From Software Engineering to Cybersecurity: A Journey of Growth and Opportunity at QinetiQ

Have you ever wondered how a career in software engineering can evolve into a thriving role in cybersecurity? At QinetiQ, a company renowned for its commitment to both technical excellence and employee development, professionals often find themselves growing across various domains — with each career move supported by the company’s strong culture of mentorship and career development. 

In this blog, we’ll take a closer look at the journey of a QinetiQ employee who has navigated from software engineering to cybersecurity roles, showcasing how the company’s dedication to career development has played a crucial part in their success. It is rare to stay with one company for the majority of your career but QinetiQ makes it easy and engaging with varied roles and constant support. Let’s explore the pivotal moments in their career, the valuable lessons learned along the way, and how QinetiQ fosters an environment where employees can thrive, no matter where they start. 

Can you highlight pivotal moments in your career and how QinetiQ has supported your transitions across roles? 

My career at QinetiQ began 28 years ago, back when it was still known as DERA, as a software engineer working on radar and data presentation projects. I was passionate about the work and also curious about other areas within the company. A turning point came when I attended an open day, which gave me the opportunity to explore other exciting projects across the company. 

I was particularly drawn to the distributed simulation team, and the company supported me in making a seamless transition to that department, where I spent the next four years growing my technical expertise. I spent much of this time supporting military simulation systems, including the Combined Arms Tactical Trainer (CATT), a simulation system for the UK Army in Warminster, featuring around 100 vehicle-specific simulators replicating military vehicles, essentially creating a highly realistic video game. The system allows soldiers to train without having to deploy any vehicles or being limited to designated training areas.

Always keeping my eyes open for new opportunities, I encountered the emerging field of penetration testing (pentesting), which is most easily described as ethical hacking. At the time, it was a very new domain and, fascinated by its potential, I applied to change teams. QinetiQ fully supported my move to the Security Health Check (SHC) team and, provided with training and development opportunities, I earned the prestigious CHECK Team Leader certification over the next three years. 

After leading many pentests for a wide variety of clients, I took on a more senior leadership role, and spent a few years as the Business Owner managing all aspects of the SHC team, where I learned valuable skills in business management, finance and HR. I enjoyed leading and growing the team over the next few years, but my heart still leaned toward technical delivery. I identified a more technical position as an Information Assurance (IA) Consultant and was again supported by QinetiQ during the move between teams. As an IA Consultant, I could augment my technical skills with strategic consulting, offering security solutions to clients across various sectors. 

After a number of years delivering security consultancy for a wide range of Government and Commercial organisations, I was asked to apply for a team lead role in the newly formed Security Architecture team. My technical skills from pentesting, information assurance expertise, and management experience from leading the SHC team made me an ideal fit for this role.

Ultimately, QinetiQ’s consistent support through each of these role changes has been a key factor in my fulfilling career. The company’s commitment to nurturing internal talent has made every transition smooth, allowing me to build a dynamic and rewarding career without ever needing to look outside the organisation.

What’s it like working with high-profile clients like the British Army? 

Working with high-profile clients, particularly the British Army, has been an incredibly rewarding experience. Over the years, I’ve had the opportunity to work across diverse sectors, including policing, critical national infrastructure, and financial institutions. Ensuring robust security for these clients is crucial, as breaches can have far-reaching consequences. 

One of the highlights of my career was my involvement in the Army’s CATT system. Working on operational equipment alongside the military personnel who depend on it adds a unique perspective to the work. Knowing that my work contributed to military training and potentially saved lives was immensely fulfilling. 

My career as a pentester was full of highlights. Identifying and (where permitted!) exploiting critical vulnerabilities in Military, Government, banking and commercial systems was extremely rewarding. One of my most notable tests uncovered an exploit that could allow an attacker to steal hundreds of thousands of pounds. By identifying vulnerabilities, and verifying that they have been fixed, I’m protecting clients from significant losses, both financial and reputational. Throughout these projects, QinetiQ always ensured we had the right resources, expertise, and collaborative environment to excel in high-stakes situations. 

