Code of Conduct
This Code of Conduct governs the environment of the Threatcare team. We created it not because we anticipate bad behavior, but because we believe that articulating our values and obligations to one another reinforces the already exceptional level of respect among the team and because having a code provides us with clear avenues to correct our culture should it ever stray from that course. We make this code public in the hopes of contributing to the ongoing conversation about inclusion in the tech and cybersecurity communities and encourage other teams to fork it and make it their own. To our team, we commit to enforce and evolve this code as our team grows.
The contents of this Code of Conduct apply to our interactions in various areas of our shared professional lives, including the Threatcare offices, off-site company events, our Slack and email exchanges, social media, pull request feedback, and industry conferences or other events where we represent Threatcare.
We want our team to be a fun, productive, and safe space for all members. In addition to our core values of transparency, trust, authenticity, and respect, there are several ways in which our team distinguishes itself.
Each of us works with and alongside other teams at Threatcare. Other teams and individuals across our company are our peers and collaborators, not our clients. We maintain open lines of communication and foster good working relationships — indeed, friendships — with our colleagues. And we often wear many hats: members of our Sales team write Marketing content; Marketing team members have say in our product roadmap; interns provide feedback about Marketing, Product, and Sales efforts; members of our Sales team contribute to the products we build; we collectively refine and improve our Sales process; and we work together to plan Threatcare events and meetups. That kind of collaboration is core to our culture and our success.
We value so-called “soft” skills as much as “hard” skills. That is, we love code, but we recognize that writing code is not the only or most important way to contribute to great products. In fact, we object to the labels “soft” and “hard” since they presume one set of skills is more valuable than another. “Non-technical” is not synonymous with “inferior.”
We believe in diversity and inclusion, not merely because they’re mechanisms for happier, more productive teams, but because we believe we have an obligation to work against structural discrimination. This obligation manifests itself in myriad ways — hiring and promotion policies, community outreach, and in our own culture — in which this code of conduct plays a critical role.
Every member of the Threatcare team is expected to work hard, be considerate of their colleagues across the company, and contribute to a collaborative, positive, and healthy environment in which we can all succeed.
Be supportive of your colleagues, both proactively and responsively. Offer to help if you see someone struggling or otherwise in need of assistance (taking care not to be patronizing or disrespectful). If someone approaches you looking for help, be generous with your time; if you’re under a deadline, direct them to someone else who may be of assistance. Go out of your way to include people in team jokes or memes, recognizing that we want to build an environment free of cliques.
Be collaborative. Involve your colleagues in brainstorms, sketching sessions, code reviews, planning documents, and the like. It’s not only okay to ask for help or feedback often, it’s unacceptable not to do so. Don’t succumb to either impostor syndrome (believing that you don’t deserve to be here) or blowhard syndrome (believing you can do no wrong). Recognize that in addition to asking for feedback, you are similarly obligated to give it.
Be generous and kind in both giving and accepting critique. Critique is a natural and important part of our culture. Good critiques are kind, respectful, clear, and constructive, focused on goals and requirements rather than personal preferences. You are expected to give and receive criticism with grace.
Be respectful toward remote and in-person interactions alike. Every member of our team works remotely on occasion. Adopt habits that are inclusive and productive for team members wherever they are: make liberal use of video hangouts, document meetings and decisions thoroughly, and pay attention to timezones when scheduling events.
Be humane. Be polite and friendly in all forms of communication, especially remote communication, where opportunities for misunderstanding are greater. Use sarcasm carefully. Tone is hard to decipher online; make judicious use of emojis to aid in communication. Use video hangouts and in-person meetings when it makes sense; face-to-face discussion benefits from all kinds of social cues that may go missing in other forms of communication.
The Threatcare team is committed to providing a welcoming and safe environment for people of all races, gender identities, gender expressions, sexual orientations, physical abilities, physical appearances, socioeconomic backgrounds, nationalities, ages, religions, and beliefs. Discrimination and harassment are expressly prohibited in our employee handbook. Harassment includes, but is not limited to: intimidation; stalking; unwanted photography; unwanted physical contact; use of sexual or discriminatory imagery, comments, or jokes; sexist, racist, ableist, or otherwise discriminatory or derogatory language; and unwelcome sexual attention.
Furthermore, any behavior or language which is unwelcoming — whether or not it rises to the level of harassment — is also strongly discouraged. Much exclusionary behavior takes the form of microaggressions — subtle put-downs which may be unconsciously delivered. Regardless of intent, microaggressions can have a significant negative impact on victims and have no place on our team. The same goes for tone policing, or responding negatively to the emotion behind a person’s message while ignoring its content. Telling someone who is discussing an issue that makes them feel upset to “calm down” instead of responding to their concerns is an example of tone policing.
There are a host of behaviors and language common on tech teams which are worth noting as specifically unwelcome: Avoid “well, actuallys” — pedantic corrections that are often insulting and unproductive; make an effort not to interrupt your colleagues while they are speaking; never respond with surprise when someone asks for help; and take care neither to patronize your colleagues nor assume complete knowledge of a topic. This last point is especially important when talking about technical topics: Many women and people of color in the tech industry have many tales of being either mansplained about a field in which they are experts, or else excluded from learning opportunities because a colleague wouldn’t make an effort to answer questions — don’t be that person. Remember that your colleagues may have expertise you are unaware of, and listen at least as much as you speak.
