Friday, July 11, 2025 — Meeting Recap

Cybersecurity Rotational Programs Discussion

The meeting began with introductions from new attendees, including Brian McClellan, who manages principal architects at Wiz, and Armando, who is in a rotational cybersecurity program at a company in Chicago. The group discussed the benefits of rotational programs in cybersecurity, with Armando sharing his experience in secure design and upcoming rotation in product security. Shawn emphasized the importance of networking within the group for career development. The conversation ended with Stryker mentioning a rotational program at his company, highlighting its similarity to Armando's experience.

Geico's CDP Program Overview

Stryker discussed Geico's CDP (Cyber Defense Practitioner) program, explaining that they typically get 2 CDPs every 6 months who work on threat intelligence platforms and automation projects. He detailed the onboarding process, which includes 2 weeks of shadowing and a living document of requirements, emphasizing the importance of making new CDPs comfortable taking action and asking questions. The program rotates CDPs every 6 months, during which they participate in quarterly and monthly report assembly, and Stryker noted that while 6 months might seem short, it provides enough time for meaningful contribution while maintaining flexibility for team needs.

Cybersecurity Training and Onboarding Challenges

The team discussed challenges in cybersecurity training and onboarding, particularly for new hires with theoretical knowledge but limited practical experience. Stryker explained their approach of shorter rotation cycles to provide broad exposure across teams while identifying potential long-term employees within the first six months. Neil emphasized the importance of creating a safe environment where employees feel comfortable asking questions and making mistakes, which is crucial for both personal growth and enterprise security. The discussion concluded with examples of real incidents where mistakes led to significant technical issues, highlighting the value of learning from accidents and fostering a culture of openness.

Effective Question-Asking in the Workplace

The group discussed the importance of asking questions in the workplace, particularly for those early in their careers. They emphasized that it's okay not to know everything and that seeking help is a sign of strength, not weakness. Tyler shared a document on how to ask questions effectively, which includes providing context, showing your work, and asking in a way that's easy to answer. The discussion also touched on the role of mentors in helping junior employees grow and the need for both mentees and mentors to be respectful of each other's time. They agreed that while it's important to create safe spaces for learning, it's also crucial to be able to navigate toxic work environments.

Challenges in Feedback and Management

The group discussed challenges in mentoring and managing colleagues who struggle with taking constructive feedback, particularly in writing and editing roles. Stryker shared her experience with an employee who resists her editorial guidance, while Jay emphasized that company writing is not personal expression but corporate copy subject to review and revision. The discussion concluded with Brian sharing his approach to managing a senior developer who lacks respect for him, and Shawn highlighted Wiz's success through strict hiring criteria focused on cultural fit rather than technical expertise alone.