← Writing

Why I do TryHackMe on weekends as an engineering manager

It's not for a career change. It's because management makes you stupid in specific ways, and offensive security is a cheap way to stay sharp.

cybersecurityleadershiptryhackme

I run an engineering team during the week. On weekends I do TryHackMe rooms. People keep asking me why.

The honest answer: management makes you stupid in very specific ways, and I’ve found offensive security to be the cheapest, fastest antidote to most of them.

What management does to your brain

Three things, mostly:

You stop reading code closely. You read PR titles. You read summaries. You read commit messages. You don’t actually sit with a 400-line diff and follow control flow anymore, because there’s never time. After two years of this, I noticed I was getting worse at the thing that used to be my job.

You start trusting names instead of behavior. “Oh, X library handles that.” “Oh, the auth team owns that.” “Oh, that service is well-tested.” All of these become stand-ins for actually checking. They’re efficient — that’s why they exist — and they’re also exactly how things blow up.

Your patience for exploration evaporates. Everything in management is goal-directed. There’s an agenda, an outcome, a metric. The skill of poking around aimlessly until you understand a system — which is most of what real engineering is — atrophies fast.

Why offensive security fixes this

A TryHackMe room hands you an IP address and a vague hint. That’s it. Your job is to figure out what’s running, what it does, what’s wrong with it, and how to walk in. There’s no Jira ticket. There’s no PM. There’s no dashboard telling you what to look at first.

To get root, you have to do every single thing management trained you out of:

  • Read configuration files line by line, even the ones that “should be standard.”
  • Distrust every name. Just because the service banner says it’s nginx 1.18 doesn’t mean it is.
  • Wander. Try the obvious thing, watch it fail, try the less obvious thing, follow the thread for an hour to a dead end, back up, try something else.

It’s the cheapest, most efficient sharpening tool I’ve found for the muscles I don’t use at work.

The other reason

I lead a team that ships software that needs to not get broken into. I cannot, in good conscience, run that team without ever having sat on the other side of the keyboard. The things you internalize from actually exploiting a misconfigured service — oh, that’s how easily that goes wrong — change how you read your own team’s PRs the next Monday.

I’m not pretending I’m a red-teamer. I’m a hobbyist with an MIT cert and a TryHackMe profile. But I’m a less stupid hobbyist than I was two years ago, and that’s enough to make me a better manager.

If you’re considering it

Start with TryHackMe’s beginner path. It’s good. The first ten rooms will teach you more about how Linux actually works than the previous decade of using it.

Or find me on TryHackMe and we’ll race a room.