Alert-driven security investigations typically involve a myriad of variables that are difficult to capture and report on. What's even more difficult? Defining a repeatable process that surfaces the workload, experience, and knowledge of each engineer from those investigations.

In an effort to to tackle this issue, we introduced a new metric we labeled as "Complexity". We tested this spinoff of Agile's concept of story points and it has immediately shown value. Complexity Scoring has provided a consistent means to measure workload and health of the team specifically enabling management to highlight our engineers' proficiencies and growth areas, has allowed us to elevate the strength and synergy of our team, and automatically indicates key talking points for reviews and areas to improve collaboration between team members.

Since security engineers in our industry play a vital role in our organizations, it is up to us as leaders to continuously look for new ways to answer the hard questions and to look for new methods that can improve their overall well-being.