Source Level: IC4 Senior This role is Grade 8

I work on large components, applications, security events or security services. I influence team projects. I drive teams to meet security goals.

Scope
Area of ownership and level of autonomy / ambiguity 		Collaborative Reach
Organizational reach and extent of influence 		Competencies
Competencies developed to deliver results
  • I own and deliver medium and long-term goals for my team and organization.
  • I am an expert at identifying the right solutions to solve ambiguous, open-ended problems that require me to prioritize among several different business and team objectives.
  • I define and implement security solutions or efficient operational processes that level up my team.
  • I work on large security problems where the design may or may not be defined.
  • I lead or help define security strategy.
  • I deliver complete solutions to security problems.
  • My solutions align and adapt to multi-year security goals.
  • I am a strong leader for my team. I lead by example, my impact is beginning to extend outside my team.
  • I increasingly optimize beyond just my team by driving cross-team or cross-discipline initiatives.
  • I influence security teams, partner orgs, and service/product owners.
  • I have mastered all key areas of my craft relevant to the problems I’m working on, and effectively choose when to draw from broad array of skills utilized by security engineers to solve security problems.
  • I play a key role in setting medium-to-long term strategy for business-impacting projects.
  • I autonomously define and deliver technical roadmaps of larger projects, often involving cross-team dependencies.
  • I negotiate with teams and partner orgs to strategically solve security problems at scale.
  • I work autonomously with less defined parameters. I negotiate resources and security priorities. I escalate and communicate effectively. I always find a path forward, even when that means re-defining success or learning from failures.
  • I leverage input from product stakeholders and determine the right technical trade-offs to deliver security value quickly.
  • I actively level up less-experienced members across Security by helping them with their craft, providing guidance, and leading by example.
  • I can negotiate effectively, and influence others towards delivering the right security solutions for the organization.

🌟 Results

Responsibility Key Behaviors
Results
  • My understanding of the business context and my team’s goals enable me to deliver significant results and allows me to make independent technical decisions in the face of open-ended requirements.
  • I can identify when my results aren’t moving the needle for our business/team goals, or serving the needs of colleagues in a meaningful way, and I work with manager to redirect my focus.
  • I get work to a simple place by focusing on the heart of the problem and prioritizing the right things.
Ownership
  • I proactively identify new opportunities and advocate for and implement improvements to the current state of projects — potentially having broader business impact across teams or products.
  • I take responsibility for any failures on my project and take action to prevent them in the future. I embrace and share the learnings from those failures.
  • When I encounter barriers, I unblock myself and my team by proactively assessing and eliminating the root cause
Decision Making
  • I make informed decisions by consulting the right stakeholders and balancing details with the big picture..
  • I understand the implications of my decisions and adjust my approach based on the impact and risk (e.g. choosing a more iterative approach based on the degree of uncertainty with respect to product fit, while maintaining a view of the long term arc needed to accomplish business goals).
  • I make timely decisions but I don’t cut corners.

↔️ Direction

Responsibility Key behaviors
Agility
  • I embrace change and adapt quickly to it.
  • I’m able to navigate ambiguity and remain resilient through ups and downs.
Innovation
  • I am beginning to push boundaries to generate and implement ideas that aim to drive our business forward
  • I set audacious goals, take risks, and share lessons learned.
Strategy
  • I define the technical and policy roadmap for complex projects, refining it as the projects progress, and provide leadership for the people executing on the projectf.
  • I define my team’s priorities and secure buy-in in partnership with my manager.
  • I advocate for and evangelize my team’s strategy.

🌱 Talent

Responsibility Key Behaviors
Personal growth
  • I proactively ask for feedback from those I work with and identify ways to act upon it
  • I have self-awareness about my strengths and areas for development
  • I drive discussions with my manager about aspirational goals and seek out opportunities to learn and grow
Hiring
  • I gain the trust of candidates and can represent Roivant’s mission, strategy, and vaules throughout the interview process.
  • I am able to represent my team’s technical challenges to potential candidates in a compelling way (e.g. 1:1 sell chats, blog posts, public speaking)
Talent Development
  • I model integrity and a high standard of excellence for my work and I leverage this to promote quality-of-work on the team.
  • I identify and support areas of growth for my teammates that take into account their skills, backgrounds and working styles.
  • I solicit and offer honest feedback, which is ASK, delivered with empathy to help others learn and grow.

