Security startup confessions: Hiring and firing
My name is Kai Roer and I am a co-founder of a European security startup, and these are my confessions. I hope you will learn from my struggles, and appreciate the choices startups make when security matters. I will share experiences from my own startups (my first was in 1994), and things I have learned by watching and advising numerous other startups around the world.
Building a great team is critical for any startup, and organizational culture matters in any organization, no matter the size or sector it operates in.
In many ways, the process of hiring somebody has many similarities with a budding romance: things can start with a crush, and everyone is happy and ready to rumble. But, as time goes by, both parties will discover things about the other.
Some of these discoveries may be agreeable, like when I discovered that a developer we had hired had great skills in business development, and as time went by, the person transferred into a business development role.
Other times, the things you learn about the other are not so nice. For example, when someone with a great CV and what looks like years of great experience turns out to be unable to work with others. Or you discover that a leader you hired is unable to delegate tasks, or is clearly lacking people skills.
That is why when I hire, I look for cultural fit. And when I fire, I do the same.
To me, cultural fit means an eagerness to succeed, a hunger to learn, and transparency in communication. Also, courage to try, and the ability to accept responsibility that comes with failure. In other words, I am a fan of the Fail Fast paradigm.
This approach also means that I am willing to take chances on people. Part of our hiring process is testing for cultural fit, and often the only way to do that properly is to add the person to the team, and see how he or she performs.
A while ago I worked with a person who, at first, ticket all the boxes for a good cultural fit: he was willing to put in the extra effort, he seemed to be spending time learning, and he communicated well. Some time later, I started getting signals from other parts of the organization telling me that this guy was communicating too well: he was telling me one story, and a completely different one to the rest of the team, effectively undermining our operation.
In situations like this one, I believe in being swift and direct. After collecting proof, I confronted the guy, offered him an opportunity to explain, and then told him that there are two ways to go forward: he can change, or he can leave.
I’m a big believer in learning, and to me, that also means to offer people the opportunity to learn. But while I can hold a person’s hand (so to speak) while they learn, I cannot learn on his or her behalf.
Over the years, I have seen some amazing growth from those who accepted the challenge, and put in the hard work to change their ways. More often, unfortunately, people choose to stick to their old ways.
Adding or losing team members is especially taxing for small teams. Being transparent and open about these processes, and encouraging the team to be open and transparent, creates a resilience that builds trust and respect.
With mutual trust and respect, we are less likely to nurture bad habits, insider threats and disgruntled employees. More importantly, if and when these things emerge, respect and trust lead to earlier warnings, and therefore to the opportunity to deal with these issues before they become critical.
Finally, sometimes you have to carry out orders of someone else. A few years ago, I was told to fire a salesperson who did not perform according to expectations. I disagreed with the order, and tried to explain how the guy was actually doing a great job, but to no avail. I had to tell him the bad news, and deal with the clean-up afterwards.
What I learned from being forced to fire a team member who did indeed deliver as expected, is that management does not always see what is going on in the trenches. The opposite is sometime true, too – perhaps, in this case, the management saw something I did not see at the time.
How you approach hiring and firing matters a lot. I believe that as a leader, you have a lot of responsibilities that you cannot – and should not – delegate. If you want to build and maintain a great organizational culture, you need to be swift in handling people who don’t fit in. The longer they stay, the heavier is the burden on the whole team. And the longer the exit, the harder it is on everybody.
Other columns from this series:
- Security startup confessions: How to tackle outsourcing
- Security startup confessions: Building a team
- Security startup confessions: Let’s talk about channel management
- Security startup confessions: Limited funds and their impact on security
- Security startup confessions: Choosing a tech partner