MSc Cyber SecurityMuhammad Umar Akhlaq
Muhammad Umar Akhlaq from Pakistan studied MSc Cyber Security at the University of Strathclyde and is now working as an Application Security Engineer. Find out more about his experience and how the course prepared him for the future.
My learning & career journey
My journey hasn’t been a straight line it’s been a mix of resilience, late nights, rejections, and constant self-improvement. I come from a computer science and cybersecurity background and started my career in Pakistan, where I worked on software and security projects.
Moving to the UK for my Masters at the University of Strathclyde was a big leap. It meant starting again in a new country, without your family, adapting to a different culture, managing finances, and competing in a global job market. Alongside my studies, I kept building my portfolio, writing research, participating in security discussions, and continuously improving my technical and communication skills.
My goal was always bigger than just getting a job. I wanted to position myself for long-term impact in cyber security, innovation, and eventually pathways where your work, research, and contribution to the tech ecosystem matter as much as your job title.
Work responsibilities
I'm responsible for protecting applications and digital systems from vulnerabilities and potential threats. This includes reviewing code security, vulnerability management, collaborating with developers to implement secure practices, and ensuring applications align with secure-by-design principles. I am currently looking after product teams comprising of 100 developers. From initial development to production if a security issue arises, I will be responsible for taking it up with development teams.
Beyond technical tasks, I also see my responsibility as contributing to a broader security culture sharing knowledge, improving standards, and working toward innovations in BPP.
Job application journey
I got the job through persistence more than luck. I prepared 50+ tailored CVs and around 30 customised cover letters, optimised my LinkedIn, connected with professionals in similar roles, and actively used job boards like Reed, indeed, Totaljobs, CV Library, and Grad cracker. I analysed job descriptions carefully to understand required skills and completed additional certifications during my master’s to close gaps.
Within a four-week period, this focused effort led to interviews with Amazon, JPMorgan, Beeks, and BPP, and I secured my role at BPP even before submitting my dissertation in August. Along the way, I spent hours practising communication and mock interviews. It was consistent, deliberate effort rather than chance that made the difference.
Preparation for the working world
My course prepared me by giving me both technical depth and critical thinking skills. Strathclyde didn’t just teach theory; it emphasised real-world scenarios, research, ethical considerations, and teamwork. Assignments, presentations, and group projects mirrored industry expectations.
It also pushed me to think globally understanding privacy, compliance, and security challenges across borders, which aligns well with long-term ambitions such as contributing at an international level.
My typical day
No two days are identical, which is what I enjoy. A typical day includes reviewing security reports, analysing vulnerabilities, collaborating with development teams, and sometimes researching new attack vectors or defensive strategies. There is also documentation, meetings, and continuous learning — cyber security doesn’t allow you to stay still.
Most memorable work moment
In my first month after joining, I was able to present a live demo of a new project, which was a huge confidence boost. I had developed a security dashboard for multiple development teams, allowing them to clearly see how they were performing from a security perspective. Seeing teams use it, understand their gaps, and appreciate the visibility it provided was a proud moment — it made me feel that I was adding real value from day one.
Best part of my job
Knowing that my work has a real-world impact. Cyber security is invisible when done right, but it protects people, data, and organisations silently. I also enjoy the constant learning the industry evolves every day, which keeps me motivated. I am a fully remote employee so it’s also giving me a lot of flexibility as I love living in Glasgow.
Life outside work
I usually spend time improving myself writing articles on Medium or making videos on my Instagram trying to help with similar circumstances and international students with career guidance.
I also value balance, so I make time for fitness, content creation, or simply unwinding. Growth for me is professional and personal.
My plan B
Interestingly, I never viewed life with a strict “plan B,” but rather multiple growth paths within technology such as research, teaching, consultancy, or even entrepreneurship in cyber security. My mindset has always been to build a strong enough profile that opportunities naturally follow, whether in industry leadership or innovation-driven routes with global recognition.
Alongside my technical work, I’ve already supported 100+ individuals in their career journeys, and I see this combination of industry impact and community contribution as a natural fit for that direction.
Advice for other graduates
Don’t measure your progress only by immediate results. Especially as international students or career switchers, the journey can feel slow and uncertain. Keep improving your skills, build a visible portfolio, network genuinely, and don’t underestimate soft skills.
Rejections are part of the process they refine you. Focus on impact, not just titles. If you aim high, whether it’s leadership roles or routes like the Global Talent Visa, start early by contributing to the community, researching, writing, and building credibility.
Study Muhammad's course
Find out more about MSc Cyber Security.