Profile picture

Promotion Q&A and Videos

About Promotion

Mapping a Road to Success as a Security Engineer

Senior Security Engineer at Taro Community profile pic
Senior Security Engineer at Taro Community

I have read several articles on becoming a Staff Security Engineer or Principal Security Engineer, and I understand that career growth is not just about personal aspirations but also about aligning with the organization's needs. In my current situation, my goal is to increase my visibility within the organization. I believe I've spent enough time working internally, but a significant part of my visibility in the security community is still pending. My ultimate goal is to enhance visibility, establish a brand as a security engineer, exert influence, engage in cross-collaboration projects, and grow my presence in the community. To boost visibility, I realize I need to engage with the community by writing blogs, creating tools, giving talks, and attending conferences.

I've observed exceptional performance by certain engineers and have often wondered how they can think outside the box, achieve skip-level promotions, and grow exponentially within the company. Do they have mentors? How can one find a mentor, and how do you determine if you need a mentor?

How can I start this journey and find the motivation to do so? Additionally, how can I maintain consistent motivation, as motivation may fluctuate? For instance, after two weeks of hard work, there might be a dull and weak period, and then you need a kickstart to regain the curiosity you had the week before.

I do find curiosity in my current role and the nature of work as an Application Security Engineer, but sometimes I also think, should I explore a bit of change towards offensive security or red teaming?

Furthermore, my personal passion and motivation always lead me towards delving into technical aspects. How can I align more with the business needs of the organization and develop my business acumen skills? How can I develop multiple skills to operationalize application security engineering in a team?

In my current location, there are limited job openings for security engineering positions, making it challenging to switch roles. What are other possible options for me in this situation?

In summary:

  • Is there a roadmap to grow as a security engineer within the organization, gain influence, create a personal brand, and secure promotions?

  • How can I enhance my visibility in the security community and maintain consistent motivation?

  • If I find myself stuck in my current role, because of limited openings in my current location, what alternative things can I explore?

  • Given that many interviews for security engineer positions now include coding rounds, is there a structured pathway for enhancing coding skills specifically tailored for security engineers?

  • How can I maintain consistent motivation, as motivation may fluctuate?

  • How can one find a mentor, and how do you determine if you need a mentor?

  • How can I develop multiple skills to operationalise application security engineering in a team? What does even operational excellence mean?

Any insight will be highly appreciated.

Show more
Posted a year ago
109 Views
8 Comments

How to make it count for putting out fire before it started?

Senior Software Engineer [E5] at Meta profile pic
Senior Software Engineer [E5] at Meta

Background:

Our team inherited a set of products which are full of spaghetti code and bad design. We are currently building a high visibility and high impact project based on the backend of this system.

Although the main project UI goes on-track, some critical backend design flaws will hinder product performance and reliability within a couple of months - maybe close to or right after official product launch, which will turn our whole effort into a joke since we have executives' eyes on it.

My progress this year so far: (besides my roadmap item commitment)

  • 1. Identified a system hotspot, finished analysis & design, and convinced our EM to rewrite this module (currently 95% finished by a junior engineer.)
  • 2. Rewrote 1 foundation module to eliminate legacy design flaw (ended up with less code, less complexity, same performance, more system reliability.)
  • 3. Design and rewrite another foundation backend module to address legacy design flaw & unblock development of the next milestone
  • 4. Leading on technical design and discussion of a re-architecture for the overall backend end to end flow. (simplify design, improve performance)

NOTE:
- I tried to delegate 2 & 3, but no other engineers can do them after a few try since it's too tightly coupled with the rest of the system.
- our team lead is championing for all these work, which is how we are able to make room for them

Benefit of these work:

  • accelerate other engineers' work in the system
  • cut clean with the legacy system design flaw, improve product reliability and performance
  • ensure our team's win on the high visibility project that built on top of this backend
  • easier oncall for the short run or long run

My questions:

  • In terms of performance review, my manager thinks this is better engineering work, while I think is closely tied to the success of our main project. What kind of evidence do I need to convince him? (My EM is not very technical)
  • From his tone, I sense he thinks better engineering work in considered "lower priority contribution". Is this true? How do I communicate the importance of code/design quality with him?
  • I'm trying to reach the staff level promo, does this initiative demonstrate any trait for the next level? (I'm not doing it for promo, but my EM's neglect on this makes me pretty frustrated because refactoring and rewrite is such tedious and painful work... I want to make it count)

Thank you!

Show more
Posted 8 months ago
99 Views
3 Comments

How do I get a Senior SWE promotion if I work at a client based company where projects change every few months and my manager is the same age as me (26)?

