Beyond technicalities: the value of a great communicator

The need for soft-skills alongside technical acumen in the Cyber security sector.

Despite the image of cyber security professionals as aloof, insular secret agents; too busy saving the world one security issue at a time for anything else, the reality is far different.

Ok those exceptional specialist skills are vital, but just as important are the soft skills that mean our candidates are real people able to flex, change and work with others as needed. Below are some essential skills and qualities to consider when recruiting in this dynamic sector.

Strong Communication Skills

Effective communication skills are crucial for cyber security employees in all areas of their role, requiring them to

  • Convey complex technical information to non-technical stakeholders
  • Collaborate with cross-functional teams
  • Articulate security risks and recommendations
  • Produce clear documents and reports

Look for

Candidates who can communicate clearly and confidently through written reports, presentations, and interpersonal interactions.

Analytical Thinking and Problem-Solving Abilities

At risk of stating the obvious, professionals working in cyber security need strong analytical thinking and problem-solving skills in order to

  • Identify security threats
  • Evaluate and assess data
  • Analyse data breaches
  • Develop innovative solutions to protect systems and networks

Look for

Candidates who can analyse complex information, think critically, and apply logical reasoning to troubleshoot security issues effectively.

Attention to Detail

It can’t be stressed enough that attention to detail is paramount in cyber security! Candidates will need to be sharp enough to

  • Detect and analyse security vulnerabilities
  • Identify anomalies in network traffic and system behaviour
  • Ensure compliance with security policies and regulations

Look for

Candidates who demonstrate a meticulous approach to their work, with a focus on accuracy in identifying and addressing security risks.


A hugely important skill, with professionals often handling sensitive information and access to critical systems and data. Professional and ethical integrity are demonstrated in

  • Strong ethical principles
  • Ability to be assertive and honest
  • Advocacy for ‘the common good’ and public safety
  • Commitment to upholding the highest standards of professionalism and confidentiality

Look for

Thorough background and reference checks that verify candidates’ integrity. Candidates that align with your organisation’s values and ethical standards.


Cyber security professionals often work collaboratively with teams involved in IT, compliance, legal and business. You are on to a winner if they can demonstrate

  • Strong teamwork and collaboration skills
  • Ability to build relationships
  • Effective communication with a wide range of people
  • Collaborative work towards common goals

Look for

Candidates who can effectively collaborate with diverse teams, share knowledge and expertise, and contribute to an organisational culture of collaboration and information-sharing.


The cyber security landscape is constantly evolving, with new threats and technologies emerging frequently. The following attributes demonstrate the adaptability needed to succeed in the sector.

  • Innovative thinking around new threats and challenges
  • Flexible in their approach to work
  • Willingness to learn and stay updated on the latest cyber security trends, tools, and best practices

Look for

Candidates who pursue professional development opportunities (certifications, training courses) and participate in industry conferences and workshops.

Seeking these soft skills alongside technical competencies will help to identify top tier candidates equipped to excel in cyber security roles, making a huge contribution to protecting organisations from security threats.

Hiring in the FinTech Sector: The Key to Unlocking Client-Centric Success

The UK’s FinTech industry is booming, fuelled by a perfect storm of technological innovation, changing customer expectations, and an appetite for disrupting traditional financial services. At the heart of this transformation lies a relentless focus on delivering exceptional client experiences – a pursuit that hinges on having the right talent in place.

In today’s FinTech landscape, hiring the right people is more than just filling roles; it’s about curating a team that truly understands the needs and aspirations of the modern customer. This customer-centric approach demands a diverse set of skills, from technical prowess to business acumen to a deep appreciation for user experiences.

One of the critical challenges facing FinTech companies is the war for talent. As the industry continues to grow and evolve, the demand for specialised skills in areas such as data analytics, cybersecurity, and user experience design is outpacing the supply. Companies that can attract and retain top talent in these areas will be better positioned to deliver innovative solutions that resonate with their clients.

