Dom Louks (CIISec): Congratulations on winning our Fred Piper Student of the Year Award 2025 Ewan. Can you tell me a bit about your background and what led you into cyber?
Ewan: I originally came from the creative side studying music, specialising in composition and performance. After graduating, I quickly discovered what my family had warned me about: there were very few jobs in music! I ended up working full-time in retail while figuring out my next step. Around 2014–15 there was a big shortage of teachers in Scotland and the PGDE fees were waived, so I decided to retrain. With my mum being a teacher, I felt I knew what I was getting into, and people had always said I had a knack for it.
I taught for about four and a half years at a primary school, and while I think I was good at it, I eventually realised my real strengths lay elsewhere. A video I’d once seen said, “If you don’t know what to do, teach kids,” and that had stuck with me – but after a few years, I knew it was time for a change. Cyber security had always been an interest, and when the opportunity came up, it felt like the right moment to make the move into the field.
DL: Can you tell me more about how that period opened the door to cyber for you, and what made you realise it was the right move?
Ewan: My interest in tech had always been there — from using music-software like Sibelius and Logic Pro to dabbling with automation and problem-solving. But during COVID and lockdowns, it really clicked. While teaching remotely, I found myself fixing problems, setting up systems, automating tasks, and helping other teachers get their online setup working. I was thriving in that environment and realised these were skills I wanted to use every day. That’s when cyber started to feel like the natural next step, and, of course, the deeper you get into cyber security, the more you realise how much there is to learn.
During COVID, Abertay University held an online “ask us anything” session, and I went into it fully prepared – spreadsheet, 20–30 questions, everything. The lecturers joked that I looked like an undercover agent because I wanted to know every detail: the course content, structure, job prospects, finances, hybrid vs in-person teaching. I’d been thinking about switching careers for some time, and I wanted to leave that session knowing whether this was the right step. By the end of it, I knew I was going to apply for a cyber security degree and that getting a career break from teaching was the right decision.
DL: What was the degree course like at Abertay University and how did it prepare you for a career in cyber?
Ewan: Coming into Abertay, I’d barely coded before, so being thrown straight into C++ on day one was a shock. But the university made it clear they could take people with no experience to job-ready, and they backed that up with brilliant career support. Within my first month I’d had my CV reviewed and interview practice lined up. They were very honest too – a cyber degree on its own isn’t enough anymore. Employers assume you have the fundamentals; what matters is the extra work you do, the projects, the societies, the initiative. That mindset really motivated me, especially because I was determined not to end up back in teaching.
I can’t praise the lecturers enough – maybe because I’ve been on the teaching side myself, I really appreciated how engaged and supportive they were. Being a small cohort on a new course had its pros and cons, but it meant we got to know our lecturers well and could give direct feedback on what worked. We shared a lot of modules with computing and ethical hacking students and had our own specialist modules in areas like scripting, malware analysis, web app testing and network pen testing. Abertay has a strong red-team focus, and learning those offensive skills, first helped me understand how to apply them on the defensive side later. Overall, the mix of teaching, community, and practical experience made the degree feel like the right launchpad into cyber.
DL: Tell me about your current role?
Ewan: I’m currently working as a SOC analyst at Computershare, which has been a major but rewarding shift from my teaching career. After six to eight weeks of training with senior analysts to get familiar with the tools and processes, I moved onto a two-person shift pattern where my shift partner and I triage alerts, investigate requests, and make sure everything is handled consistently and accurately.
It’s a very competitive field – my role alone had over 200 applicants – so I’m still the newbie on the team. But the structured nature of the work suits me well, and my tendency to be detailed and organised has actually been encouraged. I’ve really enjoyed learning how others operate and settling into a role where clear processes and good habits make all the difference.
DL: You mentioned that employers now expect more than just a degree. What do you think helped you stand out from the 200 applicants?
Ewan: Alongside my degree, I’d built up a lot of practical experience through part-time roles and volunteering, which I think made the difference. I’d done ethical hacking work with the Cyber and Fraud Centre Scotland, contributed to education projects with Citizens of Cyber, and worked remotely with Lupovis doing threat-intelligence and security monitoring. Those roles gave me real examples of malware analysis, scripting, and investigating activity from honeypots – far beyond what you can show from coursework alone.
I also completed two summer placements with the Scottish Government, working on cloud evaluation and digital support projects. Altogether, that showed employers I’d already operated in different environments, taken on technical challenges, and stayed active in the sector. So when applications opened, I wasn’t just a graduate – I was someone who’d already proven I could learn, adapt, and contribute.
You’ve mentioned ethical hacking a couple of times – I’d be interested to know, with your teaching background as well, what your take is on the teenage hacking culture and what can be done to address it?
Ewan: It is a tricky issue because the barriers to entry have dropped so much – AI, easy-to-find scripts, and online tools make it simple for a young person to experiment without fully understanding the consequences. For many of them, it feels like a victimless crime: they close the laptop and nothing seems to happen. Added to that, lack of opportunity or frustration can push some teenagers toward using their technical curiosity in the wrong way. I guess the elephant in the room is that I’ve been lucky and had very supportive parents.
But for me, the answer is education. Schools are the only place where you can reliably reach everyone, and teachers are often the first to notice early talent or risky behaviour. The challenge is giving young people both sides of the picture: the consequences of going out of scope, but also the positive opportunities that exist if they channel that curiosity in the right direction. Many who cause trouble at 14 could become brilliant defenders at 24. The key is showing them what good looks like and giving them pathways – college programmes, industry engagement, or community initiatives – to use their skills constructively.
Finally, where do you hope to be in 5 years?
Ewan: I find pretty much all aspects of what I do quite interesting so I guess in 5 years time, the aim is to be enjoying it just as much as I am now. I’m genuinely interested in so many areas of cyber that I’m open to different paths – whether that’s moving into threat intelligence, engineering, or a more senior role if the opportunity arises. For me, the real goal is to keep developing, stay current in a fast-moving field, and continue feeling as positive about going to work as I do today. It’s the first time in my employment history where I don’t get any Sunday Blues or whatever day of the week it is Blues.