🌈 Values

Responsibility Key Behaviors
Collaboration
  • I build relationships across teams and help get to positive outcomes.
  • I proactively communicate and coordinate my team’s requirements with other groups and teams in and out of IT.
  • I am capable of working with cross-functional stakeholders to identify risk blindspots and clarify ambiguity in their ideas.
  • I do not use blame and solve the right problems, disagreeing and committing when necessary.
Results
  • I take ownership of projects or initiatives and steward them to completion.
  • I am a natural escalation point for my team and colleagues to remove blockers.
Efficiency
  • I consistently identify, propose and implement team and org-wide process improvements that improve the Roivant security posture.
Diversity & Inclusion
  • Working with my manager, I leverage the strengths & skills of the members of my team, and help identify talent gaps required for team success.
  • I act as a partner to my manager in setting the cultural tone for the team. I support an environment where all Roivant colleagues are included and heard
  • I motivate others to bring their authentic selves every day and contribute to building community at Roivant.
Iteration
  • I assist my teammates and colleagues on making consistent progress on initiatives and projects, guiding them to make the smallest changes possible to maintain velocity.
Transparency
  • I tailor my message to my audience, presenting it clearly and concisely at the right altitude.
  • I fanatically write things down, and I proactively share this material to keep people informed and aligned.

🛠️ Craft

I am considered a technical leader on my team. I autonomously engage with product and system owners across Roivant to help create, build, and innovate security defenses. I have an in-depth knowledge of Security and possess a comprehensive view of how the Roivant and Vant Federation environments and services fit together. I focus on large and ambiguous security problems across internal and partner organizations. I take a long-term view and understand the details about my team’s security services and processes. I drive and plan the Security of large, complex, cross-team projects/incidents that could span multiple quarters and often involve numerous security members. I mentor, teach, and influence other members of Security continuously - the scope of my impact is amplified through their successes. My understanding of the business context and organization priorities enables me to deliver in alignment with longer-term security needs, not just immediate requirements.

Responsibility Key Behaviors
Security Execution
  • My work demonstrates significant domain expertise in three or more security domains and secondary specializations, (e.g. infrastructure security, application security, threat intelligence, security operations, incident response, endpoint security, audit and policy, or identity management). I understand the latest defensive capabilities provided by each layer of the stack in my purview and understand when to deploy them.
  • I have extensive experience with multiple methods of assessment, and can make the right call to identify the best approach for a given problem.
  • I design and/or implement structural changes to enforce security requirements and defenses at the scope of an entire system or product.
  • I define and implement a comprehensive strategy to address a security problem, drawing upon a mixture of the necessary first-party, open source, or off-the-shelf technologies to enforce security requirements, detect badness, or defend Roivant and the Vants.
  • I consistently identify and provide solutions for non-obvious issues in the design, implementation, operation, and evaluation of security processes and technologies.
  • I own the response to complex security incidents, or drive strategic remediation initiatives which involve many teams/organizations/systems across the Vant Federation.
  • I track incidents, vulnerabilities, and other security trends over time and effectively incorporate lessons learned into Security strategy and requirements.
  • I effectively partner across the company to define and implement security requirements within a scope spanning several different layers of an infrastructure stack, disparate teams across several organizations, or parallel workstreams of a large scale initiative.
Technology Fluency
  • I apply a comprehensive understanding of the Vant Federation technology stacks and relevant external technologies within my focus. I both maintain awareness and ensure my organization is aware of changes as they occur. I influence the design and architecture choices made by partner-orgs (e.g., system, network, or software).
  • I understand that technology, threats, and responses evolve and use that evolution to identify opportunities to improve security controls accordingly.
Threat Fluency
  • I have a deep understanding of attacker tools, techniques, and processes (TTPs) and the standard defenses/mitigations for them.
  • I am broadly aware of the kinds of defenses and their efficacy at mitigating attacks relevant to Roivant and the Vant Federation.
  • I am continuously tracking and learning about attacks/attackers both inside and outside of my focus area.
  • I am familiar with historical attacks of consequence and the lessons learned from them.
  • I am able to reason about attacker behavior and apply my understanding of TTPs in support of the rest of my job.