Skip Navigation
Get a Demo
 
 
 
 
 
 
 
 
 
Resources Blog Opinions & insights

Embrace the tangles: Infosec career advice from a technical account manager

A Red Canary technical account manager (TAM) walks through the twists and turns he took in his journey from the SOC to a customer-facing role.

Stuart Smith
Originally published . Last modified .

​​If I had one piece of advice for anyone looking for a change in life or career it would be: There is no “right” path. Despite what they tell you in school, career progression (especially in infosec) is nowhere near linear. Success often looks more like a tangled patch cord rather than a perfectly straight, ascending arrow.

Such utopian ideology can give you feelings of restlessness and stagnation. Instead of doing what is expected, pave your own wayward path. You’ll soon see that the “mess” of the unconventional is what brings about purpose and opportunity.

Finding my way

Prior to joining Red Canary, I worked in a security operations center (SOC), developed incident response (IR) programs, and served as an IR consultant for a number of years. I dealt with a wide variety of scenarios ranging from ransomware to cyber extortion and insider threats; all of which required aptitude in digital forensics. Figuratively speaking, I was in the pit—an operator’s operator.

It wasn’t until I was in the eleventh hour of signing on with a prominent web browser company to do much of the same that I realized I wanted to expand my career options. What it came down to was the need for the following:

  • challenge
  • balance
  • purpose

Don’t get me wrong, I loved being in the trenches, but I knew there was something better out there that aligned with my unique requirements and perspective. It was during this defining time that I found technical account management or, more accurately, it found me. I haven’t looked back since!

So, what does it take to be a TAM?

As a technical account manager (TAM) I guide consulting partners—companies Red Canary partners with to co-deliver IR engagements—to a better tomorrow. These firms often come to us to help them deliver IR after one of their clients has experienced a critical attack on their network. So, as you can imagine, technical know-how is a just prerequisite. Empathy, accuracy, transparency, and timeliness are really the keys to success.

Anyone with a background in digital forensics, IR, and SOC work would be a good fit for a TAM. A huge part of this job is being able to relate to your customers; this includes understanding their operational workflow and business objectives as well as being able to think from a customer’s perspective. By having this understanding you can begin to anticipate their current and future needs.

“A TAM is really a trusted technical advisor to our customers. These are individuals who can build relationships and rapport in a consultative manner. They also possess the skills necessary to understand a customer’s technical landscape and resolve complex issues within unique environments.”

Rachael Jackson-Leidig, Sr. Talent Recruiter at Red Canary

How to TAM

Walk the walk

To be an effective TAM you need to have an understanding of the following:

These concepts will inform discussions with customers regarding a new feature or product that could positively affect their investigative workflow or will aid you if you need to troubleshoot an issue. For example, if a customer reports certain process information isn’t being recorded in endpoint telemetry, you can use your understanding of endpoint detection & response (EDR) products to determine if that data is typically captured by an EDR product or if it’s something that’s best collected by endpoint forensic tools. Technical expertise can also be useful when you need to automate a process to improve workflows.

Talk the talk

As customer-facing personnel, TAMs need to feel comfortable communicating their technical ideas in layman’s terms while also holding conversations with external stakeholders. We’re constantly educating customers on how to best leverage new and existing Red Canary features, as well as new features in EDR products that add additional value. This manifests in recurring meetings with our customers to cover important technology updates and to align on their long-term needs. In addition, we often conduct a variety of educational training, such as product demonstrations and even backend architecture overviews.

Build the bridge

TAMs are unique in the way that we work across all aspects of a business. We interface with sales, operational technology, detection engineering, and even other EDR vendors. As such, it is vital that we relay information to our internal teams to get important customer issues resolved. This could include resolving urgent issues in our code base that are affecting a large portion of our customers or coordinating with our engineering team to resolve a long-standing customer issue. A key part of this includes anticipating and understanding the needs of your customer and finding a way to fulfill those needs as soon as possible.

Blazing a trail

In my case, the transition to TAM really wasn’t that far of a leap, though it is definitely a road less travelled by people like me. More importantly, the opportunity wasn’t even on my radar until I found Red Canary. The point is, there are far more opportunities out there than the conventional career pipelines that have been advertised. My transition definitely put that into perspective and allowed me to leverage my previous experiences to provide exceptional customer service by anticipating and advocating what our customers need.

Recently, we had a customer who experienced an issue with one of our automation features. This issue would have impacted their ability to respond to threats. Realizing that this would have a substantial impact on their business, I reached out to our engineering team as soon as this issue was discovered. We were able to get this resolved within a few hours and prevent the customer from spending extra resources over the weekend to monitor for threats.

You may be wondering if becoming a TAM has fulfilled me. The answer: Absolutely! Knowing that I am effecting change makes every day of this job worth it.

So, this is my PSA for anyone reading this: If you are looking for a change in your career, seek out a road less travelled, or start weed-whacking to create your own. Chances are, you’ll stumble into something far more fulfilling than the path you’re on.

 

Why CISOs under consolidation pressure are embracing Microsoft Security solutions

 

How AI will affect the malware ecosystem and what it means for defenders

 

Why Taylor Swift fans should work in cybersecurity

 

Drawing lines in the cloud: A new era for MDR

Subscribe to our blog

 
 
Back to Top