About Me
Security professional focused on cloud-native and DevSecOps. Hands-on experience defining and enforcing Kubernetes security policies, integrating SAST, SBOM, secret detection, and malware analysis into CI/CD pipelines.Open to SecOps/DevSecOps or AI/Security positions.
Background includes system security, reverse engineering, and vulnerability analysis, with projects that showcase automation, adaptability, and data-driven decision-making.
Education
- EURECOM โ Post Master's in Security (2023โ2026) ยท Sophia Antipolis, France
- SUP'COM โ ICT Engineering (2021โ2023) ยท Tunis, Tunisia (rank 19/140)
- IPEIN, Nabeul โ Pre-Engineering in Math/Physics (2019โ2021) ยท Nabeul, Tunisia (rank 74/1789)
Skills & Tools
Hands-on experience in security, cloud-native, static/dynamic analysis, and automation.
Cybersecurity & DevSecOps
SAST, SBOM, secret detection, malware analysis, CI/CD security, supply chain, SOC/SIEM, Splunk, fuzzing
Cloud & Container Security
Docker, Azure, Kubernetes security, policy enforcement, Tetragon/eBPF, container image scanning
Static & Binary Analysis
Reverse engineering, vulnerability analysis, binary exploitation, Ghidra, Capstone, ASan/TSan
Programming
C, C++, Python, Bash, MATLAB
Security Tooling
Syft, Grype, Clang-Tidy, Cppcheck, Bear, ClamAV, Git
Operating Systems
Linux (Ubuntu), kernel internals, system security
Networking & Telecom
CCNA1, TCP/IP, 5G architecture, OpenAirInterface, GSM/LTE/UMTS
AI & Data Science
Machine learning, malware detection, feature engineering, computer vision
Languages
English (TOEIC 920/980), French (Fluent)
Experience
BubbleRAN (2025) โ End-to-End Security for Cloud-Native 5G
SAST | SBOM | CI Security | Kubernetes | SecOps โ Sophia Antipolis, France A full-spectrum DevSecOps security pipeline was designed for cloud-native 5G workloads, combining automated static analysis, supply-chain risk assessment, and real-time runtime enforcement. The solution leverages containerized CI/CD pipelines and kernel-level observability to detect vulnerabilities early and actively protect running systems. An integrated AI-driven interpretation layer translates security metrics into actionable insights, highlighting risks, weaknesses, and priorities for remediation, providing end-to-end visibility and intelligence across the software lifecycle.
MOABI Solutions (2 Months) โ Sophia Antipolis (2025)
Kernel Symbol Table Leakage: Meltdown | KASLR | Kernel Reverse Engineering โ France This project explores the practical exploitation of speculative execution vulnerabilities by leveraging Meltdown to extract privileged kernel information from user space. Through low-level systems programming and microarchitectural side-channel analysis, kernel memory was transiently accessed to reconstruct sensitive internal structures, effectively bypassing address space randomization defenses. The work highlights how hardware-level behaviors can undermine traditional software mitigations, demonstrating hands-on expertise in CPU internals, kernel memory layout, and real-world exploitation techniques, while emphasizing the critical importance of modern isolation mechanisms.
EURECOM (2024) โ Secure Python Libraries Detection & Malware Analysis
Python | AI detection | Reverse Engineering | PyInstaller โ Sophia Antipolis, France Developed a hybrid source-based strategy to detect malware, built datasets and applied ML to classify malicious PyInstaller binaries, created a prototype to analyze suspicious Python packages/libraries, reverse engineered PyInstaller binaries and source code to identify suspicious behavior, and applied ML techniques to identify obfuscated patterns in AI-related code dependencies.
Sagemcom (2023) โ Pothole Detection with Computer Vision
Computer Vision | YOLOv8 | Object Detection | Pothole Mapping โ Tunis, Tunisia Applied YOLOv8 to detect potholes and map their locations.
HitSolutions (2022) โ NLP for Project Manager Software
NLP | Project Management | Software Development โ Tunis, Tunisia Research on enhancing project management software using NLP.
Projects
Meltdown + KASLR Break (2025) โ Kernel Symbol Table Leakage
Meltdown Attack | KASLR Bypass | Kernel Reverse Engineering โ Sophia Antipolis, France. Exploited Meltdown to read protected kernel memory, combined KASLR prefetch side-channel techniques to locate and leak __ksymtab, analyzed leaked data to understand runtime kernel structure, and demonstrated a complete attack chain bypassing KASLR.
Assembly Re-alignment Analysis (2024) โ Disassembler Instruction Re-alignment
Capstone | Assembly | Reverse Engineering โ Sophia Antipolis, France. Automated disassembly of 100+ executables using Capstone to analyze invalid instructions from random offsets and measured instruction re-alignment in 32-bit and 64-bit code.
Blockchain Federated Learning (2024) โ Privacy-focused Federated Learning
Blockchain | AI | Privacy | Federated Learning | Secret Network โ Sophia Antipolis, France. Implemented privacy-preserving federated learning on Secret Network.
SYSSEC Challenges (2023โ2024) โ Pentesting
Pentesting | CTF | Exploits | Binary exploitation | Cryptography | Networking | Web exploitation โ EURECOM, France. Ranked 9/80 in CTF challenges at EURECOM.
Medical Assistant Chatbot (2023) โ NLP Medical Chatbot
NLP | Chatbot | Medical | AI โ Tunis, Tunisia. Built a chatbot that provides disease information and precautions from symptoms using NLP.
GestoControl (2022) โ Gesture-based CV Mouse/Keyboard
Computer Vision | OpenCV | Gesture Recognition | MediaPipe โ Tunis, Tunisia. Built a gesture-controlled system using OpenCV and MediaPipe. Video link available upon request.
Social Life
President, SUPโCRT Club (2021โ2022)
Leadership | Event Organization | Charity | Red Cross โ SUPโCOM, Tunis, Tunisia. Led initiatives for blood drives and charity events in collaboration with Red Cross/Crescent.
Community Manager, IEEE Club (2022โ2023)
Community Management | Social Media | Event Promotion | IEEE โ SUPโCOM, Tunis, Tunisia. Managed social media presence, event promotion, and community engagement for the IEEE student branch.
Contact
Email: Mohamed-Aziz.Sghaier@eurecom.fr
Phone: +33 6 02 54 82 81
Location: 3 rue Soutrane, 06560 Valbonne, France