Mid-Level Software Engineer at Taro Community profile pic
Mid-Level Software Engineer at Taro Community

Hello!

I used to work for a large fin tech company but recently got a job at a client-based company. They flew me into the office for an onboarding week and the culture and people are fantastic. I even made a decision to move from DC into the Houston office just cause of the people and weirdly I realized that my personality is a bigger asset than I realized. I enjoy chatting with people, and a Director of Product even told me "I don't usually hold 1:1s with the new folks but your personality was shining so bright!"

I only give this info cause I'm not very confident in my technical skills. While I got a great performance review in my last company, it was because of my determination, my willingness to go full stack when no one wanted to, and cause I was very close with the Product and Design team. Tbh that's also cause I don't really nerd out about state management or the newest framework or whatever like everyone else seems to. I enjoy frontend cause I like making pretty things and that's it. I'm not the person who is constantly thinking about how to make our testing process or pipelines better. I can learn those things if I need to but it doesn't come naturally to me.

I have admitted some of this to folks at my new company and they've been super cool about it. They even suggested I dabble into a Technical PM role. That's still something I'm chewing on cause while it's silly, I love typing things on my pretty little IDE and I like fewer meetings. But I don't imagine coding forever. In my company, a senior engineer gets to lead a project, manage people, and talk to clients. I'm aiming for a senior role cause I think it aligns more with my natural skill sets as I believe my soft skills are stronger than my technical skills.

My manager became a senior recently and told me it was because he was willing to do whatever client project came in whatever language that was required. He's the same age as me and only started coding 3 years ago after a BootCamp. This is his only company but I'll admit, I feel like he's a stronger engineer than I am. I've been in the company for a few weeks, and I've been getting my stories done quickly even though their tech stack is new (but everyone is fast) but I'm not sure how to even become a Senior since I don't know if I will be able to become the rockstar engineer that my manager is. I will move earliest in September so I'm remote until then. Projects also come and go so fast. Any ideas on how to standout?

Show more
Posted 9 months ago
93 Views
4 Comments

How to navigate promotion talks when no direct manager or director in sight for approx. 2-3 months while being a new member on a team?

Anonymous User at Taro Community profile pic
Anonymous User at Taro Community

I recently changed teams(been over 4 weeks). The current team did not have a manager/sr. engg manager to report to, and everyone reported to an Sr. director. This sr. director reported to a VP in my org.

Unfortunately during a round of layoffs, our director got laid off. So, now imagine my team is "headless".

Our VP did mention that they will try to bring in someone interim. Say that happens, and I am able to make a good connection with this "new" but temporary manager, but after a few months, we get a "permanent" manager, my questions and/or concerns around these are

  1. This would be my first time I will be in this situation mine is a tier-3 company, also not a tech-first company, is this how even Big Tech works? How do you all navigate this change, and continuous (non-technical) context switch of leadership?
  2. As you might have guessed how do I best make sure that my accomplishments(refers to the brag doc*) gets clearly communicated between my old manager, me, and my new manager?
  3. Does it make sense to even "talk" about getting promoted with the old manager if I have been on this team for 4 weeks?
  4. Re. to point 3, some notes about my accomplishments: I already was able to find bugs in their pipelines, and communicated about this to cross functional teams too, and everyone acknowledged this, and we have been able to avoid a major failure while shipping to prod environment, thereby saving us time(in months). What I am trying to say is I have been making(in my humble opinion) impact from day 1. I also am contributing to an internal library which will be used for onboarding several teams(cross regional too) in my company. I am the second developer on this repo. I already am keeping track about all of this in my "brag doc", I have been clearly communicating about my work with my scrum master, my current Principal Engineer, and other engineers.
  5. This is painful to write but, we have 3 engineers including me who are on the same level as mine(level 2), 1 Level-1, and 1 Principal Engg. Now, I am not comparing, but how do I put my best foot forward so that I too get a shot of pushing forward my promo packet along with others? There is a notion in my company(I dont know about Big Tech) that we "tend to" not have more than 2 level-3 engineers on a team, so should I just give up of not hoping to get promoted, and instead keep my head down and wait for new year or until I quit? Sorry if I sound negative, but its what it is.

Some more information about me:

YOE: 6+ this is what has been killing me from inside, 6+ yoe, and stuck on Level-2, I agree things were not hunky dory with me(been through a lot of personal s***), and couldn't focus on this side of my life.

I agree this is my mistake, but I know myself, and I know I can make it work,I can push myself and make it work, but asking for a guidance is all.

Appreciate you all for reading till the end, can't thank this community especially Rahul,and Alex.

Show more
Posted 2 years ago
93 Views
3 Comments