But hiring the right people is just the beginning. Creating a culture that nurtures and empowers employees to think outside the box and challenge the status quo is equally important. FinTech companies that foster an environment of continuous learning, collaboration, and experimentation are more likely to stay ahead of the curve and meet the ever-changing needs of their clients.

Moreover, as the regulatory landscape continues to shift, having a team that deeply understands compliance requirements and can navigate the complexities of the financial services industry is paramount. FinTech companies that prioritise hiring individuals with a strong grasp of regulatory frameworks and risk management practices will be better equipped to protect their clients’ interests while driving innovation.

In the end, successful FinTech companies are those that can strike the right balance between cutting-edge technology and a deep understanding of their clients’ needs. By hiring the right talent and fostering a culture of client-centricity, these companies can stay ahead of the curve and solidify their position as leaders in the rapidly evolving financial services industry.

If you’re a FinTech company seeking top talent to drive your client-centric goals, look no further than Realtime consultants. Get in touch with Kristina Filipovic, our dedicated FinTech consultant, to explore how we can help you build a high-performing team that delivers exceptional client experiences.

Blockchain in Healthcare: Transforming Patient Data Management

Effectively managing patient data is a critical challenge in the fast-paced world of healthcare. The complexities of security, interoperability, and accessibility persist as current technology falls short, paving the way for innovative solutions grounded in cryptographic technology.

Within the healthcare industry, the secure and seamless sharing of patient data among providers is not only vulnerable to cyber attacks but also entails substantial maintenance costs. Enter blockchain – its decentralised and encrypted nature offers game-changing solutions. Blockchain not only facilitates enhanced methods for sharing healthcare data, managing insurance, and performing administrative tasks but also contributes to a collaborative and efficient healthcare ecosystem. This, in turn, minimises unnecessary expenses and eliminates the need for multiple intermediaries in monitoring critical health information sharing.

Furthermore, the traceability and authentication capabilities of blockchain extend beyond patient data. In supply chain management, blockchain enhances the tracking and authentication of products. In clinical trials and healthcare analytics, the technology proves invaluable in ensuring data integrity and improving research outcomes.

As the adoption of blockchain gains momentum, the healthcare industry witnesses exciting job opportunities. Blockchain professionals, including developers, solution architects, and data security specialists, are in high demand. This rapidly evolving field provides individuals with a unique chance to contribute meaningfully to the transformation of healthcare.

Blockchain’s potential in healthcare extends far beyond data management. It presents a paradigm shift with implications for efficiency, security, and collaboration. As we navigate these transformative times, the demand for skilled professionals in blockchain technology is burgeoning. If you’re seeking opportunities as a blockchain developer, connect with us today.

Know Your Talent Attraction Trends in 2024

When it comes to how we stay at the top of the tree in talent attraction, how much is set to change for 2024? Make sure you go into the new year confident in how to engage the top talent out there on the market – read our guide to the most important talent attraction trends in 2024.
You guessed it – AI

AI is set to continue to play a significant role in talent attraction. AI systems will be used to make our lives easier in 2024… 

  • Analyse CVs 
  • Write job descriptions and interview questions
  • Build automated processes – think using data from real time analytics to crafting communication with candidates or scheduling appointments 

These systems can even predict whether a candidate is likely to be successful in a particular role, making the recruitment process more efficient and data-driven.

Employer Branding

Building a strong employer brand will remain crucial for attracting top talent. 

  • Companies will invest in creating a compelling narrative about their culture, values, and opportunities
  • Employee advocacy programs will encourage current employees to promote their organizations as great places to work, leveraging their networks and social media
  • Branding extends through the full cycle from attracting talent to onboarding and feedback post hiring
  • Wise use of technology and social media to build image and recruit top talent, increasingly reliant on video and AI
Hybrid working as standard

Remote and hybrid working arrangements are nothing new, but it will continue to mark out the employers that people really want to work for.

