Name: Patrick Harding
Age: 44
Time with company: 7 years
Education: Bachelor of Science in computer science from the University of New South Wales in Sydney, Australia
Company headquarters: Denver
Countries of operation: U.S., U.K., Japan, Australia, Canada, Turkey, France, Germany, Chile
Number of employees total: 250
Number of employees the CTO oversees: 9
About the company: Ping Identity provides cloud identity security software and services to more than 800 of the world’s largest companies, government organizations and cloud businesses.
1. Where did you start your career and what experiences led you to the job you have today?
I started as a software developer in Sydney for a small software company. That company was doing business in and had offices in London and Boston. We were developing messaging software for airline reservation systems. I was spending a bunch of time traveling to where our accounts were — Tokyo and Mexico and Germany. I also had a chance to work in some of the other offices, so I ended up working in London for a year and Boston for a few years.
Being Australian, just out of college people tend to take time to travel and see the world, so intermingled with that was traveling and backpacking and seeing the world. I spent six months in India backpacking. This was prior to cellphones and just when the Web was emerging. I took six months off the grid and came back and the Web was exploding.
I wound up in Boston and changed roles. It took me into a more IT-oriented environment. I was building the initial firewall and network security infrastructure at Fidelity in the late ’90s. That was my first foray into doing security-related stuff.
I went back to Australia to live for 18 months, in 1999-2000, and wound up working at PricewaterhouseCoopers as a consultant. This was one of my toughest challenges and highest learning curves, as they brought me into build out their Internet security practice, which didn’t exist. I came in as the subject-matter expert, but also had to train everybody else and go out and find the business and sell the business. It was a very challenging time, but it also molded my customer-facing business-oriented skills. It was actually really beneficial to me without me realizing it.
I left and went back to Fidelity for three years, back in Boston, and shifted to enterprise architecture and application security. I realized that firewalls weren’t going to meet the needs of the future. I got involved in application security and that led me to identity security, which was what I believed would become foundational to securing services at scale. That got me involved in the Liberty Alliance and I was Fidelity’s representative there. I was also doing due diligence for Fidelity’s Venture Capital team and looking at companies to invest in. That led me to meet the founder of Ping Identity, Andre Durand, and I left Fidelity to become CTO of Ping.
2. Who was an influential boss for you and what lessons did they teach you about management and leadership?
One of the most influential was the boss I had at Fidelity, a guy called Steve MacLellan.
I would describe my management style and leadership as low touch. I expect the people I hire to be exceptional at what they do, to be able to go off and do the things they do with minimal direction, be self-directed and as such to really only need to come back and interact with me when they have reached a road block. That’s the way I was managed. It relies on trust, but allows for a lot of opportunity to be creative and think outside the box while not being micromanaged. You didn’t have to report on every single thing you were doing. You can be empowered and are trusted to go off and do the right thing.
I didn’t necessarily realize it when it was happening but that meant I had a level of freedom and empowerment that allowed me to go off and do a lot of things. For example I saw that Fidelity had a remote access problem, so I effectively built and deployed at Fidelity an SSL VPN before they existed. They wound up replacing it with a commercial SSL VPN a few years later, but that level of innovation and allowing it to occur was a real important revelation for me.
I encourage my team to go off and innovate within certain guardrails. The team I have includes both the CTO office as well as the Ping Labs team, so it’s meant to be a set of freethinkers who need to be able to think strategically about where we’re going.
3. What are the biggest challenges facing CTOs today?
Honestly, it’s just the rapid pace of change. The rate of change in technology and innovation only seems to accelerate and has been accelerating the last 20 years. Staying on top of that without necessarily being able to go as deep into it as you could if you chose to specialize is challenging. It just is. It’s hard to keep up and understand this stuff at the level of detail you need to make good decisions. You’ve got to rely on other people to be able to help you make those decisions.
Keeping up with that pace of change is incredibly challenging and difficult.
4. What is a good day at work like for you?
What I really enjoy is when I get a chance to sit down with our customers and interact with them, understanding how and why they’re using our technology and what problems they still have so we can look at ways we can improve and add value for those customers. They are generally security architects and enterprise architects. I can go in there and geek out with those guys and think about what strategic implications that will have for us.
That feedback from customers is just great. Our customer satisfaction rates are so high. You’re not going in there to talk about a problem with us, we’re going in there to talk about the next set of problems our customers have to deal with and how we can help.
5. How would you characterize your management style?
It’s lightweight, low-touch, set the guardrails, and allow people to run and trust that you’ve hired the right type of person to be successful and do the right things in the interests of the company and themselves.
