Taro Logo
Profile picture

Tech Lead Q&A and Videos

About Tech Lead

Becoming a tech lead is the most common growth path for software engineers as they grow to senior and staff levels.

Mapping a Road to Success as a Security Engineer

Senior Security Engineer at Taro Community profile pic
Senior Security Engineer at Taro Community

I have read several articles on becoming a Staff Security Engineer or Principal Security Engineer, and I understand that career growth is not just about personal aspirations but also about aligning with the organization's needs. In my current situation, my goal is to increase my visibility within the organization. I believe I've spent enough time working internally, but a significant part of my visibility in the security community is still pending. My ultimate goal is to enhance visibility, establish a brand as a security engineer, exert influence, engage in cross-collaboration projects, and grow my presence in the community. To boost visibility, I realize I need to engage with the community by writing blogs, creating tools, giving talks, and attending conferences.

I've observed exceptional performance by certain engineers and have often wondered how they can think outside the box, achieve skip-level promotions, and grow exponentially within the company. Do they have mentors? How can one find a mentor, and how do you determine if you need a mentor?

How can I start this journey and find the motivation to do so? Additionally, how can I maintain consistent motivation, as motivation may fluctuate? For instance, after two weeks of hard work, there might be a dull and weak period, and then you need a kickstart to regain the curiosity you had the week before.

I do find curiosity in my current role and the nature of work as an Application Security Engineer, but sometimes I also think, should I explore a bit of change towards offensive security or red teaming?

Furthermore, my personal passion and motivation always lead me towards delving into technical aspects. How can I align more with the business needs of the organization and develop my business acumen skills? How can I develop multiple skills to operationalize application security engineering in a team?

In my current location, there are limited job openings for security engineering positions, making it challenging to switch roles. What are other possible options for me in this situation?

In summary:

  • Is there a roadmap to grow as a security engineer within the organization, gain influence, create a personal brand, and secure promotions?

  • How can I enhance my visibility in the security community and maintain consistent motivation?

  • If I find myself stuck in my current role, because of limited openings in my current location, what alternative things can I explore?

  • Given that many interviews for security engineer positions now include coding rounds, is there a structured pathway for enhancing coding skills specifically tailored for security engineers?

  • How can I maintain consistent motivation, as motivation may fluctuate?

  • How can one find a mentor, and how do you determine if you need a mentor?

  • How can I develop multiple skills to operationalise application security engineering in a team? What does even operational excellence mean?

Any insight will be highly appreciated.

Show more

What resources do you recommend to learn more about engineering management and leadership especially in a startup context?

CTO at Early-stage startup profile pic
CTO at Early-stage startup

I recently became CTO of a small early-stage startup where I'm leading all technical efforts, including by still doing some coding, but am mostly managing other engineers and focusing on the broader technical needs of the company. Previously, I was a technical lead and IC at startups where I had led small teams of other software engineers on product development, but was more in the weeds technically/coding a lot and was not responsible for people management. I'd like to learn about resources I can utilize to further develop my engineering leadership and people management skills.

What resources would you recommend to learn more about the following:

  • How to build people management skills as a first time engineering people manager? Are there open source or free trainings or resources that are good for this?
  • The latest engineering leadership topics, especially in a startup environment (e.g. how other leaders are tackling common technical and leadership challenges)
  • How to meet or connect with other engineering managers/leaders (e.g. startup CTOs, VP of engineering, or technical founders) outside my company to learn from their experiences or share lessons or knowledge with each other

Interested in any types of resources including blogs, podcasts, YouTube channels, or virtual or in-person communities or meetups (particularly in NYC) etc. I have some favorite resources so far, but it would be great to learn about what resources others in the Taro community find useful. Thanks!

Show more
1 Comment

What do mobile testing strategies look like at top tech companies?

Senior Software Engineer at Series E Startup profile pic
Senior Software Engineer at Series E Startup

I work in as an iOS engineer. My current company is a startup that's scaling up fast. In classic startup fashion, testing was historically not a top priority here. As a consequence, we struggle with lots of manual QAing and low code confidence when modifying pieces of poorly tested legacy code.