  • Gives a competitive edge in attracting top talent
  • Talent attraction strategies need to emphasize the benefits of remote or hybrid work environments
  • Embrace the benefits of hybrid work 

 – freedom of remote working AND

 – benefit from training and development when in the office

 – organic generation of ideas created by colleagues in the moment when together

Outside the box hires

Specific skills and competencies will continue to be highly prized; more so than traditional education routes to employment.

  • Focus on identifying candidates with the right skills and a growth mindset
  • Offer continuous learning and upskilling opportunities to attract candidates looking for career development
  • Consider early career hiring – engaging potential candidates while still in education can mean building an inclusive business with the freshest ideas and lower starting salaries
How much do you care?

Increasing focus on diversity, equity and inclusion (DE&I) in talent attraction strategies means

  • Actively seeking out candidates from underrepresented groups
  • Creating inclusive job postings
  • Using data analytics to monitor and improve diversity metrics in the hiring process

A focus on care also means prioritising workers’ wellbeing, personalised talent nurturing (use AI as discussed above) and provide a positive experience for candidates. In an Indeed survey 

  • 80% of responders said they wanted faster response times from recruiters
  • applicants who receive a response from an employer within four hours are 95% more likely to accept offer than those receiving a response a week later

Remember that recruitment is a dynamic industry – to stay competitive it’s important to remain agile and adaptable. Aligning talent attraction strategies with evolving candidate expectations and industry developments is a win whatever year we’re in.

Static Code Analysis: An Overview

Static Code Analysis (or Source Code Analysis) makes up a fundamental part of a Code Review and is carried out by the security team during their typical test’s postproduction. It aims to flag up any possible vulnerabilities within source code.

It is actually seen as so effective/useful the UK Defense Standard requires that Static Code Analysis has to be used on all software in their Defense equipment.

As part of a DevSecOps environment, this is implemented during the software development phase itself, providing immediate feedback to the developer on issues they might be introducing into the code during code development itself. This ‘instant gratification’ is very useful compared to finding vulnerabilities much later in the development cycle (and the headaches/arguments that ensue).


  • Can be ran on lots of different types of software, scales really well
  • Can find some flaws automatically with very high confidence, making a developer’s life easier


  • Many types of security vulnerabilities are difficult to find automatically, authentication problems for example
  • Can’t find flaws like configuration issues, anything that is not represented in code

I think ultimately, whilst automation of security testing is what development and security teams are striving towards, given the current state of security tools they should be seen as an aid to security teams/DevSecOps engineers in determining whether code is secure or not, rather than replacement altogether – a substantial amount of human input is still very much needed (for the time being, anyway).

If you want to check out more, I recommended reading up on this article linked below:


A love letter to functional components and keeping it simple

As a developer, it’s hilariously easy to get caught up in the complexities of the problem you’re working on. Complex problems demand attention, and this demand makes it all too easy to forget important details and questions we should be continually asking ourselves along the way. Questions like: “Why am I doing this?”, “How does this benefit our end users?”, “How will this affect us x months later”, and “Is there a better way to solve this problem?” though peripheral, are all vitally important but frequently overlooked by devs when a problem starts to get tough.

Developer tunnel-vision can be disastrous. Complex software developed without regard for these questions runs a serious risk of being delivered fundamentally inadequate; failing to deliver the value expected by end-users, or littered with technical landmines, instabilities, or bloat. Complexity in our problem-spaces is bad! However, this very complexity which plagues us is inherent to our industry; we’re paid to be problem solvers – and to solve problems which are large, intractable, and deeply complex, and there’s nothing we can really do about that!

