Meet Mike Schiessl: Senior Technical Marketing Engineer
For many companies, security has become a top priority as the development, security, and operations (DevSecOps) mindset continues to grow. Increasingly, companies need security talent to keep up with the demand. Mike Schiessl, a senior technical marketing engineer at Akamai, has unique insight into this transformation given his security expertise.
On a recent episode of The Developer’s Edge, I caught up with Mike to find out more about his background, how companies can support employees through a DevOps to DevSecOps transition, and the future of security and business.
Keeping technical skills sharp
When most people think of marketing, their minds jump to sales, social media strategies, and advertising campaigns. But technical marketing requires an in-depth understanding of the technical features within products, and Mike can deliver because of his rich experience in the tech sector.
Ever since Mike received his first computer — a Commodore 64 — at age 14, he’s been enthralled by technology. In college, he pursued a degree in IT, and started a career as a systems administrator shortly after graduating, working with Linux operating systems. Even as Mike began dabbling in project management and operations, he made sure to keep his technical skills sharp.
“I always wanted to stay connected to the tech side of the world, and not just talk about tech,” reflects Mike. “I’ve always tried to make things run, but that’s never been enough for me. I’ve always wanted to make sure things were secure.”
Mike’s interest in making things secure eventually led him to the realm of security in his work, but the transition had an unlikely starting point: a party. Mike’s friends were competing in a brick breaker video game, and he noticed it was easier to win when the game slowed down. Inspiration struck. “I wrote a tool that abused my CPU, and I was able to play the brick game in slow motion because my CPU load was so high,” Mike says with a laugh. “I won the game 10 times.”
Transitioning to DevSecOps: from Akamai customer to employee
Although Mike joined the company in 2021, his familiarity with Akamai’s products stretches back eight years to when he first started using Akamai’s streaming media services and App & API Protector at his prior workplaces. In his last role as a DevSecOps consultant, he used App & API Protector for approximately 2,500 applications.
“It’s a rock-solid solution,” he says. “That really convinced me to become an Akamai guy. On the Akamai side, I can see even more behind the scenes and know how many security engineers are working on the product.”
Although Mike’s original job duties were to produce training materials for sales engineers and customers, his work has expanded into more areas. For one, he’s active in the Developer Champions program, which has been just as useful for him as it has for the customers he works with. “Every time I join a Developer Champions meeting, I learn something new,” he says. “There's always some piece of our technology I was not really aware of.”
A major development that came out of the program is the Terraform integration — something that Mike wishes he had the chance to use as a customer. “I've worked with Terraform a lot in my career to achieve infrastructure as code. When first integrating Akamai, we needed to really code everything ourselves and get the structure right. Now, having Terraform is just like having everything within the world you already know.”
Mike’s tips for fostering security skills in your company
The combination of performance and security isn’t just a trend; it’s going to be key for businesses moving forward. In Mike’s opinion, businesses need to understand that it’s the answer to creating more mature products, not simply an obstacle or an item on a to-do list. But he also recognizes that it’s challenging for some companies to foster security talent. He shared a few strategies to help companies upskill their employees and grow security awareness.
Train security champions: In this approach, a company trains their most security-inclined employees as security champions. After sharpening their skills, they model best practices throughout the organization and support colleagues who need to brush up on their knowledge.
Hire an external consultant: Another strategy for growing security awareness is to bring in a consultant who can help the DevOps team level up. For busy teams, this approach can be more manageable than developing security champions.
Gamify hacking exercises and security exploration: By making security exploration fun, companies can more easily motivate engineers to grow their skills. Hacking games and events are an easy way to do this. Companies can host hackathons that use web applications designed for training purposes or staging environments in which employees can spot vulnerabilities in their own products’ code.
“Even if your web application or code is rock solid and has zero risks of vulnerabilities, you still walk away with an understanding of how hackers behave and how someone could break into your applications,” says Mike. “Those are the real takeaways of these events.”
The future of security in business
Although hackathons are one way to assess potential vulnerabilities in your applications, another way is to monitor what’s happening in real time. Security information and event management solutions, which offer real-time monitoring and analysis capabilities of what's happening on a perimeter, are extremely useful.
Mike also anticipates security as a service growing tremendously in the future, and being key to saving teams time. “When I'm in cluster and I do everything as a code, security needs to be a code as well,” he says. “I need to be able to drag in a web application firewall as a code into my application so it’s streamlined with my other daily operations.”
For customers looking for more resources to grow their security skills and knowledge, Mike suggests the Daily Information Security Podcast, a weekday broadcast with updates on information security threats. He also encourages people to consider attending DEF CON, an annual hacking conference where attendees can watch skilled hackers perform in real time. For teams looking to upskill, the Holiday Hack Challenge is another fun activity. Even simply talking with coworkers and others in the field can be illuminating.
“I have such a big network of people from my previous roles and I chat with them regularly,” says Mike. “We have fun exchanging experiences and sharing new things we’ve learned. That's such a great way to stay in touch.”
Learn more
Interested in watching highlights from the interview? Find this episode of The Developer’s Edge on our YouTube channel.
