Staff Security Engineer Guide

How to become a Staff-level Security Engineer

StaffEng Security

When I was on my path to Staff, I found tremendous value in the resources available about Staff+ Software Engineering. Despite the relative glut of content however, security was not well represented.

In order to fill this gap, I’ve reached out to numerous Staff+ Security Engineers. They’ve been kind enough to share their stories, in the model Will Larson pioneered.

See the bottom of this page to read their stories.

Staff Engineer

Staff Engineer is a popular title and role now in use across many engineering career ladders.

Over the past decade, it has been popularized by Will Larson on staffeng.com, and in his eventual Staff Engineer book (published in 2021).

As he puts it:

At most technology companies, you’ll reach Senior Software Engineer, the career level, in five to eight years. At that point your path branches, and you have the opportunity to pursue engineering management or continue down the path of technical excellence to become a Staff Engineer.

There are several high-quality resources for current and prospective Staff Engineers, in addition to Will’s:

Staff Engineer Stories

Staff Engineering is often characterized not as a simple extension of Senior Engineer skills and impact, but a categorically different role. This positions Senior Engineer as a “terminal” level, leaving the path from Senior to Staff underspecified.

Hands down the most important contributor to achieving a Staff title was my network and peer/mentor group.

Kurt Boberg

One of the most common and most effective pieces of advice on becoming a Staff Engineer relies on learning about the way the role manifests day to day. If you’re lucky, you will have mentors internally and externally. However, it can be hard to develop that network.

The transition into Staff Engineer, and its further evolutions like Principal Engineer, remains particularly challenging and undocumented. What are the skills you need to develop to reach Staff Engineer? What skills do you need to succeed after you’ve reached it? How do most folks reach this role? What can companies do to streamline the path to Staff Engineer? Will you enjoy being a Staff Engineer or toil for years for a role that doesn’t suit you?

staffeng.com

staffeng.com/stories collects the narratives of how numerous folks have found their way to Staff+ roles. This is a tremendous resource, bridging the gap and demonstrating a diverse set of paths to Staff Engineer.

Staff Security Engineer Stories

Without further ado, here they are:

  • r2c’s Kurt Boberg describes how “network, planning, education” were the most important factors in his journey to Staff.

  • Thirty Madison’s Anshuman Bhartiya has a hot take that “some level of impostor syndrome is absolutely necessary to get to Staff+ levels.”

  • Sr. Staff Infrastructure Security Engineer Bill Weiss elaborates on the Engineer/Manager pendulum across four Staff+ roles.

  • Shopify’s Devina Dhawan talks about the role of mentorship and non-technical leadership in succeeding at the Staff level.

  • Databrick’s Steve Weis discusses how he assumes each of the different Staff Archetypes.

  • former Meta Software Engineer Hasnain Lakhani highlights what it is like to hit Staff as a Software Engineer in the Security domain.

  • Datadog’s Izar Tarandach tells how he fixed an adversarial relationship with a product team.

  • Microsoft’s Lea Snyder covers the importance of building technical breadth and leadership skills on the path to Principal.

Contributing

Are you a Staff+ level security engineer and you’d like to share your story with others?

We’d love to speak with you! Feel free to reach out to directly on Twitter or LinkedIn.