So if we can’t simplify the problems we’re being tasked with, what can we do to reduce the complexity we’re exposed to and prevent tunnel vision? The answer lies in optimising the things we can control. By carefully selecting the tools and techniques we use from the standpoint of reducing complexity, we can expect marginal gains in the simplicity of our solution. Even if these gains individually aren’t much, when looked at holistically they’re significant! This lessens the cognitive load of your team – freeing up brainpower to not ignore those crucial peripheral questions!

Two years ago, my team was struggling with severe complexity issues. We had a monolithic aging React application, a dizzyingly vast and complex problem domain, poor user engagement, and a long list of requested features. We were forced to re-examine our development philosophy and we made a number of crucial decisions to update and simplify our React application in order to improve it and ensure its long-term health.

Early React was particularly vulnerable to producing polluted solutions when encountering complexity. Unidirectional data-flow, bloated class-based components, and layers-upon-layers of wrappers and providers meant that developing for early React required lots of effort fighting it’s internals and jumping through the hoops of the framework. The complexities of React would just compound the complexities of your problem, and contributed to the mess we’d found ourselves in.

One of the first decisions we made was to switch to preferring and slowly refactoring towards using functional components. Functional components, also sometimes known as stateless components, are a more minimalistic implementation of a React component. Unlike their class-based counterparts, the syntax of functional components is pretty much that of a native JavaScript function; lacking the verbosity that comes with the implementation of a class-based component’s lifecycle methods. They are quick to write, concise to read, and crucially easier to reason with. They help developers by reducing complexity and removing boilerplate code, tightening the development feedback loop, and affording more time and capacity to address other issues.

Stateful logic has always been a difficult problem in React. Traditionally, stateful workloads have been implemented within the lifecycle methods of a component, but this has proven problematic when similar bits of stateful logic have needed to be replicated across many disconnected components in a codebase. This is technically “solvable” using patterns like render props and higher-order components, however these require invasive restructuring of component hierarchies and tend to result in convoluted codebases filled with layers-on-layers of providers, wrappers, and other abstractions in order to somehow link otherwise unrelated components by their common stateful logic. In fact, the React team coined the term “wrapper hell” for this exact problem! (see figure 1)

computer code

Figure 1

React released a neat solution to this on February 6th 2019 with Hooks. Hooks are reusable functions which produce side-effects within components. These side-effects could be anything, but are commonly used for tasks like managing state, interacting with APIs, and handling contexts. When integrated with functional components, hooks neatly solve the problem of “wrapper hell”, allowing components to remain stateless and outsourcing common or stateful functionality to the hook. This promotes the pattern of small, simplistic, easily reusable components; and we’ve had great success with hooks alongside with functional components. It’s worth mentioning though that hooks aren’t a perfect solution in all cases. Their inherent simplicity means that they’re sometimes not ideal for applications with large amounts of complex stateful logic – in these more extreme cases, tools such as Redux may be more appropriate. (see figure 2)

computer code in Redux

Figure 2

This pattern of simplicity has also bled into the wider React ecosystem. One tool our team is particularly fond of is Storybook. Storybook is a component design tool where you are able to develop and document individual components in isolation. This makes it easy to develop and demo components which might normally be hidden deep within your application with minimal fuss. It also lets you interact with your component as you’re developing it, helping you build your UI almost from the perspective of somebody actually using it – helping discover potential edge-cases and usability issues early. Developing components in isolation helps keep them simple. It promotes building small, discrete pieces of logic for your users; minimising complexity and maximising user satisfaction. Our team is so fond of this tool, we’ve actually deployed an instance of it alongside our main application in a continuous deployment environment so interested parties can play with components and prototypes that we’ve not necessarily plugged into the main application yet!

Maximising user satisfaction through simplicity is a pattern also being embraced in how React applications are tested. Traditionally, Enzyme was the de-facto React testing framework. It works in a very similar way to many other testing frameworks for backend systems – invoking classes and methods containing your business logic, and mocking out other interactions. This approach might be fine for an API where the shape of the data coming out of it is the thing we interact with and want to guard against regression. However, this is often inadequate for testing the functionality of a frontend application where we want to assert and guard how users are able to interact with and navigate through it.