With your background from Software Engineering to Security Architecture, what would you say to someone considering QinetiQ for career growth? 

For someone considering a career at QinetiQ, I would say the company offers a unique blend of breadth and depth in professional development. QinetiQ encourages its employees to explore a wide range of sectors, from military defence to commercial enterprises. This broad exposure allows employees to gain diverse experiences and technical insights, preparing them for a variety of career paths. 

Moreover, QinetiQ’s focus on personal development is excellent, being both consistent and supportive. The company provides a personal training budget to employees, alongside professional training, enabling all of us to pursue courses, certifications, and new areas of expertise. Whether it’s diving deeper into cloud technologies or gaining expertise in cybersecurity frameworks, QinetiQ fully supports continuous learning and career progression. 

As you gain more experience, QinetiQ’s career development plans naturally push you toward more senior roles. The company’s approach to long-term career growth, alongside its support for certifications and professional memberships, ensures that employees have the resources they need to succeed. 

What changes have you seen in the industry, and how has QinetiQ kept up with tech advancements? 

QinetiQ has always been a step ahead in the tech world. Back in the early 2000s, when the security testing industry was still emerging, QinetiQ was already setting standards. This proactive approach has remained a cornerstone of the company’s success.

One example of QinetiQ leading the way in tech is the company’s collaboration with defence contractors and government departments. Additionally, QinetiQ works on urgent operational requirements (UORs) that help military clients address pressing security needs, such as the ALARM early warning radar system developed for soldiers in Afghanistan, which played a key role in saving lives. 

On the cybersecurity front, QinetiQ’s teams are constantly adapting to new and emerging vulnerabilities, ensuring their solutions remain at the cutting edge of both security and technology. This commitment to continuous research and development keeps the company at the forefront of the industry. 

What stands out about QinetiQ’s culture? How does the company encourage exploration across departments and roles? 

QinetiQ’s culture is centred around collaboration and inclusivity, which are vital to its success. Unlike many companies where expertise is siloed, QinetiQ fosters an environment where employees freely share knowledge and collaborate across departments. This approach strengthens the overall capability of the company and enables seamless project delivery. 

The company operates as a matrix organisation, meaning teams are organised by expertise, but when it comes to project delivery, people from different functions come together to create well-rounded teams. This structure encourages employees to collaborate across departments, learn from one another, and expand their personal networks. The result is a unified environment where the success of the company takes precedence over individual team goals. 

QinetiQ encourages employees to explore different roles within the company. This flexibility supports career growth and helps employees gain a broader perspective, whether they’re transitioning to new technical domains or taking on leadership positions. 

For someone starting in cybersecurity, what key skills should they focus on to excel at QinetiQ? How does QinetiQ support early-career development? 

For anyone starting in cybersecurity, especially at QinetiQ, the most essential skill is adopting an "attacker mindset". This involves thinking about how systems, devices, and websites can be exploited by malicious actors, rather than just considering how they’re meant to be used. Developing this mindset is crucial for identifying vulnerabilities that might not be obvious from a standard user’s perspective. 

In addition to this, aspiring cybersecurity professionals should focus on: 

• Understanding Threats, Risks, and Vulnerabilities: Grasping how these elements interconnect is key to identifying potential weaknesses in systems. 
• Security Processes and Procedures: Knowing the technical aspects of security is important, but understanding organisational processes is equally essential.

• Cyber Informed Engineering: Designing secure systems from the outset is a vital part of the cybersecurity process. 
• Understanding the technical aspects of how vulnerabilities occur and can be exploited is essential to assessing the risks and impacts of a cyber attack

QinetiQ supports early-career professionals by providing a variety of training opportunities, such as practical experience in penetration testing, risk analysis, and information assurance. Mentorship programs and a collaborative culture also offer invaluable support, helping individuals grow technically and professionally. 

Interested in joining QinetiQ? 

If you’d like to join the team at QinetiQ, by visiting their website or contacting them here: Careers@qinetiq.com

Like what you've read or want more like this? Let us know! Email us here or DM us: X, LinkedIn, or Instagram, we'd love to hear from you.