Reporting a problem
These guidelines are ambitious, and we’re not always going to succeed in meeting them. When something goes wrong — whether it’s a microaggression or an instance of harassment — there are a number of things you can do to address the situation with your fellow Threatcare team members or with our leadership team. We know that you’ll do your best work if you’re happy and comfortable in your surroundings, so we take concerns about this stuff seriously. Depending on your comfort level and the severity of the situation, here are some things you can do to address it:
1. Address it directly. If you’re comfortable bringing up the incident with the person who instigated it, pull them aside to discuss how it affected you. Be sure to approach these conversations in a forgiving spirit: an angry or tense conversation will not do either of you any good. If you’re unsure how to go about that, try discussing with your direct manager or a member of the leadership team first — they might have some advice about how to make this conversation happen.
If you’re too frustrated to have a direct conversation, there are a number of alternate routes you can take.
2. Talk to a peer or mentor. Your colleagues are likely to have personal and professional experience on which to draw that could be of use to you. If you have someone you’re comfortable approaching, reach out and discuss the situation with them. They may be able to advise on how they would handle it, or direct you to someone who can. The flip side of this, of course, is that you should also be available when your colleagues reach out to you.
3. Talk to your manager or a member of the leadership team. Your manager or a member of the leadership team probably knows quite a lot about the dynamics of your team, which makes them a good person to look to for advice. They may also be able to talk directly to the colleague in question if you feel uncomfortable or unsafe doing so yourself. Where this is necessary, you can expect to be kept in the loop about the progress of your report. Finally, your manager or a member of the leadership team will be able to help you figure out how to ensure that any conflict with a colleague doesn’t interfere with your work.
Taking care of each other
Sometimes, you’ll be a witness to something that seems like it isn’t aligned with our values. Err on the side of caring for your colleagues in situations like these. Even if an incident seems minor, reach out to the person impacted by it to check in. In certain situations, it may even be helpful to speak directly to the person who has violated the Code of Conduct or a manager to voice your concerns.
If you want to speak to a person impacted by an incident or to the person who has violated the Code of Conduct, but you’re unsure of how to navigate these interactions, try reaching out to a member of the leadership team — these conversations are tricky, but the leadership team will do their best to help you figure out how best to approach them.
Committing to improvement
We understand that none of us are perfect. It’s expected that all of us, regardless of our backgrounds, will from time to time fail to live up to our very high standards. What matters isn’t having a perfect track record, but owning up to your mistakes and making a clear and persistent effort to improve. If you are approached as having (consciously or otherwise) acted in a way that might make your colleagues feel unwelcome, refrain from being defensive; remember that if someone calls you out, it likely took a great deal of courage for them to do so. The best way to respect that courage is to acknowledge your mistake, apologize, and move on — with a renewed commitment to do better.
That said, repeated or severe violations of this code can and will be addressed by the leadership team, and can lead to disciplinary actions, including termination.
Members of the Threatcare team are invited to contribute to this Code of Conduct in one of two ways: either by sending an email to Threatcare’s Director of Operations to raise a concern or share feedback, or by talking to a member of the leadership team directly. If you have a question or suggestion for evolving the policies, file an issue outlining your suggestion, providing as much context as you can. If you’ve spotted a typo, discriminatory language, or any other change which could be expediently, please let the Director of Operations know directly.
You may speak privately about a proposed change to your manager or a member of the Threatcare leadership team before raising it here, if you like.
Team members are invited to contribute to discussions around changes. Note, of course, that discussions around changes to this Code of Conduct are themselves governed by the rules of the code.
All changes and suggestions will be vetted by the Threatcare leadership team, and, if necessary, by the legal department.
Thank you to Vox Product for their excellent, open source Code of Conduct, after which we modeled this one. In creating this Code of Conduct, we were also inspired by the dedicated work put forth by projectinclude.org to share resources and offer support for organizations committed to diversity and inclusion.
This Code of Conduct is released under an Attribution CC BY license.
Statement of Values
To us, Threatcare means a lot of things. But above all, Threatcare means transparency, trust, authenticity, and respect.
Transparency about what we stand for, who we are as a company in this moment, where we’ve been, and where we hope to be in the future. Respect for ourselves, each other, our work, our customers, our community, those who have less than we have, and for the people whose data we’re ultimately helping to protect. Trust in ourselves, each other, our customers, and the work we do to make the cybersecurity industry better. Authenticity in our words, our actions, our behaviors, our work, and in the ways we care for and interact with others.
These values drive everything we do, especially building and maintaining a culture of diversity, tolerance, and collaboration. We’re also human — so if you ever feel that we’re not living up to any of these values, we’d love to know so that we can do better.
We currently do not have any open positions. Feel free to send your resume to [email protected] for future consideration.
*Threatcare adheres to an open salary policy.
Diversity & Inclusion Statement
At Threatcare, we are dedicated to creating an inclusive environment for everyone. No employee or applicant will face discrimination or harassment based on: race, ethnicity, immigrant status, religion, age, disability status, sexual orientation, gender identity, parental status, marital domestic partner status, political affiliation, gender expression, mental illness, socioeconomic status or background, or veteran status. Threatcare also strives to prevent other, subtler forms of inappropriate behavior (e.g. stereotyping) from ever gaining a foothold in our organization. Whether blatant or hidden, barriers to the success of our employees have no place at Threatcare.