• United States




9 superheroes for crack security teams

Apr 18, 20175 mins
CareersData and Information SecurityHacking

Want to beat the odds when meeting your next security challenge? Security teams work best when these roles are filled

As a traveling enterprise security consultant, I get to see security teams at their best and their worst. Under stress, some teams work like a well-oiled machines, while others devolve into inefficient, finger-pointing bureaucracies.

Every great computer security team has a synergistic collection of skilled professionals who work well together to meet common goals. The team may debate a solution, but once a decision is made, everyone works hard to execute with no hard feelings. Good teams expect constant change and disruption. They know whatever it is they are trying to accomplish will likely be harder than anticipated.

When I encounter successful teams, distinct roles emerge among the group. Different organizations require different mixes of players, but these archetypes pop up again and again.

The hacker

Any good computer security team needs to have one or more hackers. These are the men and women who have hacking in their blood. They were hacking before they joined the team and will be hacking for life. Most have never broken a law while hacking—that is, they’re “white hats”—but love the thrill of circumventing security measures. They use hacking tools and methods, and they know how hackers think. They’re the members of your “red teams”: penetration testers and the people who know what needs to be done to secure an asset.

The coder

Every team needs a person who can code nearly anything—mainly because they hate to do anything manually twice. They can program in many different languages, even if they have a strong preference for one. They have tons of other scripts and programs they can pull from and usually know data structures and how to access different networks like the back of their hand. Coders are worth their weight in gold. Sometimes they’re very personable, and other times they work best in the quiet of their own workspaces.

The realist

The realist knocks down vendor marketing hype in a New York minute and knows what can and can’t be done in the organization within a given timeframe. A realist can help block bad ideas or even good ideas that will never make it to fruition due to politics or funding. Don’t confuse the realist, though, with the department cynic who knocks down every idea and proposal. Realists emerge as they correctly predict outcomes—and help the team waste less time and fewer resources.

The teacher

You need a good educator, someone who talks effortlessly to users in a way that encourages learning. Although good teachers can certainly be made, it helps to have someone who seems to have teaching in their blood. These are the people who should be in the classrooms, making educational materials, and functioning as the user liaison for new rollouts. If you come across a good teacher, make sure they have the resources to do what they do best, even if that means providing a new classroom or expensive equipment to help them do a better job.

The interfacer

This person is well-liked and uses that charm to reach out to other departments. They personally know the various team managers, as well as their hot-button issues. They can reach whoever needs to be contacted without being bound by the company’s official hierarchy. Often, they create critical links that get big projects done.

The project manager

Good project managers are worth their weight in gold. They start meetings on time, take great notes, hold people accountable, and help everyone meet their goals and deadlines. They’re also unafraid of becoming the hammer when something needs nailing. To appreciate a good project manager, all it takes is suffering under a bad one for a project or two.

The documenter

Let’s face it: Some people write better than others. Some employees hate writing—especially big, long, boring reports. Others excel at and even like it. They should be your report writers and policy documenters—and may even help the teacher with educational content.

The historian

It’s always good to have someone on the team who has a long institutional memory (assuming they’re hardworking and not merely waiting to retire). These people know where the bodies are buried. They can explain that weird thing you’ve always wondered about and understand what did or didn’t work in the past—and what to avoid. One note of caution: Historians sometimes miss that tried-and-true solutions generally have an expiration date. When management is looking for a new skill or direction, it’s likely to pass over the historian. 

The futurist

This is the person who’s always on top of the latest trend. When you bring up a new technology, they’ll tell you they’ve been reading about it in InfoWorld for at least a year and send you links to articles. You need the futurist to keep you up to date on the latest trends—tempered by the realist, so the team won’t go chasing after every new buzzword.

Many hats

It goes without saying that the best team members can fill several roles at once. Simply a handful of these A players can yield an awesome team. Get too many people with the same strengths, however, and your team will likely suffer conflicts. No one has a perfect team, but striving for a careful balance of roles can get you at least halfway there.


Roger A. Grimes is a contributing editor. Roger holds more than 40 computer certifications and has authored ten books on computer security. He has been fighting malware and malicious hackers since 1987, beginning with disassembling early DOS viruses. He specializes in protecting host computers from hackers and malware, and consults to companies from the Fortune 100 to small businesses. A frequent industry speaker and educator, Roger currently works for KnowBe4 as the Data-Driven Defense Evangelist and is the author of Cryptography Apocalypse.

More from this author