How do you integrate opportunities for career development into your security team’s everyday work?

My philosophy is to optimize people for their strengths while giving them stretch goals to broaden their horizons. Even if they are not directly responsible for meeting these goals, partnering with others helps them develop new skills. As a leader, you need to spend time understanding their career development plans. For new joiners, you might need to create these plans, but for those who have been around for a while, stretch goals become increasingly important.

We allocate the last Friday of every month for creative development, where team members can focus on training or self-improvement. This no-meeting time allows them to pursue whatever training they need. Letting team members own their projects and speak in team meetings helps them feel responsible and accountable, which has a positive impact on the business.

I had a team member who struggled with presenting ideas. We identified this as an area for development, especially since they wanted to move up the leadership ladder. We set a goal for them to present a topic to the team, which they did after researching and preparing. They received feedback and improved significantly. We also recommended internal training courses on PowerPoint and public speaking. This holistic approach to skill development, including soft skills, has been very beneficial. That team member is now a director at another organization.

I believe in making my team members interact with business owners across various departments to understand business processes. This includes knowing which applications are used and identifying major threats or risks, such as regulatory compliance requirements or past security breaches. This business interaction helps team members see the value they bring to the business, beyond just increasing security posture.