#MIWIC2024 One To Watch: Jenny McCullagh, Graduate Cybersecurity Engineer at Leonardo and Co-Founder and Director of CyberWomen Groups C.I.C

Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2024’s Ones to Watch winners selected by an esteemed panel of judges. Presented in a Q&A format, the nominee’s answers are written in their own words with minor edits made by the editor for readability and where relevant, supplemented with additional commentary by their nominator.

In 2024, the awards were sponsored by BT, Think Cybersecurity Ltd. and Plexal, with Eskenzi PR, Assured and Women in Cybersecurity UK & Ireland Affiliate as partners.

What does your role entail?

My role as a Co-Founder and Director of CyberWomen Groups C.I.C. allows me to work with students nationwide, empower them and bring new opportunities, helping them to develop in their careers. I aim to showcase the incredible work and achievements of students throughout the UK and bridge the gap between university and industry. As part of this role, I support each branch executive team to meet their goals and run branch events throughout the academic year. Further, I am passionate about enhancing the cybersecurity experience for future cyber professionals coming through university.

Concurrently, as a graduate cybersecurity engineer at Leonardo, I aim to enhance my skill set and explore the different areas of cyber. In this role, I rotate through projects, working with a range of topics spanning from network security to security policies and beyond. As a cybersecurity engineer, I work within a dynamic environment, collaborating with numerous teams across the industry, and working with a diverse range of technologies. This experience has allowed me to gain a broad understanding of the field.

Additionally, I was part of the UK Cyber 9/12 Strategy Competition 2024 organising team. This competition is an incredible way for students to gain hands-on experience with cyber policy in an exciting and dynamic environment.

What made you consider a career in cybersecurity? How did you end up in your current role?

I developed an interest in cybersecurity whilst studying for my computer science GCSE. I was passionate about learning new concepts and wanted to put these skills into practice by taking part in Capture the Flag competitions (CTFs). As well as this, I was interested in social engineering and how this plays a pivotal role in cyber-attacks. I often attended talks by industry speakers, sharing their experiences as a social engineer, which fuelled my interest in pursuing cybersecurity as a career.

This interest led me to pursue an undergraduate degree in cybersecurity at the University of Warwick. Throughout my time at university, I couldn’t ignore the clear gender gap, which was prevalent in my course, with less than a 6% representation of women. To make a change and to empower women studying cybersecurity, I, as part of a team, co-founded the initiative CyberWomen@Warwick. This initiative led to my role as Co-Founder and Director of CyberWomen Groups C.I.C.; a non-profit organisation which aims to empower women and bring new, exciting opportunities for university students interested in cybersecurity. Alongside this, I am a graduate cybersecurity engineer at Leonardo, where I continue to develop my skills and contribute meaningfully to the ever-evolving landscape of cybersecurity.

What advice would you give to new starters?

The main advice for new starters is, don’t be afraid of imposter syndrome. Cybersecurity is a vast industry with a lot of new and evolving concepts, don’t feel like you have to know everything from day one. Imposter syndrome is a common experience, even among seasoned professionals. Seek guidance and support from those around you, networking is an invaluable way to meet those with different experiences and gain a broad knowledge of different roles and experiences in cyber. There’s a wealth of knowledge to be gained from collaborative learning and shared experiences. Further, be prepared to continue learning, cyber is a dynamic industry where the landscape is constantly evolving. There are numerous incredible resources you can use to upskill and keep up with new and developing concepts. However, while there are loads of ways to learn, I think it is important to say don’t feel like you need to learn everything at once. There is a lot to learn, and your understanding will come with time. Embrace different ways of learning, gain hands-on experience by trying new projects, and simulations, and participate in events like capture-the-flag competitions to expand your skill set and explore different areas of cybersecurity.

What’s the biggest misconception about cybersecurity that you’ve found?

There is a big misconception that you must have a very technical background to have a career in cybersecurity. In reality, there are many different areas and roles that require a range of skill sets. Soft skills are very important to develop as you will need to be able to communicate with many different people across the industry. Further, cyber is not an isolating career; I thought I would be sitting behind a computer for most of the day, but this is not the case. You have to collaborate and communicate with other teams in many different roles. Therefore, whether you’re outgoing or more reserved, there’s a place for you. Another big misconception is that this is an impossible industry to get into. This is not the case, there are many pathways to enter cybersecurity, whether you are a new starter or looking for a career change. Numerous roles exist within cybersecurity, each offering opportunities for individuals from different backgrounds to contribute their unique skills and perspectives.

What do you wish you had know when you were starting out in cyber?

Starting out in cyber can be very overwhelming, there are a lot of new skills and concepts to grasp. I wish I had known about the number of amazing resources available for beginners which will guide you to understanding complicated concepts. These resources are invaluable, especially when starting your first CTF or technical challenge. Additionally, I wish I had recognised the value of community early on; there are so many incredible communities and initiatives in cyber that bring people together, fostering supportive environments which allow people to upskill and learn from each other. Collaborating and utilising a community can be especially useful when starting out with new challenges. For example, joining a CTF team not only gives you the chance to develop teamwork skills but also exposes you to diverse perspectives and problem-solving strategies, which is invaluable in your journey into cybersecurity.

Source link