A colleague of mine, Fred Stock, recently wrote about “Security Advocates” in his blog over at the RSA blogging site. In short, he suggests supplementing your core security team with outposts of knowledge throughout your product development teams, who can evangelize security concepts, eliminate trivial demands on your core security team, and make critical decisions with product-specific knowledge.
He’s obviously writing about this from the standpoint of improving the quality of your code and your organization from a security standpoint, but I wanted to add another dimension to this: growth.
As a manager, I spend a lot of time doing work which is necessary but not always rewarding. Someone needs to attend meetings, identify and track dependencies, monitor metrics, track goals, and all that. But there are times where the job is incredibly rewarding and one of those is when you can help someone grow.
So when I read Fred’s post, I don’t think, “Oh, that would definitely make a team more effective.” I think, “Wow, what a great opportunity that would be for someone.” Think about the sort of demands being in the role Fred describes would make upon someone. Think about the sorts of skills necessary to do well in that role. Finally, think about the sorts of things you want a developing talent within your engineering organization to have. Now, try to tell me this isn’t a perfect growth opportunity.
One of the ugly truths of managing employee growth is that there aren’t always business opportunities which align to someone’s developmental needs. So when something like this comes along, your eyes should light up.