19 Aug Hiring your Team in your First 100 Days
You’ve just taken on the role of Information Security leader in an organisation. You’ve started to build an understanding of the business and what your objectives should be for the next 100; 200; 300 days. As your goals become clearer, you will need to start thinking about what you now need to be able to meet your targets. Building a strong functional team is key to your long-term success.
Building the Role Requirements
Think about your strategic objectives and understand how hiring for different roles in the team can help you meet those objectives. Start by looking at what you need to deliver in the short term, and understanding what parts of that you are not able to do alone. Focus about the what – what is it that you want to achieve and what is it that you need to achieve it – is it technical knowledge, experience, time? This should start to shape your idea of the skills that you want to be looking for in your candidates.
I suggest thinking about the following to assist you with identifying the requirements for a role:
- What skill set/s do you need to achieve your short-term goals?
- What skill set/s do you need to achieve your long-term goals?
- Which of those skills, do you not have?
- What level of experience will likely make most sense in line with the organisation’s current maturity?
- What is the culture of the organisation? Are you looking for experience working in a similar culture?
- Is the organisation quickly shifting from a start-up to a more corporate culture – will they fit in?
- What is it that you need to trust and depend on someone in your team?
Once you’ve built a more clear understanding of the needed skillset, you need to think about your long-term goals, and your organisation’s long-term goals. Think about the personal characteristics the candidate would need to have to fit your and the organisation’s needs in the future. It is their personal characteristics that will allow and enable them to evolve their current skill set, to meet future organisation and team needs. Whilst such characteristics are harder to list down in a job specification, make sure to keep them in mind during an interview.
Write them down in order of priority, and ask questions around scenarios and events that can help draw out such characteristics.
Understanding the Responsibilities of the Role
Prior to onboarding new members to your team, you need to have a clear picture of the type of role you are looking for, in order to meet your objectives. Keeping in mind the skills you’ve listed as missing for you to meet your objectives, now think about whether the next role you are looking to onboard is highly technical; focused on governance or a balance of both. The following scenarios can help you figure this out:
- What sector does your organisation operate in – is it a digital organisation, with digital at its core? Do you already have someone managing your technology’s security?
- Do you need someone to implement technical security controls, or to govern them?
- Is the organisation looking to invest heavily in new technologies, meaning the candidate will need to be ready to invest in their growth?
- Are you looking to start with 3rd party penetration testing and then switch to internal testing at one point – do you want them to be able to do this from the start, or will you invest in their learning?
- Do you want them to be able to deliver training to tech and non tech personnel?
- Do you want them to support infrastructure and/or development teams? Are you expecting an in-depth knowledge on both areas?
- Are you expecting them to support on internal and external audits?
- What is the level of maturity of the Security Function – which areas require an increase in maturity? Does this require investment in technology; processes; training?
The kind of role you are looking to onboard should be clear in the job specification, and most importantly it should be clear to you when you meet potential candidates. Being aware of your expectations around the role you are attempting to fill, will help you assess whether they are fit-for-purpose for your current and future goals. Communicating your expectations to future candidates, at interview stage, gives them a clear view of what they are walking into. Should they join, you having been truthful about the role will set the foundations a relationship built on trust.
Prioritising your needs
Finally, and I believe most importantly, the person you hire needs to meet your needs as a leader. Having a good relationship with your team is fundamental to your success in reaching your objectives. You need to be able to communicate, trust and depend on each other. To do this, you need to feel like your team are meeting your needs. If you are a structured person, who is keen on deadlines, you want someone who is organised enough to remember them. On the other hand, if you are unstructured and you need support getting yourself organised, it might help to have someone you can rely on in that aspect.
An important part of being a good leader, is being aware of what you need and what you want to achieve. Being able to then communicate this clearly in your job posts, your interviews and finally when you onboard your team, will make a huge difference in the long-term. Know what you want to achieve, and why, and understand how you want to do it. Likewise, you need to understand your organisation’s goals so that you can onboard a team that will help achieve them.
After you onboard
As a leader I find it is key to invest time in your employees’ learning and growth. No matter their skill set and competencies, it is our responsibility as leaders to support our team in reaching their goals. Take the time to identify any gaps in their technical knowledge, and build a training plan with them. Work with them to identify what support they need from a personal competency and business acumen perspective, and work with them to grow in these areas. I find that investing in your team, ensures sustainable and scaleable growth of your function, as it aims to iteratively mature to support business goals.
Read my article on What Good Managers do for more insights on leading people.