Lesley Carhart Jun 16, 2024

Two controversial pieces of cybersecurity career advice I give to a lot of people I talk to on mentorship calls:

1) Don't become a manager unless you genuinely want to be a servant leader and devote yourself to people and program management for the joy and fulfillment of it.

2) Don't become a red teamer unless you genuinely in your heart of hearts want to be a red teamer, you understand what the role entails (even the boring parts), and you are willing to very deeply commit extra time and effort. They're generally much more competitive roles.

Show threadJohnMasheyJun 16, 2024
@hacks4pancakes
Good advice, 2) specific to cyber-security, but 1) (don’t become manager unless…) is much more general & should not be controversial.
I’d add: if you want to be a manager, make sure you’re in organization that knows how to develop individual contributors (who might want to) into managers, 1st-level mgrs to 2nd-level, etc.
This was institutionalized when I was at Bell Labs. Silicon Valley has been more variable, sometimes individuals promoted with varying degrees of readiness.
Show threadJohnMasheyJun 16, 2024
@hacks4pancakes
For instance, at Bell Labs, yearly merit review was done by lab (typically 100-150 people, likely 3-5 Dept Heads, each with 4-5 supervisors). We spent half the time talking about personnel development, like:
A) who’s ready & interested in promotion
B) who’s doing a great job at X, but needs a different assignment for broadening
C) who needs project lead role to see how they do
D) who should attend an internal management training course
E) Who’s happy indefinitely as individual.
Show threadJohnMashey
@hacks4pancakes
One more piece, now that I'm home and could scan an old page from October 1980.
This was from my Director, who gave to his Department Heads, explaining how they'd be appraised.
Mine passed this along to his Supervisors, including me, ...
i.e., for folks who might aspire to another promotion, sometime.
I.e., Member Technical Staff => Supervisor required some of this, but on smaller scale (typical group ~4-8 people).
"III. People" is about half, note especially III.1 a & b.
Jun 16, 2024 at 9:48pmWeb