+00:00 GMT

Leading beyond domain expertise & laying early-stage security program foundations

with Matt Spitz

June 13, 2023


Matt Spitz is the Head of Engineering at Trust Management Platform provider, Vanta, where he helps companies practice better security. Previously, he co-founded and led Dropbox's NYC office, started a company, and has built and scaled diverse engineering teams solving complex product and infrastructure challenges. He lives in San Francisco and rides his bike to work.

"The value that I can provide to all these departments is visibility and context. The perfect strategy for support or something like security doesn't exist. It's contextual, right? And the things that we are trying to do as a business, the things that are happening outside of those departments that maybe I have visibility into, that is value that I can provide to those people in shifting their strategy and setting the right strategy that's contextually appropriate.”

- Matt Spitz   

Join us at ELC Annual 2023!

ELC Annual is our flagship conference for engineering leaders. You’ll learn from experts in engineering and leadership, gain mentorship and support from like-minded professionals, expand your perspectives, build relationships across the tech industry, and leave with practical prove strategies.

Join us this August 30-31 at the Fort Mason Center in San Francisco

For tickets, head to https://sfelc.com/annual2023


  • Matt’s observations around leading beyond your expertise (2:45)
  • Leadership tactics to employ when transitioning to a role outside your expertise (5:02)
  • Matt's transition from Dropbox to Vanta (7:31)
  • Paradigm shifts when transitioning between large & small orgs (9:01)
  • How to improve in leading teams beyond your skill set (11:01)
  • Recommendations for probing / gathering information from experts (13:19)
  • Matt’s experience leading a successful security program before hiring an expert (15:27)
  • Strategies to maximize the area of security as an individual (18:27)
  • How to lay the foundational elements of an early-stage security program (22:14)
  • Knowing when your org is ready for a domain-specific expert (24:05)
  • Indicators to identify when seeking an expert (25:12)
  • Frameworks for hiring / managing an expert beyond your domain (27:03)
  • Evaluating culture fit in hiring security experts (28:54)
  • Effective communication strategies when working with various domain experts (31:44)
  • Setting the right technical direction when you’re not the expert (34:40)
  • Rapid fire questions (36:22)


This episode wouldn’t have been possible without the help of our incredible production team:

Patrick Gallagher - Producer & Co-Host

Jerry Li - Co-Host

Noah Olberding - Associate Producer, Audio & Video Editor https://www.linkedin.com/in/noah-olberding/

Dan Overheim - Audio Engineer, Dan’s also an avid 3D printer - https://www.bnd3d.com/

Ellie Coggins Angus - Copywriter, Check out her other work at https://elliecoggins.com/about/

Dive in
Building & leading a combined engineering & security org
Apr 16th, 2024 Views 122