Back to resources

Collaborating With a Cross-Functional Expert

Dev Processes
Internal Communication
Team Processes
Cross-Functional Collaboration

17 June, 2021

Rafal Leszczynski
Rafal Leszczynski

Engineering Manager at Sourcegraph

Rafal Leszczynski, Engineering Manager at Auth0, relied on the help of an assigned expert from the security team to provide context to them as developments emerged and problems arose.

Problem

At my previous job, my team, the product engineering team, was having some trouble cooperating with the security team. We had a lot of interaction with security, mostly concerning vulnerabilities that they’d discovered and new initiatives that we would be collaborating on for the company.

For our purposes, a thorough security review process was essential. The problem that we were experiencing was that there were multiple security engineers reporting their findings to us, and, each time we wanted to have another security review or risk assessment, a different person would be assigned from their end.

Our colleagues from security didn’t necessarily have equal amounts of context when it came to what our objectives entailed. All of the different feedback and suggestions from them were great, but it took a lot of time to bring every new person who became involved up to speed. There was a lot of back and forth and additional work.

Actions taken

We approached the other team and suggested: instead of one of many engineers from their side, assigning only one security expert as our official point of contact. We pledged to invest the time and energy into training them completely on my team and our processes, onboarding them and giving them the knowledge and the expertise needed to function fully in the role.

They would have the opportunity to bond with my team and to build relationships within the company from that perspective. In the long run, we would be able to reduce the back and forth and to have a more common understanding around security problems and our application restraints in order to conduct a more effective security review.

They thought that it would be a good idea. We got our security expert assigned to us. We were already in the process of onboarding a new product engineer, so they were able to go through the process together. We invited this person to all of our outings and social events. In one or two months, we were able to drastically change the way that we worked. We had a new initiative in front of us, and, with our new security expert, all of our security reviews have been really productive and smooth. Ad hoc vulnerability reporting was still done by multiple people as different engineers conducted different penetration tests, but we relied heavily on this one person who was able to provide that context to the security team and to be this kind
of bridge between us and them.

Lessons learned

  • Assigning a specific security engineer to every single team became a company-wide policy after this experience. This unique solution was applied widely and to our advantage as a company.
  • My team really enjoyed having somebody specific to talk to about the problems that they were having. We weren’t just throwing our problems over the wall anymore. We became more equipped to work together and to collaborate effectively.
  • Both teams were able to acquire a more nuanced understanding of both the other side’s domain, as well as the domain that they already were experts in beforehand. They not only had access to more new information on a professional level; there was also this human-to-human interaction that allowed them to move past the distance of a distributed remote environment.

Discover Plato

Scale your coaching effort for your engineering and product teams
Develop yourself to become a stronger engineering / product leader


Related stories

Hosting a successful internal hackathon with < $6k budget

6 February

Internal Hackathons invite team spirit and collaboration which are critical whether an engineering org is co-located or operating remotely spread across 20 times zones. Hackathons give employees the opportunity to connect and network while they solve fun & relevant challenges.

Company Culture
Team Processes
Balki Kodarapu

Balki Kodarapu

Senior Director of Engineering at SupportLogic

The Not-So-Easy Guide on How to grow and develop an Amazing A-Team

5 December

Your Org Team may as well be a Sports team. Let's explore how this cohesive, multi-skilled team can be optimized for Great Group Playoff.

Alignment
Building A Team
Company Culture
Sharing The Vision
Embracing Failures
Team Processes
Jaroslav Pantsjoha

Jaroslav Pantsjoha

Google Cloud Practice lead at Contino

DevSecOps: Why, Benefits and Culture Shift

29 November

Why DevSecOps matter and what's really in it for you, the team and the organisation?

Innovation / Experiment
Building A Team
Leadership
Ownership
Stakeholders
Cross-Functional Collaboration
Vikash Chhaganlal

Vikash Chhaganlal

Head of Engineering at Xero

How to improve engagement and retention in remote engineering teams?

25 October

Mrunal Kapade, an Engineering leader, based in Silicon Valley, shares tips that helped reduce attrition in the remote engineering teams while leading multiple teams from startups to Fortune 500 companies.

Remote
Company Culture
Collaboration
Motivation
Team Processes
Mrunal Kapade

Mrunal Kapade

Director of Engineering at Inspire Energy

How to Maintain Happiness: The Underrated Aspect of Creating Team Dynamic

2 August

Jonathan Ducharme, Engineering Manager at AlleyCorp Nord, encourages the importance of a workplace environment that cultivates mental wellness.

Personal Growth
Company Culture
Leadership
Internal Communication
Psychological Safety
Jonathan Ducharme

Jonathan Ducharme

Engineering Manager at AlleyCorp Nord