Join us

#CoffeeWithRW: How to Stay T-Shaped Even in a Highly Technical Role

Last updated September 30, 2025 6 min read

The concept of being T-shaped — combining deep expertise with a broader understanding of surrounding areas — is familiar to many of us. However, as roles and teams evolve, it’s easy to lose sight of this balance. Sometimes, in an effort to cover every possible expectation, specialists end up spreading themselves too thin, rather than growing in ways that truly add value.

That’s why in this Career Growth edition, our Information Security Manager, Oleg Bida, reflects on what it really means to stay T-shaped. His focus is not on collecting more skills for the CV, but on building depth and context: the ability to connect the dots, collaborate more effectively, and make stronger decisions.

At first glance, information security may appear to be one of the most rigid and highly technical roles available. Yet Oleg shows that even here, you can master T-shapedness  in unexpected ways(and he has the stories and lessons to prove it, so keep reading!)

So, let’s pass the floor to Oleg.

Wearing multiple hats = T-Shape journey?

On paper, my job as an Information Security (or InfoSec) Manager is pretty straightforward: protect data and systems, spot risks, set policies, handle compliance, and respond to incidents. However, in practice, my path has been anything but “typical” for InfoSec.

From the very beginning, my work has stretched beyond the narrow definition of “security.” In fact, I stumbled into the idea of breadth plus depth long before I knew there was a name for it. Back then, we just called it being a swiss army knife — someone who could wear many hats and make things happen.

University was my first real testing ground. Textbook knowledge could get you through exams, but it wasn’t enough for group projects. They fell apart unless someone could bridge the gaps between disciplines. That realization pushed me to explore more than just my major. I dove into privacy law, networking, even a bit of project coordination — anything that helped me connect the dots and keep projects moving.

My first job at the regional government office in Lviv, Ukraine,only reinforced this lesson. Officially, I worked for the Department of Education. In reality, I was doing a little bit of everything: troubleshooting, network administration, some development, but also budgeting, drafting contracts, and managing vendors. If something needed to get done, you rolled up your sleeves and figured it out. By the time I became Head of IT there, wearing multiple hats had become my second nature.

Still, I felt a pull toward one area in particular. The turning point came with my first serious incident response — a single vulnerability that rippled through and disrupted an entire organization. Watching that unfold convinced me that security wasn’t just another “hat” I wore. It was the field where I wanted to go deep. And that’s when my T-shape truly started to take form.

How to develop “deep” skills

The first “vertical” I really mastered was troubleshooting — figuring out why something was broken and, more importantly, how to fix it. Honestly, it all started by just being that person who could reinstall Windows or set up a dual-boot Linux system 🙂 

Back in the mid-to-late 2000s, networks and computers weren’t as stable as they are today, so hands-on experience was everywhere. I tackled everything from printers refusing to communicate to networks of a hundred machines grinding to a halt because of overzealous file sharing, or Windows freezing after a driver update going wrong. And then there were the classic security pitfalls — weak default passwords, open network shares — relics of a bygone era in cybersecurity, now practically museum pieces.

These challenges gave me technical depth, but more importantly, they sparked a curiosity to dig into root causes — the same curiosity that eventually drew me toward information security.

Yet in InfoSec, there’s no point where you can say, “Ok, now I’m finally here.”. The field moves so fast that some things I learned at university became obsolete in mere years. True depth doesn’t come from knowing everything– it comes from experience, from facing enough situations that you stop panicking when an answer isn’t immediately obvious.

That’s why, for me, real depth means having the confidence and the process to figure things out, and knowing exactly where to look for answers.

How to improve the breadth of skills

While deep technical skills gave me a foundation, I quickly realized that becoming T-shaped meant exploring areas beyond core information security. So I started digging into: 

  1. Security-adjacent disciplines: privacy regulations and data protection laws—learning how different countries handle information, what’s required for managing personal data, and the right ways to work with it.
  2. Broader professional skills: communicating clearly, planning effectively, raising concerns constructively, doing independent research, working autonomously when needed, and collaborating well across teams.
  3. Cross-domain technical awareness: networking, systems administration, troubleshooting, and light development—skills that help me collaborate with technical teams and understand the environments I’m securing.
  4. Curiosity, because it keeps me reading industry news, following CERT feeds, and subscribing to newsletters. This includes also the basics, such as programming, libraries, tools, development methodologies, and efficient Googling (and now, of course, prompting AI).

Over time, I realized that broadening my knowledge was essential. Even learning to navigate bureaucracy helped me stay organized and keep processes moving smoothly. And curiosity made it enjoyable—I genuinely like seeing how all the pieces fit together.