This has improved in the past year simply by unit testing every new piece of code by default and by introducing unit tests in legacy code as we touch it, boy scouting style.

At this point, I think we need to step it up and I'm looking forward to formalising a testing strategy for our mobile team.

Here are some ideas I have:

  • In the realm of unit tests:
    • I want to introduce API contract tests because our back-end API lacks documentation. In these tests we'd unit test the way we build our requests to API endpoints, and we'd have a sample JSON response from the server to test that the app can parse it into our data models as expected.
    • I want to introduce localisation tests because our app supports many languages but we are always manually testing localisation. In these tests, we'd assert that the outputs of our formatting logic are the ones we want for different locales.
  • In the realm of user interface tests:
    • I want to introduce snapshot testing, because right now the only way we can test that our views are rendered as expected for different view configurations (for example RTL vs LTR, empty content, loading content, content in verbose languages, etc.) is manually.
    • I want to introduce UI tests (sparingly, only for key flows) because we have no e2e tests. Currently, key flows are tested manually and frequently to prevent regressions, which takes lots of time.

What other testing strategies can I propose to establish some standard we can use to further improve our code confidence, reduce bugs, and rely more on automated testing?

How do the top tier tech companies approach mobile testing?

Show more

How to convince my engineering org to participate in large-scale migration?

Senior Software Engineer at Series C Startup profile pic
Senior Software Engineer at Series C Startup


(1) My team owns a service for which we're rolling out a new version with a big revamp of all the public interfaces and a ton of breaking changes.

(2) This is a legacy system that is being refactored to resolve some severe issues that its consumer systems have been complaining about for a long time.

(3) This service has many consumers in our org across multiple teams that depend on it for a lot of critical functionality.

(4) We need to migrate all consumers to the new service. My team cannot parallely support both the versions and the legacy system has to be deprecated before the new service deployment.


(1) Originally, the plan was for my team to roll out the new service and migrate all of the consumers to the new service as well.

(2) Now, we've had a huge scope expansion in the refactoring itself due to which the project timeline has extended massively.

(3) My team feels that working on such a long timeline project is risky and prone to further scope expansion if new consumers start using the old legacy system in the meanwhile.

(4) Another challenge with this is that my team has no context or understanding of all the consumer systems.


(1) What approach can I use to now change the plan and convince the managers/tech leads of the consumer teams to own the migration of their consumers code to the new service?

(2) In general, what approach would be ideal for such a large-scale migration - Centralized migration by the service provider team vs distributed migration by all the respective consumer teams?

Show more
1 Comment

How to thrive in a new role that's much bigger than what I'm used to?

Senior Software Engineer [L5] at Google profile pic
Senior Software Engineer [L5] at Google

What should I think about and focus my efforts on when I get a project and a role that's of (1) bigger scope and (2) tighter deadlines than I'm used to?


A reorg has suddenly thrust me into the TL role for a very high-profile project on a new team. This project is part of OKRs 4 levels up the chain and has the eyes of several director level people across different functions. From what I've heard, this project already suffered from "too many cooks in the kitchen" syndrome, and on top of that, this project has delivery date set in Q3, which is quite aggressive from our org's standards.

I've landed in this position because I was transitioning to this team prior to the reorg, AND the EM/TL/PM/2 L5s has been reorg'ed out, and they needed someone who had previously TL experience and was willing to do it.

I've previously TL'ed a team of 4 people, with important but "normal" priority projects. This is clearly a great opportunity for me, but I am afraid I'm not ready to handle it and I'm at a bit of loss as to what I should be focusing most of my effort on. With the tight deadlines I have, I feel like every day will be a battle so any advice on how to approach this will be appreciated.

I have one other L5 supporting me who I trust very much and a new EM who's rumored to be very good. We currently have 4 SWE including me and we'll be getting more at least 4 more engineers, with lots of adjacent teams helping out. I do also have good standing and connection in the org overall and I know how to get a "normal" project in our org over the line (I did an in-org transfer).

