused GT-Crypto which is about creating a cybersecurity standard for cryptocurrency that goes around the Ethereum Virtual Machine (EVM) and the world of web3. Around 10 collaborators from different companies such as Binance, BNP, Banque de France, Campus Cyber discuss and exchange their expertise are involved. Red Alert Lab’s responsibility and contribution was the creation of a “CSPN like evaluation” for smart contracts. CSPN is a national certification for cybersecurity in France. We have already published last year our first document that goes around the different vulnerabilities in the blockchain: https://campuscyber.fr/resources/catalogue-dattaques-sur-les-crypto-actifs/.

How do you feel about having changed from a role of student to recruiter during Job dating?

The first time when I came back to EPITA as a recruiter, I felt very weird. I just graduated, and now I came to recruit students. The second time was less stressful. The feeling was amazing. I put myself into their shoes and imagined how they felt. It was a rewarding experience, and I would like to come back again to join the third edition.

What advice would you give to students looking to get into your industry?

No matter what, go for it. There are a lot of people who are afraid and tell themselves they should do it later, or start from somewhere else, and then get back to it later. Why doing it? Prepare yourself, do what exactly what you have in mind. Then apply! When the recruiter sees a motivated student who focuses on what they aspire for, and is doing the job, they will surely accept him/her.

My advice echoes with my experience as a recruiter during EPITA’s job dating event of this year. When I was evaluating a candidate, I was not evaluating their knowledge, or what they studied at EPITA. I did it by evaluating their analytical and organizational skills, motivation, and their time management. Even though they haven’t mastered the subjects yet, it doesn’t matter. As long as they have the skills, they will find a way and make it work.

We have just hired just hired a student from EPITA as our intern during the latest Job Dating event. During the interview, the student was very honest with me. He told me that he was not the most technical person. However, if we were looking for a candidate who knows how to analyze, and does the stuff, he was the right person. His pitch was amazing because of his sincerity and transparency. He was such an organized and nice person. Even though he didn’t have a lot of technical skills, we have decided to hire him. He will be surrounded by experts and learn at our company. We were not born to know everything. For me, the motivation is the most important.