‘Future Leaders’ is a series of blog posts by the Financial Times in which we interview our team members and ask them how they got into technology, what they are working on and what they want to do in the future. Everyone has a different perspective, story and experience to share. This series will feature colleagues working in our Product & Technology teams. You can also connect with us on Twitter at Life at FT.
Hi Reece, what is your current role at the FT and what do you spend most of your time doing at work?
My current role is a Junior Engineer, within the Cyber Security team. We build and implement tools that help to facilitate the security of applications throughout the development lifecycle and in the cloud. Our aim is to ensure that other engineers have the platform and tools available to keep their systems secure.
How did you get into the technology industry?
I got into technology at a young age, I had been teaching myself to code in my spare time and completed a 2-year apprenticeship designed around software development. On the apprenticeship scheme, I had the opportunity to work in different teams within Product and Technology and learn different technologies.
What is the project you’ve worked on at the FT that you are most proud of?
I am proud of all the projects that the team have accomplished. During my time on the team, I have been on many projects.
1. Building automation around security testing and hosting an open-source vulnerability management system on AWS. We have many scanners from third parties such as Nessus to open source such as Nmap. A serverless architecture is used to send results to the vulnerability management system for identifying systems with threats, misconfigurations, and vulnerabilities. My colleague Lisa Fiander produced a fantastic blog around this project, I highly recommend having a read.
After running the vulnerability management system for a couple of months. We realised that there wasn’t an easy way for teams to find out how many vulnerabilities they have for each system. As a result, we introduced a new bespoke internal system called the Vulnerability Dashboard. Our aim was to provide an overview of vulnerabilities across systems so that teams are aware and they can resolve issues.
2. Improve IAM (Identity Access Management) within the business by integrating Okta (a cloud based identity management service).
In 2016 a team at the FT created an internal piece of middleware that sits in front of applications that handles authentication. The solution had multiple pitfalls around no clear ownership, security issues and no group access. Phishing attacks were on a rise, this is where fraudulent attempts to obtain information such as usernames/passwords and any sensitive data. We identified that this was a huge problem because our current solution wasn’t able to help to mitigate the problem.
In 2019 we introduced Okta, this was a perfect solution to have a centralised IAM (Identity Access Management) system. The introduction of Okta allowed us to have a common, auditable authentication platform that uses a central identity store making sure that we have MFA (multi-factor authentication) on applications. Overall, the project took approximately one and a half years to migrate ~2500 users and ~150 systems to Okta.
How do you keep motivated during lockdown?
Getting some fresh air has helped a lot, going for a run or walk in the park every day. Also trying to get enough sleep by having a regular sleep routine.
What advice would you give to someone trying to pursue a career in technology?
Dive in the deep end with both feet and don’t look back. You are going to make mistakes but they are good learning experiences. Be ready for a lot of problem-solving and have fun along the way.
Thank you Reece!
If you’re interested in finding out more about our teams and roles, please visit https://roles.ft.com/