What I'm thinking about right now

  1. Knowledge Transition: since a lot of critical members of the team are leaving and I am taking over, I feel the biggest priority in the near term is to absorb as much knowledge from them as possible. So far, they have some prototypes, and I wanted to get my hands dirty, so maybe I should focus on is to understand the work that's been done really well, and the design choices that's been made already?
  2. Gather support: I feel like biggest personal risk is that I don't know how to show up in higher-stake meetings with directors. Is it any different? Where do you all see the risk is?
  3. Enable the team: I know the biggest responsibility I have, more than anything, is to make sure the team is able to work on the project and help us deliver this. Aside from the L5, I don't know a lot about the people. I feel I should putting my focus on ensuring they are as successful as possible, not focusing on my own technical knowledge as much, for us to succeed. Is that a good way to think about it?
  4. Self-management: I anticipate I'll be very stressed and pulled in many directions. I already feel this way. What are some tools I can leverage in "crunch time"?
Show more

How can I safely plan a difficult project for which I have little context?

Senior Software Engineer at Series C Startup profile pic
Senior Software Engineer at Series C Startup


  1. My team is going to work on a new project which involves upgrading a service and migrating/enabling all of the dependents to use the new service.
  2. This service provides a business critical functionality for our teams and the new version attempts to solve a lot of high impact pain points with the previous version.
  3. We have just inherited this service and none of us have worked with it or any of its dependents before. We have some support from the previous team that worked on this project but only in a consultation capacity.
  4. This is a project that has been attempted multiple times by various teams over the years - unsuccessfully or with little progress. My perception is that it's going to be a difficult project with low-moderate chances of success.
  5. There is a lot documentation but most of it is somewhat outdated. There are a lot of PRs as well but these are for the unsuccessful attempts so I'm not sure how impactful it would be to go through them.
  6. The plans for the previous attempts only had internal milestones for the team and a single big-bang completion milestone for stakeholders.


  1. How can I identify smaller, independent high-level milestones that are relevant for external stakeholders?
  2. How can I come up with broad estimates and capacity requirements for the external and internal milestones if I'm not clear on what these milestones would require for completion?
  3. How can I think about de-risking this attempt of the project and improving the probability of success?
Show more

Learn About Tech Lead

A tech lead is a senior member of a software development team who not only has strong technical skills but also takes on a leadership role. Unlike a traditional manager, a tech lead focuses on guiding the technical direction of a project, ensuring alignment with business goals and fostering collaboration among team members. The role demands a delicate balance between technical proficiency and effective leadership.
One of the primary responsibilities of a tech lead is to provide technical guidance to the team. This involves making high-level technical decisions, ensuring the adoption of best practices, and overseeing the implementation of solutions that align with the project’s requirements.
A tech lead has a crucial role in fostering collaboration within the team. This involves facilitating effective communication, resolving conflicts, and promoting a positive team culture. A tech lead creates an environment where team members can share ideas and work together seamlessly.
They aren’t typically regarded as project managers, but tech leads are often involved in project management. This includes task allocation, timeline management, and ensuring that the team can meet all of a project’s milestones. Balancing technical objectives with project goals is one of the key responsibilities of a tech lead.
A tech lead has a responsibility to mentor their team members. They should guide junior software engineers with knowledge that they have gained during their career as a software engineer. They should be providing constructive feedback and creating opportunities for getting their team members promoted.
A skilled tech lead will influence the success of a project. Their technical abilities and leadership contribute to efficient project execution and ensure that a team delivers high quality software within an established timeline.
A deep understanding of an organization’s business goals, technical understanding behind a team’s stack, and a broad knowledge of the system architecture is essential to becoming a tech lead. They must constantly be aware of what is happening on their team as well as adjacent teams. They must also have a proven track record of success.
The impact of a tech lead extends beyond just coding. Their role is significant in driving the success of projects and teams. They are able to build software with a business context in mind. They know how to structure a project in a way to reduce risk and increase confidence in the project. Taro contains resources that can help you to become a more effective tech lead.
Show more