6. What strengths and qualities do you look for in job candidates?
Obviously, I’m hiring fairly experienced people. To be successful given the management style and the structure of the group, for example, the CTO office of Ping is in Waltham, we’ve got a couple of people in Denver, someone else in Vancouver, someone else in Santiago, Chile, we’re highly distributed, so they have to be very independent, with strong presentation skills, strong communication skills and extremely strong technically.
You have to have the ability to stand behind your viewpoints and defend those viewpoints, especially when it comes to how we should do one thing over another and prioritize.
We tend to hire people we’ve already known or interacted with. We’ll have invited experts to come in and talk to my team and an extended version of that team. We listen to them on viewpoints in the industry and where the it’s as much an interview process as well because we’re thinking would this person be a good fit for Ping? There have been times when we’ve hired people after they’ve come in to talk to us.
It’s a matter of constantly looking for good people to bring into the organization, not necessarily for my team but other teams as well, whether it’s at a conference or trade shows, we’re always looking. Good candidates are hard to find.
7. What are some of your favorite interview questions or techniques to elicit information to determine whether a candidate will be successful at your company? What sort of answers send up red flags for you and make you think a job candidate wouldn’t be a good fit?
One of the things that’s very difficult to do is to get a handle on someone’s technical capabilities. That’s where even just talking about it isn’t necessarily going to get it done. For some of the technical hires I’ve sent to my labs team, I tend to leverage what our engineering team does and that is to use the Mount Fuji process that I think was invented at Microsoft [presenting puzzles and challenging questions]. That can drive out technically weak people, which I think is extremely important because hiring someone who isn’t a right fit can cost you 12 to 14 to 24 months. It’s just awful.
Hiring someone for the CTO office, we’ll have so much back-channel information on them and what we know about them from other people that I’ve actually established a really good understanding of who they are, so the interview process becomes more about finding out if they would fit culturally with our group.
It becomes a matter of asking them about situations where they’ve dealt with conflict, how they’ve dealt with it, how successful they are in a team environment, where they’ve been thrown into situations where they haven’t had as much information, how they dealt with situations where they’re out of their depth or their comfort zone.
I don’t know of any answers that throw up red flags. It would be more like you get a feel for how that person responds and how they deal with those situations. For instance, early in my career I had never trained anyone in my life and I had to go down to Annapolis one time and train 20 people there about our product. I was a developer, I’d never trained anyone, so I had to go and get the experience of training. I got through it and it was really unpleasant, but I got through it and I learned from it.
8. What is it about your current job, at this particular company, that sets it apart from other chief technology positions?
I don’t run our engineering team. The CTO of Ping’s role is much more focused on product strategy and customer strategy, much more outbound. It’s our job to protect us from sidewinder missiles that could take out the company. We’re out there thinking ahead 18 to 24 months about what are the opportunities and what are the threats.
Our industry has become so big and diverse and grown so quickly that I think it’s unusual that a company our size has both a CTO Office and a Labs team, and has been willing to invest in that and in thought leadership to make sure that Ping is always going to be well-prepared and thinking ahead. Having nine people in the CTO team is a big investment and we take it seriously because we want to be sure we’re going to be servicing our customers not just today but in five years time and 10 years time.
9. What do you do to unwind from a hectic day?
Going home to my four kids isn’t going to be unwinding — that just gets more hectic [laughing]. So where I do tend to unwind is either out playing golf or tennis, getting active basically. I don’t do as much as I’d like to, but that’s where I tend to unwind more often than not.
10. If you weren’t doing this job, what would you be doing?
That’s a great question. Sometimes you get so sucked into what you are doing. When I was at Fidelity it was a really interesting organization because it invested heavily in IT and infrastructure and technology to the tune of $2 or $3 billion a year. There was the opportunity to do lots of things. I always said I’d only leave that environment if I had the opportunity to be the CTO at a startup, so I really am doing now what I always wanted to be doing, to be a CTO at a high-growth startup that is doing really, really well.
So what would I do next, because every good thing does come to an end. As my career has advanced and I’ve grown older and more mature, going from being the youngest guy to having people working for me, the mentoring part is really fun. I could see myself going off and lecturing in a campus environment at the end of my career. It would be a nice way to relax after the fast pace of a startup environment, it would put me back into research and thinking.
The other side of this is I could go off and basically teach skiing and golf for six months of the year. If you want the fantasy — that’s me, playing the seniors tour in golf in the U.S.