Menu

Zakaria DRIAS

Rueil Malmaison

En résumé

I am a cyber-security architect with specialist knowledge in SCADA/ICS Security. I started researches on SCADA/ICS
security three years ago as a PhD candidate. My work is focusing on the integration of new security services to the
SCADA/ICS products and architectures. In the same Time I’m Cyber security architect in Schneider Electric R&D. Broad
knowledge of Software security, embedded systems security with strong background in authentication and
authorization systems as well as secure communication protocols. Strong experience with the applied cryptography
including public key infrastructures (PKI) and Key management systems. Overall skill and experience with:
 Authentication systems, Access Control systems and Identity Management.
 Security supervision systems.
 Applied Cryptography and Public Key Infrastructures.
 Secure Development Lifecycle for ICS (Software, Hardware).
 Threat modelling.
 Defence in depth Design and implementation
 Risk Assessment and security governance for SCADA/ICS.
Seeking a position in research and development of innovative security solutions for complex problems in the Industrial
environment with a preference in the field of Industrial control systems, Internet of things and embedded systems and
software security.

Mes compétences :
SCADA
IBM CrossWorlds Interchange Server
WS-Security
VPN
VMware
TLS
Secure Socket Layer
Secure Shell
SAML
Risk Assessment
Programmable Logic Controller
threat analysis & Vulnerabilities analysis
PKI
Microsoft C-SHARP
Linux
Kerberos
Java
IEC 62443
IEC 62351
Cryptography
Defence in Depth
C Programming Language
Access control & Identity management

Entreprises

  • Schneider Electric - Cyber Security Architect

    Rueil Malmaison 2012 - maintenant * Technical lead of Cyber security architecture for DCS and SCADA software and hardware. ;
    * Lead of Secure Development Lifecycle execution in Process Expert Software (DCS Software). ;
    * Specification and Prototyping of Authentication and Authorization solution for ICS products range. ;
    * Specification and prototyping of Distributed access control and Identity management system for Distributed
    software and control platforms.
    * Threat modelling and security design review of DCS software and hardware. ;
    * Contributed to the Security requirement definition for Schneider Industry Products (DCS, SCADA, PLCs) ;
    * Leading several investigations on secure coding process and best practices.

  • CFAO Technologies - Systems and Security Engineer

    2010 - 2011 * Security System Architect specialized in IBM Tivoli Access Control and Identity Management software suite. ;
    * IBM Systems and Architect specialized in IBM Power systems, IBM Data storage systems and Tivoli Storage
    management software.
    * Technical analysis of costumer problems. ;
    * Proposition and cost estimation of tailor-made solution for Customers specials needs. ;
    * Participating in Pre-sales activities for IBM X systems, Power Systems and Tivoli Software Suite.

  • International Business Machines - Security System Intern

    2009 - 2010 * Design and implementation of new Single Sign On (SSO) Protocol for web application based on Public Key
    Infrastructure and web cookies.

  • Computer Systems - Engineer

    2005 - 2010 TECHNICAL EXPERTISE

    * Security Standards: IEC 62443,IEC 62351, ISO 27001/2, NERC CIP, NIST 800-xx publications, NIST Security
    Framework.
    * Security Technologies: PKI, Kerberos, SSL/TLS, SSH, IPSec, OTP, OpenID, SAML, Oauth. Web Services Security, VPN.
    Ethical Hacking (Backtrack), SNORT, STRIDE (threat Modelling Tool).
    * Programming languages: C, C#, Java, XML. ;
    * ICS/SCADA Knowledge: ICS protocols (Modbus, DNP3, IEC 61850, Ethernet IP, OPC ), Schneider PLCs / RTUs/IEDs,
    Schneider SCADA software, Schneider DCS.
    * Operating systems and virtualisation: Windows, Linux, IBM AIX, VMWare VSphere.

Formations

Réseau

Annuaire des membres :