We’re working to make information security a core competency of every startup. We envision a world in which startups have access to great information security, are empowered to focus on their business instead of on compliance, can scale faster and more efficiently, and are confident that they’re creating quality products.
Each team is asked to select, explain, and rank their top 8 values in order of importance.
Impressive Team Members
Our team members have founded non-profits, written novels, and amassed decades of combined coding experience.
We’ve toured the country playing music, performed SOC and ISO audits, and run professionally. We are a team of pet (and human) parents, entrepreneurs, and amateur bread bakers. While we’re proud of our collective personal and professional accomplishments, we believe what makes us most impressive is how each member of our team embodies Aptible’s company values.
We take our values seriously and are constantly blown away by the degree to which our team lives by them. As one of many examples, we measure commitments through company-wide OKRs that are then translated into OKRs at the team level. Those team level OKRs are then divided into weekly/sprint level goals. We hold each other accountable by having daily syncs, and as part of the larger Aptible organization, during our weekly all-hands meetings where we discuss how each team and the company are tracking towards our goals.
Everyone at Aptible loves the mutual support and camaraderie of a strong team that wins together. We measure our commitments carefully and hold each other accountable, which means we’re able to deliver more to our colleagues and customers in the long run. We fail often and early, and learn from it. We value and respect teaching as the best way to learn, and make time to share information openly. We think and talk a lot about how we can improve, and work hard at it. We ask “why?” a lot in order to understand root causes.
Bonded by Love for Product
We love solving problems in original ways that delight our customers and scale as we pursue our mission to build trust on the internet.
We have two products. The first is Deploy, which automatically implements the security controls you need to achieve regulatory compliance and pass customer audits. The second is Comply, which organizes and automates security and privacy management into clear, simple processes that give businesses and their customers confidence. We lead with design, meaning we hold every feature accountable to the day-to-day experience of the person whose life that feature is intended to improve. We talk in terms of loving our customers and building product that they can’t live without.
We set an equally high bar for maintainability, evolvability, and performance. We codify our engineering principles in an Engineering Manifesto, and we acknowledge and accept trade-offs involved with keeping high standards.
In order to feel ownership, everyone needs to have as much context as possible so that they can be trusted to make the best decisions possible. We have “Brown Bags” about Security and Compliance topics to turn everyone into a subject matter expert, and we all take turns leading teaching sessions about different areas of our product to help bring other team members up to speed. We avoid siloing knowledge at all costs and because we are a remote company, we always make sure that information is both documented and easily shareable to all team members.
When it comes to specific work-to-be-done, individual engineers start with either broad requirements (for big projects) or a specific User Story to solve. In both cases, we’re responsible for designing a plan of attack, getting input from other team members, and seeing the work through to completion. For example, David was the engineering lead for our move to a task and notification-based set of features (a massive undertaking). Armed with just a set of user stories and aspirational designs, David collaborated with other engineers, the product lead, and the design team to propose an architectural plan. After getting the team’s input, David then turned around and implemented those plans. He even sat in on calls with beta-testers to see how the feature was actually solving user’s needs.
Individuals who are proactive and who ask for help when needed flourish in this environment, and it leads to more coherent product development. The benefit of this start-to-finish ownership is there is never a dull day at Aptible. Folks who work here tend to love crossing boundaries into other product areas – ideating, interviewing customers, UX/UI design, testing prototypes, architectural design – to get the additional context they need to take ownership over their deliverable.
Fosters Psychological Safety
We often talk about how psychological safety is the key to thriving work environments.
The science of high-performing teams is a topic of interest here at Aptible, and we’re constantly thinking about how to build the best work environment. We believe emotions belong in the workplace, which is why every new employee completes our workshop, “Aptible 102: Communicating through Disclosure, Feedback, and Conflict” within their first two weeks on the job. Instead of asking everyone to conform to one particular work style, we also encourage each other to share our personal and work style preferences.
We check in with each other both qualitatively and quantitatively, too. Each team member has a weekly 1:1 during where they can discuss anything with their manager. As a team, we also conduct a bi-yearly Team Experience Survey to understand how we’re doing as an organization. One of the key components that we assess is Team Psychological Safety. We ask questions derived from the work of Amy Edmondson, PhD – the scientist who developed the concept of psychological safety – to understand how the team is feeling about taking risks, asking for help, and making mistakes at Aptible.
We’re very proud of what the results say about psychological safety at Aptible today! Our most recent results show that our team feels overwhelmingly positive when asked about various aspects of psychological safety, something we actively work hard to protect:
Psychological Safety at Aptible: Results from our Team Experience Survey (March 2019)
In order to communicate effectively with each other, we’ve established and written down a set of norms for when we communicate.
