A painting of me

10 Years of Work

   23 August 2020, late morning

I wrote what follows for a work newsletter. Our office manager wanted me to comment on my impending 10th year of working at Security Compass, an anniversary that passes today. It feels old fashioned to work at a place for 10 years. Really old fashioned. It is easy to be cynical about work, especially now, when the world feels like a real capitalist hell scape. No work place is perfect—I have read enough Marx to know that. But it is with no cynicism that I say I have enjoyed the last 10 years.

Security Compass was trying to hire a developer to work on an idea they had for a web based Security Requirements Tool. My friend Patrick was a Security Consultant at the time, and let me know about the position. I used to write networks software in C++: switching to doing web development was both novel and interesting. The year was 2010 and everyone in Toronto was a Rails developer except me. I emailed Rohit, now our CEO, to tell him I was interested in the position, but probably not qualified at all for the role:

… I’m interested in a change. Software-as-a-Service web development is something I am very keen to try. The catch, and it may be a big one, is that my skill set really doesn’t line up nicely with what your job description asks for. I use Python at work to write test scripts, but I’ve never written anything too serious in the language. Similarly, I’ve written little web applications for my own use in Ruby and Sinatra (a web framework), but none of them have been particularly complicated. I do have a lot of software development experience, and I feel confident that I could learn as I go, but I don’t want to misrepresent myself to you and your colleagues — I don’t want to waste anyone’s time. …

Lucky for me they couldn’t find anyone else! I became their Lead Software Developer, which I think was a polite way of saying “only” Software Developer. I took over writing the SDE code from one of our PEY students, Max. He had been hired to be a Security Consultant, but was press ganged into writing SDE till they hired me. And for a while my job was writing all the code that would become SD Elements. Rohit lead the consulting team, but transitioned to working on SD Elements full time shortly after I joined. A former colleague, Tom, did everything Rohit and I weren’t doing. And that was the SD Elements team for a while. And that was 10 years ago now.

The first big milestone for me and our nascent team was building the first ‘beta’ version of SD Elements. I joined in August, and our goal was to try and have something we could demo by the end of the year. By December a lot of the parts of the application you’d recognize existed: you could login, make a project, fill out the survey, and get a list of tasks, which you could mark to-do, done, or not applicable. We could have retired! But no, the whole site looked really ugly. And as I just mentioned, I really wasn’t qualified to fix that quickly.

Mustafa has a friend who is apparently some sort of CSS hacker guy, so hopefully that pans out. I think Tom got in touch on Friday to see if he’s available at all.

And so it came to pass that Houssam, a student at Seneca, ended up in our office a week before the office shut down for Christmas. The two of us worked at a frantic pace and we ended up with the beta version of SD Elements.

The following year there were two milestones of note, one professional, the other personal. At the start of the year my wife and I had a daughter, Mythilli. (My time at Security Compass more or less tracks the age of my daughter.) The second was shipping what we dubbed v1.0 of SD Elements.

Hello friends, What was once is now 1.0.0. c1, c2, c3 and m1 are now all running it. This is a huge leap forward. Those servers were last updated on June 6, and we’ve had a busy few weeks since then. Good work, us! — Sam Bull

Our team had grown. Many faces are around today: Houssam was working contract, on Tuesdays, for us; Bain was our first SD Elements co-op student; Vey was doing testing for us part time. Rounding them out were the two Sam’s. We built what would become the content customization piece of SD Elements over the first half of the year, and shipped things that summer. It was just a number, and one we decided to dub the code with, but it still felt good.

Ten years is too long! If I had time I’d try and write about them all. We moved from a tiny office, to a less tiny office, to an aggressively open-concept office near Pai, and finally to our fancy office by the water. Moving in to the Queens Quay office felt like another big milestone: we were now officially all grown up. Our old Ikea desks had been on a journey with me and now they were gone. When I joined we were maybe 20 people, and now we were well over 200!

Everyone says the thing they love most about Security Compass is the people. To the point it seems trite or cliche—but it’s true! Why stay anywhere for so long if you don’t love the people you are around? Life is too short! I’ve made lots of friends here. I still keep in touch with so many people that have moved on to other jobs and careers.

If your work isn’t interesting or challenging it won’t be satisfying. My role here feels like it’s changed so much year after year. 10 years ago I don’t think I could have pictured what my job would look like now. I had a myopic view of what work could be. In my heart I will always be a simple programmer, but my work and career has evolved into so much more.

When Nish, the founder of Security Compass, left at the start of the year, I wrote him this note, which I forgot to email to the whole company, so I’ll share it now:

When we are hiring people and they ask me why I work here, i’ll almost always bring up the fact it’s a warm welcoming place to work. People help each other—across the whole company, not just in my little corner of SECCOM. A lot of the things I like about working here are a direct result of the particular personality Nish has. Companies are a reflection of their founders, and if you have someone toxic at the top, that toxicity permeates everything. Conversely, if you have someone positive at the top, that culture ends up being the norm. It’s been great, and honestly pretty life changing, working here. I’ve learned a lot and grown a lot. And that continues.



  1. Security to compass is very lucky to have you :) That time Rohid made the right decision :)

Don't be shy, you can comment too!

Some things to keep in mind: You can style comments using Textile. In particular, *text* will get turned into text and _text_ will get turned into text. You can post a link using the command "linktext":link, so something like "google":http://www.google.com will get turned in to google. I may erase off-topic comments, or edit poorly formatted comments; I do this very rarely.