Joe Thomas

When software developer Joe Thomas had the unfortunate experience of having the website he was working on hacked, little did he know it would provide a complete change of direction in his life.

Overcome with curiosity about who had carried out the act of sabotage against his employers, he set to work in unpicking an information trail that would pinpoint an organisation in the Far East as being responsible. The sense of achievement and satisfaction was overwhelming.

“I had acted to find out who had done this and two days later I had the result,” Joe, who now works for in the IT Forensics and Cybercrime Investigation Team at accountancy firm Ernst & Young, said.

“I decided there and then that this is the line of work that I wanted to pursue.

“Having examined the options, I decided there were two ways to go – there was a route back to university, which may have gained me more forensic experience but would have cost me.

“Alternatively, I could go to the Metropolitan Police and offer the skills I already had with computers to the high-tech crime unit. And, at the age of 30 in 2004, this is what I did.”

Change of direction

By all accounts, the plan that culminated in Joe entering IT forensics, and later cybercrime investigation, has seen him accrue a vast array of both life experience and technical acumen.

“Once I was accepted into the Met I did all the usual training, and was initially based in the borough of Islington,” he recalled. “Aside from my computer skills I genuinely loved uniformed operations and being a response officer was really amazing.

“You actually learn so many new skills in this role and all the time you deal with many weird and wonderful situations – it is a period of my life that I enjoyed enormously.”

Having served as a response officer for more than two years, a stint in crime investigation and CID followed before Joe was ultimately snapped up by the high-tech crime unit at the tasking of the Directorate of Professional Standards – and put into the intensive training package to become a certified forensic computer examiner.

“They sent me out to Orlando in Florida to do the course, which lasted for two weeks, followed by a lengthy examination process” said Joe. “It was interesting and the people running it stepped you up gradually – in the first instance you had to unpick data on a floppy disk and put it back together.

“Later you were given a full hard drive, which you had to examine, and at the end of the course you had an encrypted file that you had to deal with – this actually contained the final exam questions. It was not too bad because by that stage you knew what you were doing.”

Dark side of the job

Returning to London – and pressed into action in the frontline of the force’s internal investigations – Joe immersed himself in the complex work of probing the computers of those suspected of being used by officers in misconduct-related matters.

“With computer forensics you start out with a device such as a computer or phone and you are simply investigating to see if there is any evidence that a crime has been committed,” he said. “I was doing what I had enjoyed doing – interrogating computers.”

However Joe also found that, by its very nature, the job had a distinctly unpleasant side. “The first and the last of the cases I worked on with the high-tech crime unit involved indecent images of children,” he recalled. “Obviously this is a hugely important thing that we have to investigate, and it is something I found myself having to deal with.

“You have to respond professionally if your investigation leads to finding these images.”

Corporate dreams

Despite being thoroughly committed to the role for which he had joined, Joe admitted that he ultimately found the lack of promotion prospects in such a specialist area frustrating. To progress beyond being a constable he would have had to accrue experience elsewhere in the force and he instead began to broaden his horizons towards the corporate world.

“When I joined the police I was also on quite a high salary and had to take a cut, so I had been looking around. Somebody suggested that I should examine at the ‘big four’ companies in finance – EY, Deloittes, PWC and KPMG – so that is where I looked.

“I left the Metropolitan Police in February 2013 – having come from a role in civilian life I found that part easier than perhaps some others. People who were already working for EY told me they enjoyed the team there, and that is the firm I joined.”

Now dealing with both IT forensics and cybercrime investigation for the company’s many clients, Joe said the work is both enjoyable and highly rewarding – and believes the core skills he learned in the Met are still serving him well.

“There are things they teach you in the police that you can apply throughout life,” he added. “You are taught how to take individual responsibility for what you do –  but there are also not many ex-officers in IT forensics in the financial services so I can bring my experience here too.

“The work with EY is fantastic – it is so varied and every day is very different as we move to protect clients and stop cybercriminals from getting around protective measures.”

It has certainly been an interesting career to date, with the potential for continuous development in future. An aspiration that started out of a professional curiosity has been complemented with policing skills – and now stands Joe in a strong position going forward.

“I now have what I have been aiming for – a career that I wanted for many years,” Joe concluded. “Along the way I loved being a police constable in uniform, and I have the privilege of being able to investigate computers. All in all, it has been great.”