The better a security team works together, the bigger the direct impact on how well it can protect the organization.

Gourav Nagar, Senior Manager of Security Operations, BILL

March 1, 2024

4 Min Read
Cartoon of people putting large puzzle together
Source: Sergey Pykhonin via Alamy Stock Vector

COMMENTARY

Long before I was a cybersecurity manager, I was an individual contributor. I made many mental notes for myself about what I liked and saw that worked well for teams to gel and thrive. I also experienced, lived through, and survived tougher situations, where a manager was not understanding his or her team 100% — and, thus, could not inspire them, let alone rise above day-to-day challenges.

In the years since I transitioned into being a people manager, I've been able to put into practice the lessons that I gathered. Building a diverse security team has been very thrilling and fulfilling for me. I want to share what I've learned and tested out personally, because security teams have an important role to play in any organization. The faster and better a security team works together, the bigger the direct impact on how well it can protect the organization.

Three Management Tips

Here are some things I've learned:

1. Hire for diversity and quickly align on team culture and processes.

Even before a job requirement is written, managers must reach out and develop their networks in innovative ways. I make it a habit to check out different posts and people on LinkedIn and join other platforms for connecting with security professionals around the world. Initially, when I reach out, the intention is to find out a little about what people are passionate about and share stories and tips. Later, when an opportunity becomes available, it's much easier to tap the contacts and connections that have already been established.

Building a team begins with hiring, but once the team starts working together, it's critical to create a common language and a set of expectations and processes. This way, the team can work toward a common goal quickly and avoid miscommunications. Especially for diverse teams, where the goal is for each person to bring their different experiences, unique perspectives, and distinctive ways of solving problems, having common communications channels to share updates and collaborate ensures team members can spend more time on what they love to do and not worry about team dynamics.

2. Create trust for every single person on the team.

We have to accept that working in security is often very stressful and demanding. Managers play an important role in helping to create trust and openness to be their authentic selves for every single person on the team. How can we do this?

  • Meet regularly with team members in group settings and in one-on-one meetings as well. As the manager, you can model sharing context and knowledge openly. When a change is happening, be the first to update the team and share what you know about why it's happening and the desired outcome for the change. It is during times of change that anxiety could be higher than normal, and having regular touch points and sharing information more frequently can ease the spikes.

  • During meetings, share with your team how their work is making an impact on the organization. Managers need to be deliberate and mindful about sharing feedback from other organizations and leaders. Don't take it for granted that your team knows their impact. Most of the time, team members are heads down in the daily grind. Make it a regular habit to lift their heads and take a moment to share and celebrate the wins.

3. Help your team members build a career in cybersecurity and stay excited with innovation.

Of course, it's up to each of us to take ownership of our own careers. As managers, we may know this well, but not all our team members might. Our role is to remind and encourage each of them to actively learn and pursue roles and responsibilities that will keep them excited and help them in their careers. By embracing innovation, they will grow and stay motivated. Also, ensure that each individual has respect, ownership, and accountability. These are the essential blocks for building confidence and giving everyone the space to try new things, especially if they are out of their comfort zone.

I'm a big believer of growing leaders within organizations. If you have team members who enjoy mentoring and managing others, provide opportunities and experiences for them to try their hand at managing. Once they take a few steps toward their goal, guide them and provide insights on what you have learned and what has worked well for you and the teams you have managed. 

In my experience, these guidelines work well for new and small teams, but they are essential for larger teams going through rapid growth and change. I hope you can try some of these tips and share what has worked well for your teams with others in your network. Together, we are upleveling what it means to be a cybersecurity professional that is part of amazing, diverse teams.

About the Author(s)

Gourav Nagar

Senior Manager of Security Operations, BILL

Gourav Nagar is Senior Manager of Security Operations at BILL. He is responsible for building a world-class security operations team and leads three dynamic units: Security Operations, Offensive Security, and Security Engineering. Gourav brings a wealth of experience and a strategic approach to managing complex security challenges. Prior to joining BILL, Gourav held leadership security positions at Uber, Apple, and EY.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights