Delivering Tech that Matters: Made Tech & Cybersecurity

Sep 21, 2022
hackajob Staff

Healthcare, education, housing, public transportation – what do all of these have in common? Well, most of us encounter some form of these daily, but how often do we stop to think about the technology that goes into delivering such services? Enter: Made Tech! As public sector techno­logy delivery experts, Made Tech have a brilliant vision to positively impact the future of the country by using technology to improve society, for everyone. One sphere of tech that they’re doing this in is cybersecurity and as Made Tech is currently hiring for plenty of tech roles, we sat down with their Cyber Security Principal to find out what it’s like working there.

Meet Arnie Armstrong. He’s the Cyber Security Principal at Made Tech, and he can trace his interest in tech back to when he was 8 years old when he first got his hands on his brother’s programming books. After this – and a brief encounter with the enthralling Hackers film – Arnie never looked back. He joined an intelligence service (top secret: he can’t tell us which!) after university, and has been in the cybersecurity field for over 15 years so he certainly knows his stuff. Now he’s joined the Made Tech team and he’s taken part in this interview. Read on to find out how Made Tech is changing the cybersecurity game and how you can be a part of it. Let’s get into it!

Hi Arnie! Why cybersecurity and how did you end up in it?

I’ve always thought that anyone can get into cybersecurity, but what helps is having a hacker’s mindset. Mine began when I saw my brother and his friends ‘hack’ into video games to give themselves infinite money. As an eight-year-old seeing them find the portion in the save file and change it was incredible. I remember thinking oh my god! I very quickly learned however that computers actually weren’t that complicated, but they were super cool.

Over time, I learned more about cyber security and the need for it. I ended up teaching myself a lot through trial and error and then I did a computing course and a CCNA (Cisco Certified Network Associate course). After hours at college, I would spend most of my free time sitting with friends playing around with networking gear and trying to teach ourselves how to be hackers essentially. It probably wasn’t until much later that I truly understood what it was to understand computer security.

How does the work you do help the Public Sector?

At Made Tech, we see working with the public sector as a partnership. It's really important that as consultants, we don't just tell people within those organisations what they should be doing but we work with them so that we can understand their issues and they can solve them better. Protecting the cybersecurity of public services is super important so you've got to work in tandem with the people within these public sector organisations. Once we understand their problems and risks, then we can educate and improve together. We really can make a difference.

Which tech stack do you use at Made Tech?

As a consultancy in the public sector, we use whatever's needed to get the job done. From a cybersecurity perspective, we need to follow whatever tech stack is implemented already, so there’s a lot of scope for learning. The typical mindset of someone in cybersecurity is that we love to learn. I once read a great quote on Twitter which was ‘If anyone ever tells you they're a cybersecurity expert, then they're probably not’. And I thought it was great because it’s true – you can never be an expert when it comes to something like cybersecurity.

Every day is a learning day: you’ll do research, you’ll investigate, and you’ll play around. So the answer is quite vague but it’s because we work with so much. Whatever language or tool you’ve learned we probably use or have used, and there are always opportunities to develop even more.

How does Made Tech do Engineering differently?

For me, it goes back to the partnership. I think it's really easy in an engineering role, whether in the public sector or the private sector, to think there's only one solution to a problem. So we see people think ‘the only thing that we can do is create this, deliver this and walk away.’ What Made Tech does very successfully is spending more time thinking about the art of the possible. Realistically, there are multiple ways to solve these problems and we need to spend some time thinking about what's the best one for this particular organisation we’re working with.

Once we’ve done our role, there are still people that will have to maintain whatever it is that we're delivering. There are people who will have to support it, update it, and use it on a daily basis. We evaluate how we make it secure, but still maintain good usability and still maintain the ability for it to be updated and actually work in a sensible way. More importantly, it's about working with the public sector to ensure that we achieve all of those things. and listening to what they're trying to achieve.

What are the highlights and challenges you’ve encountered in your first few months at Made Tech?

During my first week in Made Tech, I helped work on our bid for the Met Office and that was eye-opening as I'd never worked on a commercial bid before. Actually winning that contract and knowing that I'm working for an organisation where we're going to be contributing to something so impactful to the UK and the world was really exciting and I was really pleased to be part of that.

A challenge for me was that I’d spent 15 years in the civil service, so moving across to a consultancy was culturally different. Things move a lot quicker here which I wasn’t used to. However I’ve been well supported by Made Tech and I enjoy the way we deliver quality efficiently.

What kind of mindset do you think suits working in cybersecurity?

I love this question and I'll start with what I see myself as. Sometimes I'll call myself the manager because I've done that quite a lot. Sometimes I’ll describe myself as a pen tester or a Red Teamer. But, if I were to truly be honest about where my mindset lies, I’d describe myself as a hacker. And that's because of the way I think.

A lot of people that go into computing go into it because they like solving problems. Their mindset is to look at a problem and say ‘I want to solve that’. So they take logical steps to fix whatever that problem is. That’s what software engineering is fundamentally. I think a hacker, or somebody that would be well suited to cybersecurity, is the opposite of that. We see a solution and we say ‘what are the logical steps going backwards to break it, and figure out how it works?’.

What’s your opinion on ethical hacking?

If you'd have asked me this question 20 years ago, I’d have said, ‘Yes, I completely agree with ethical hacking, because so long as somebody is breaking in and then telling whoever that is, how they did it, they're not causing any damage. (And as long as they're not stealing any data whilst they do it.) But I don't think it's as big a thing anymore because of the fact that companies have created bug bounty programmes. Penetration testing is a much bigger thing. There's a much larger industry around doing what is effectively ethical hacking, you don't tend to get these people that do it as a hobby anymore, because you can get paid.

On the flip side,I think the advent of bug bounty programmes and so the ability to get paid to find bugs in systems and software, was a game changer for cybersecurity, because it meant that all of those people that wanted to do Ethical Hacking now had a really legitimate way of doing that, that they could then form into a career, which is only ever going to help the security of software and systems across the entire world. So yes, I’m a big fan.

What do you think we’ll see more of from tech in the future?

I keep coming back to this idea of artificial intelligence and its relation to cybersecurity. Certainly when it comes to the idea of automatically detecting malicious things through the monitoring of inbound traffic and doing this based on some artificial intelligence that says we think this thing is bad. But who determines that? I think we'll definitely see something about it without any human interaction in the next five years. We’ll have to wait and see!

And that's it!

Well, if you didn't want to work there before we're sure you certainly do now. If you're interested in a role with Made Tech, then head on over to our platform where you can be matched with them in weeks. It takes just 5 minutes to sign up.Like what you've read or want more like this? Let us know! Email us here or DM us: Twitter, LinkedIn, Facebook, we'd love to hear from you.