These norms are especially important to us at Aptible since most of our communication happens over Zoom, Slack or email. Being remote forces us to communicate in a way that working in person may not allow. We often create explanatory collateral rather than simply pulling a co-worker into a meeting room and we’ve developed a culture of permanence and accessibility around documentation that we are confident will be invaluable as we scale. Being remote requires that communication between teammates and teams more broadly is thoughtful and intentional each time.
Whether it's the daily scrum standups (we’re constantly working to streamline and improve the efficacy of these), weekly 1:1’s (where you have free reign to set the agenda with your manager), or our Weekly All-Hands (where we come together as a team to hold ourselves accountable to our goals and enjoy some face time — we call it The Win Column), here are a few of the general practices we promote to ensure positive and effective communication:
Establish clear goals. The goal doesn’t necessarily need to be a deliverable; it could be “brainstorm,” “get aligned,” etc. — the only requirement is that every participant is clear and agreed on the goal(s).
Clearly articulate the purpose and desired outcome of the meeting. Distribute the agenda and/or deck, so participants can review in advance.
Identify and rotate roles. This might mean rotating functional roles — like “MC,” “scribe,” “timekeeper,” etc. It also could mean experimenting with rotating communication roles, like those described in Kantor’s Four Player Model of Communication.
Be present. Core behaviors include: Participate in meetings, Don’t check Slack, email, etc. Focus your attention on speakers and make appropriate eye-contact.
Constantly seek to improve meetings to make them more useful. Identify when scheduled/recurring meetings have outlived their purpose and cancel them.
There are many more norms where those came from – including more tips on how we use Slack and Zoom effectively and with empathy. If you’re interested, please reach out and we’d be happy to share our thoughts!
The Aptible Team at our 2018 Offsite in New York City.
We praise those who give feedback early and often.
Whether it’s informally in meetings, via our Slack #thanks channel or during our weekly All-Hands, we care deeply about feedback. We put effort into being good at giving feedback: When we give feedback, we make each other feel big, not small.
Feedback is essential for effective communication and psychological safety. However, giving feedback can be difficult to do. Giving or receiving feedback can be uncomfortable and there's always a risk of triggering defensiveness if not done thoughtfully. As a result, feedback loops close and collaboration suffers on most teams as they grow. We care deeply about giving and receiving feedback in a way that makes others feel big not small.
We put a lot of energy into developing good practices at Aptible, and building a culture of feedback. We hold workshops on giving and receiving feedback. We then apply our feedback skills during weekly 1:1’s, during our All-Hands meetings (where teams present on how their work is tracking against that quarter’s OKRs), and in our everyday interactions.
Flexible Work Arrangements
As a distributed team, we enjoy the flexibility of working from home, local co-working spaces, or our favorite coffee shops.
We work across every time zone in the United States – most people work online between 9am and 6pm in their local time zone. Ultimately, we care more about the impact we make than the number of hours we put in.
At Aptible, we praise focus and seek leverage and plan our work to make the biggest impact with the least amount of precious time. Sleep is leverage: We believe in getting enough of it. Health is leverage: We take pride in our physical and mental health benefits. It will take years to reach our most ambitious goals, so we aim to perform at a high level over a long period of time.
Think about something that you've wanted to accomplish but simply haven't found the time for. Working remote adds a few more hours into the "life" part of the equation, whether its being able to learn a new language, take your dog for a midday stroll or have more quality time with loved ones.
Left: Aptible Team Member, Mia Lopez, on a recent trip to Italy. Right: Tasia Johnson, with her youngest.
Ideal for Parents
Working remote also allows those of us with children to maximize our time with them.
This could take the form of being able to take on carpool drop-off rather than an hour long commute in the morning, or the ability to run to a midday event at school without having to take a full day off. It could also mean writing your next bit of code while your child plays next to you. We believe that just as sleep and health are leverage, so too is being able to take care of the things that are most important to you.
In terms of benefits, we offer job-protected Paid Time Off—12 Weeks, Fully Paid—for all parents to bond with a newly born, adopted, or fostered child.
Aptible Team Member, Shah Kader, with his son on a recent All-Hands (via Zoom).
Impressive Team Members
Bonded by Love for Product
Fosters Psychological Safety
Flexible Work Arrangements
Ideal for Parents
2 Customer Reliability Engineers (Aptible Deploy)
1 Product Management Lead
1 Service Reliability Engineer (Aptible Deploy)
6 Software Engineers (Aptible Comply)
1 UX Software Engineer
1 VP of Design
For Comply: JS, React, Ruby, Flow, Postgres. For Deploy: Cloud IaaS (AWS), Docker, PostgreSQL, Redis, sqlite.