Rethinking how small teams do security
Eleanor Saitta founded Systems Structure Ltd. in 2017 after leaving a position as Etsy’s security architect. Dozens of teams reached out looking to hire her, but few of them had the engineering capacity to work with her full-time. Saitta realized many smaller engineering teams needed deep strategic and technical advice, but weren’t in a position to bring someone in house. SSL was founded to fill that gap.
At SSL, we bring both deep technical knowledge and a passion for how teams work together to every engagement. When it comes to strategic security guidance, just having decades of technical experience isn’t enough — you also have to be able to help teams to deliver security outcomes, starting as we do with trusted executive partnerships. We believe that security work must be aligned with business objectives and vice versa to succeed.
We don’t try to be all things to all people. We work with companies that want to build technology the way the Internet does — developer-centric teams that care about the craft of engineering. This doesn’t mean all of our clients are software companies. Some of our strongest client relationships have been with newsroom-focused media companies or in the fintech and biotech spaces.
In all cases though, this means that we work with companies that want to design security into their ecosystem from the ground up — if we liked buzzwords, we might say things like “zero trust” or “ephemeral systems”, but we don’t. We favor solutions that make the doing the right thing easy and that eliminate vulnerability classes instead of just slapping a mitigation in place. We also believe that engineering team structure is critical, and build teams for long-term resilience, not just feature velocity. In our increasingly hostile world, we’ve found these choices to be prerequisites for companies to be able to manage their security exposure — and we want our clients to succeed.