Technologist Management: Rock v. Hard Place

The other day I had a conversation about management. A key question was, is leadership one of those things that once you're a leader in one area you could lead (basically) any organizational function?

Who leads is the most important determinant of an organization's success. Not everyone should be a leader, and not everyone wants to be a leader. What those three statements say about the nature of management and leading is critical, especially for a technical function such as cybersecurity.

First, leaders need to be technically credible. Maybe it's 50% of the job, maybe less. Regardless, your technical people are not going to buy into what they are asked to do if the boss doesn't understand what the team does for the organization.

A lot of organizations stop at that point & decide that the best technologist/coder/etc would do just fine as a leader.

Bad idea.

What about that part of the job that is not technical? 

You have some cold realities as a manager of a technical team. Your natural inclination is to be the "senior-doer." That is a path to failure for two reasons. First, you must lead, not do technical work; second, it indicates that you are reluctant to make the hard decisions about the "3Ps" (performance management, prioritization, and office politics) that are -- sorry! -- what you spend the vast majority of your time dealing with at work as a manager. 

[I used to work with one person who actually enjoyed those parts of the job. To quote Mr Spock of 'Star Trek' fame: "Fascinating!"]

But as a manager you also have to create the success climate of the team you lead. A new study we've seen focused on what are referred to as "quality jobs." These features may sound odd or irrelevant to cybersecurity work. Do technologists care about whether they have a quality job, after all?

We propose that what makes a job a quality job, even in cybersecurity, are meaningful:

• “Fair pay, stable employment and benefits that meet basic needs and reduce financial stress.”
• “A safe, respectful environment free from discrimination or harassment.”
• “A clear path to build skills, gain experience and advance in one’s career.”
• “Influence over decisions that shape one’s job, such as pay, working conditions and implementation of technology.”
• “A stable, predictable schedule, a manageable workload, and meaningful control over when and how work gets done.”

This is subtler than it sounds. You have schedules, processes, end-users, etc; who cares whether your team has a "quality job"? And further if your next thought it "They should feel lucky to have a job!"...well...remember, people with skills have options.

Technical skills matter for first-line supervision, and they're good to have for mid-level managers. But once you get past the level of project leadership what matters increasingly is the capacity to engage in the "3Ps", and then as a mid-level manager and executive we look for you to create a quality job experience for your people. 

You have to do all of that and meet targets, quotas, end-user demands, etc. 

Leadership is not for everyone, and organizations that hold out for quality leaders -- not the hardest-working technical hire -- get rewarded with the best leaders.

Ask us how we can help you focus on what really matters in cybersecurity leadership.