Case study

Technical security consultant — Andrew Pannell

Starting his job search early in his final year helped Andrew secure a job quickly after graduation

How did you get your job?

I knew that graduate level jobs often had a high number of applications per vacancy, so I started my search early, months before graduation.

I searched for vacancies across a variety of graduate job websites as well as contacting employers directly.

My course did have a sandwich year and I worked in industry for my third year but my industrial placement wasn't heavily security based. Nevertheless, the experience I gained on placement, and the knowledge I gained on my degree helped me to secure my technical security consultant job with IRM Plc.

Be prepared to move. I was living in Newcastle, but applied for jobs all over the UK, and now I am living and working in London.

Is your degree relevant to your job?

I graduated with BSc (Hons) Ethical Hacking for Computer Security from the University of Northumbria in Summer 2014.

My degree definitely helped me to get my current job as I built the knowledge foundation for the work I do on a daily basis - but in my current role I am learning new things every day.

What is a typical working day?

Each day brings fresh challenges, but common functions that I engage in every day include preparing cyber security tests and discussing clients' priorities regarding vulnerabilities, risks and threats with them.

I then conduct the security tests based on these discussions and write deliverable reports for the clients.

How has your role developed and what are your career ambitions?

My specialist knowledge of specific subject areas has really developed in this role, and I have been lucky enough to have been given the opportunity to use this knowledge to create a business stream within my company.

As for the future, I aim to stay in this industry and become a senior security consultant and security researcher, allowing me to immerse myself further in my area of specialism.

What do you enjoy about your job?

I enjoy the variety. No two jobs will ever be the same in the world of cyber security. It's always exciting to find something new to report, or finding a large weakness within a system.

I also enjoy working with the cyber security/information security community as a whole - talking to fellow ‘techies' about the newest exploits and vulnerabilities. It's a very collaborative environment to work in.

What are the most challenging parts of the job?

Report writing. After having fun testing websites and applications, I then have to meticulously write up exactly what I've found. This involves trying to explain very technical issues in a non-technical language that executives can understand and act upon.

Sometimes this can be difficult after the initial excitement of testing a job.

Any advice for someone looking to get into this career?

I did a lot of proactive studying on the subject area in my own time - this definitely helped me to get into the role.

I'd also advise anyone thinking of a career in information/cyber security to be prepared to move. I was living in Newcastle, but applied for jobs all over the UK, and now I am living and working in London.

Find out more

See what jobs are available at Information Risk Management (IRM)