How to approach learning as a T-shaped specialist

Stepping into a field you’re not specialized in can feel intimidating at first. Over the years, I’ve found two approaches that make learning new things stick — and actually enjoyable:

1. Master the basics before layering knowledge

Whenever I explore something new, I start with the fundamentals. I literally go back to proper definitions and concepts. For example, in security, understanding the difference between an “event” and an “incident” is crucial—without that, nothing else makes sense. Once I’ve got the foundation, I gradually layer on more context and real-world applications. 

I use a mix of resources. Interested in quantum mechanics? There’s a Coursera course for that. Want to crochet a scarf? Udemy’s got you covered. Need a quick tip on a niche skill? There’s probably a YouTube video that explains it better than a textbook.

Yet, the key is combining theory with hands-on practice: experimenting, making mistakes, and learning from them. 

2. Ask questions and connect perspectives

After grasping the basics, I actively seek out people who work with the topic every day. Most are happy to share insights, correct misconceptions, and show how things work in practice. These conversations often spark cross-team discussions: “Hey, marketing and security — what features create risks, and how can we improve?” 

By examining a problem from multiple angles, I not only learn more effectively, but I also understand how to create solutions that work both technically and practically for everyone involved. 

How to approach learning as a T-shaped Tech specialist

These tips might sound niche, but they’re useful for anyone looking to grow in IT security (or really, any technical role).

1. Communicate and influence effectively

Storytelling is huge. Being able to explain technical risks in a way non-technical people understand and actually care about — makes a massive difference. You also need negotiation skills because security often requires changes that affect others’ workflows. Finding common ground and showing the “why” behind your requests makes adoption much easier.

2. Observe, adapt, and improvise

Pay attention to how people and processes work in practice, not just how they’re written in policies. Combine that with a touch of improvisation, because incidents rarely follow the playbook exactly. Understanding the real context lets you offer practical solutions that actually work.

For example, if I say, “We need to implement X,” I can face resistance. Yet, if I frame it through another team’s reality (like noticing how the support team handles incoming content that makes them vulnerable to targeted malware), I can explain that implementing X will protect them and the company as a whole. That perspective strengthens the case and builds cross-team understanding and buy-in.

Final advice: Keep learning, but don’t stick to textbook definitions only. Always ask yourself how a concept applies in reality. Security needs vary. For instance, an open-source community project has different risks than a FinTech startup. Explore those differences, expand your context, and never lose your curiosity. That curiosity is what drives true growth.

Common mistakes 

When you’re committed to becoming T-shaped, there are pitfalls to watch for. Here’s what I’ve learned over the years:

1. Keep your learning connected to your core role

It’s tempting to dive into anything that looks interesting, but time is limited. I focus on learning enough to collaborate effectively, not to fully replicate another team’s role. 

For example, if I need something niche from DevOps, it’s usually faster and more productive to ask them directly by explaining why I need it rather than spending weeks mastering a process I’ll rarely use. This way, I maintain depth in my own area while still expanding my understanding of related fields.

2. Prioritize relevance and frequency

Before investing time in a new skill or procedure, I ask myself: how often will I actually use this? If it’s something you might only need once a year, it’s smarter to get help from the team that already does it. Being strategic about where you spend your learning energy prevents wasted effort and keeps your skills practical.

Tips: 

  • A T-shaped path means being constantly exposed to knowledge you don’t fully have. And that’s okay. It can feel uncomfortable if you prefer staying in your comfort zone. The key is recognizing that you don’t need to master everything, just enough to understand context and collaborate effectively.
  • If a skill or piece of knowledge never gets used, it’s a signal not to invest more hours in it. Over time, clearly defined roles naturally help distinguish between useful knowledge and trivia.

What is next?

Looking ahead, I’m focusing on AI—not just because it’s a hot topic, but because it has real potential to improve analysis and help spot risks more effectively. At the same time, AI presents unique security challenges: how safe it is to use, what measures can prevent misuse, and which risks people should be aware of. My goal is to deepen my skills as both an AI user and a security professional, understanding its possibilities while staying mindful of its limitations and pitfalls.

Ultimately, personal growth works is very similar to a well-known maxim, “The more languages you know, the more you are human”. Every new skill or domain I learn adds another “version” of myself. It broadens perspective, gives new ways to think and communicate, and makes more adaptable. 

Just as knowing multiple languages helps you connect with more people and cultures, having a T-shaped skill set lets you build bridges across disciplines and problem spaces, helping you grow faster and more fully as a professional.

We are damn good at building products

More about collaboration