React Testing Library is rapidly replacing Enzyme because it does exactly that – it renders your components and tests them by interacting with them how your users would, i.e, clicking on a button instead of calling an arbitrary function somewhere in your implementation. If for some reason that button wasn’t to render, it wouldn’t matter how well tested your underlying logic was – nobody would be able to use it! Because RTL-based tests don’t test unnecessary implementation details, we’ve noticed that they’re far less brittle and ultimately much easier to maintain over the life of a project. By changing our testing approach, we’ve been able to delete scores of Enzyme tests as a small number of RTL tests will provide the same assurances! Plus, by specifically testing user outcomes in a more representative way, we’re able to provide much more confidence in the accuracy of our solutions! (see figure 3)



Figure 3

In summary, our team has had great success simplifying our UI module-by-module using methodologies and tools from the modern React ecosystem. Our work in this area is still not fully done, but we’ve been continually delivering new and updated features alongside this continued refactoring effort. Our application is now simpler and less complex! This is metricated by our team’s increased velocity, the number of bugs we’ve found in our pre-prod and production environments, and our steadily growing user community. Of course, it’s still possible to develop tunnel vision when working on our refactored application – but instances now happen much further and fewer between. If your team is in a similar position as we were two years ago, I’d strongly recommend looking into your stack’s modern ecosystem and seeing if you can’t improve things in a similar way!


React hooks and stateful logic:


React testing library:

Pair Programming


Technical interviews are essential for a company’s hiring process and are designed to gauge a candidate’s ability to tackle real-world problems. Hiring Managers devote significant time to assess a potential employee’s experience, knowledge and personality and to try and gain comprehensive insights into their technical skill set and their long-term potential.

However, interviewing, testing and onboarding technical employees can be tedious, especially when there’s limited knowledge about candidate assessments, which further exacerbates the hiring challenges.

So how does one sift through a massive pool of candidates whilst streamlining the technical interview process and improving hiring quality? This is where Pair Programming could come in.


Pair programming is a software development practice in which two Developers collaborate on a single workstation at the same time, either in person or remotely.

Each Developer has an alternating role to play. One acts as the driver who writes the code, and the other acts as the navigator who reviews the code and provides information and instructions. Both then switch at regular intervals from anywhere between 15 minutes to 1 hour.

Whilst there are many approaches to Pair Programming, the goals are usually the same:

Two brains are better than one – When two people work together, the code quality will increase and fewer mistake will be made than if it was one person alone.

Sharing is Caring – When two people are responsible for building a specific feature, it’s easier to for them spread the knowledge of how that feature works to the rest of the team, meaning more people understand how it works and how to rebuild or refactor it in the future.

It’s for these reasons that Pair Programming could be the answer to a streamlined technical interview process.


During any interview, you want to be able to analyse an individual’s suitability for the role and culture. Not only does Pair Programming provide those answers, it also enables you to gain a technical understanding of their ability and the unique opportunity to see how they work in situ.

The key skills that you’re able to analyse are:

Collaboration – Working alongside someone else gives you the opportunity to see how they operate in a team environment, how they communicate and to see if their personality is suitable. It also gives you the opportunity to provide feedback and see how they deal with criticism.

Problem solving – Development is all about solving problems and it’s what a Developer will be doing in their job every day, so you need to know how they approach the problem, why they approach it that way and the rationale behind their choices.

Code quality – Ultimately, you want a Developer to produce code to the best quality, relevant to their skill set and level. Pair Programming gives you the perfect opportunity to see this, as well analyse the clarity, testability and readability of their code.

Learning – Pair Programming can also be a great platform for more junior Developers to learn from those with a lot more experience. Whilst the premise can seem daunting, those with the openness and eagerness to gain knowledge and ask questions show an important trait if you want to create an office environment that breeds creativity and innovation.


