I too have experience of changing roles. For one startup I’m the DPO, focused on data privacy issues and spending most of my time on working with customers and suppliers on compliance and audit issues. For other contracts I’m the ‘security guy’ who has to design and implement the controls that protect data. But the most challenging role change is as CTO where the priority is to get to market quickly…:
Security engineering and software engineering teams have much to learn from each other, as two Salesforce employees learned in a “professional role reversal” that taught them how both teams can work together more efficiently and better collaborate on building secure software.
As part of the swap, principal security engineer Craig Ingram was dropped into the Salesforce runtime team. Principal infrastructure engineer Camille Mackinnon joined the platform security assessment team. In a Black Hat briefing on Aug. 5, the two shared stories and lessons learned.