By no means is Pair Programming the only solution and it will no doubt have it critics, however it does offer many benefits that can help speed up the technical interview process. Technical Tests are becoming outdated and can often put candidates off altogether, so providing a platform that puts an interviewee at ease whilst benefiting the interviewers might be a step in the right direction.

Tech News

Here’s our latest batch of tech news snippets.


Bristol-based Vaarst, a spin off from Rovco, was formally launched last week. Their goal is to revolutionise the offshore robotics sector by providing Artificial lntelligence technology to marine and subsea providers for autonomous robotics work. They’re already predicting revenues of over £1m by the end of 2021!



PlayerData, an Edinburgh-based startup that aims to transform the way amateur and professional sports teams train, has raised £1.7m in its latest funding round. The investment comes from Hiro Capital and former Tesco CEO Sir Terry Leahy and will help to grow their injury prediction software across multiple sports and countries.



After raising almost £6m in funding and 8 months of beta testing, London-based sustainable investing platform Clim8 Invest have successfully launched their brand new app. The app let consumers invest in companies and supply chains with a focus to tackle climate change.


Stay tuned for the next instalment!

Terraform vs CloudFormation – which is the better tool for IAC?

Infrastructure-as-Code allows teams to manage and monitor infrastructure through source code which can easily be accessed, edited, and improved. IaC is a key DevOps practice as it automates routine tasks and saves time for developers and operations teams, which leads to quicker deployments and continuous delivery.

Two popular configuration-orchestration tools for IaC are Terraform and CloudFormation. Terraform is an open-source infrastructure as code software and CloudFormation is a service of Amazon Web Services. The role of these tools is to automate the deployment of servers and other infrastructure.

Companies often require experience with IaC when hiring DevOps Engineers, especially with Terraform and CloudFormation, so I have researched these tools and some of their comparisons.

Availability – As Terraform is open-source it can be used to apply changes to several cloud providers and third-party providers, however CloudFormation only manages AWS resources so if a company is not using AWS infrastructure, they will not be able to use CloudFormation.

Usability – Handling modules with Terraform is simpler than CloudFormation as they are self-contained and come with native support, whereas CloudFormation lacks a place where templates are shared and leaves it to the user to modularize templates.

CloudFormation has a graphical user interface where resources can simply be dragged and dropped to deploy which makes it easy to use for beginners, in contrast Terraform does not offer a user-interface.

Cost – The open-source version of Terraform is free of charge and problems are generally resolved quickly by the support team. The Terraform business version which is paid for offers different support options including SaaS or private install. CloudFormation a free AWS service where the level of support included depends on the plan chosen.

The administrative overhead cost is less with CloudFormation as it is a managed service which guides the users with some decisions and has a lot of possibilities, whereas the user is responsible for managing the process with Terraform.

Speed – CloudFormation can take some time to support new features for existing services whereas Terraform is often faster in supporting new services.

There are many other comparisons that can be made, but I have found they are both considered to be extremely powerful tools and remain to be the most popular choices for infrastructure-as-code. Although, with the ever-changing world of technology you never know if there is a newer, better tool just around the corner…



Tech News

Here is our latest batch of tech news, this week focussing on Bristol


Bristol-based Adalpha have been bought by AJ Bell. Adalpha is currently developing a mobile-focused platform for financial advisers, and this recent buyout will enhance AJ Bell’s mobile accessibility for advisers and clients.



Another Bristol company in BlueVenn has been acquired by Upland Software, who have their HQ in Austin, Texas. As a leading SaaS vendor, this deal will enhance their global reach and enable Upland to provide more in-depth data insight.



CytoSeek, a hugely exciting BioTech startup, has recently raised £3.5 million in its latest round of seed funding. The money will help to accelerate the commercialisation of its AI technology, which will be used to discover the potential of immune cell therapies for treating tumours.


Stay tuned for the next instalment!