Internal user interviews with members of GitLab's Security Operations team (for Defend)
What's this issue all about?
As part of ramping up UX work for the Defend stage, @beckalippert and myself will be conducting internal user interviews with members of GitLab's Security Operations team to derive insight into the JTBD and other characteristics of security analysts who are responsible for monitoring apps in production.
This issue is for planning and discussing this research study.
What decisions will be made based on the research findings?
The JTBD we uncover will serve to guide feature prioritization and future design work.
Goals
- Uncover key JTBD for our Security Analysts who monitor apps in production.
- Review and update our existing app sec persona (Sam) in light of our findings.
What do we want to know about Security Analysts who monitor apps in production? (Research questions)
Responsibilities and day-to-day work:
- What are their responsibilities? What are their objectives? What are they measured on?
- What does their day to day look like? What do they spend most of their time on?
- What are their key tasks? In very broad terms, what are the workflows for those tasks?
- What are their key challenges about their work?
- What tools do they use as part of their work?
- What is their department’s organizational structure (also see handbook for that)? Who do they work with on regular basis? Who are they dependent on? Who do they report to?
Attitudes regarding their job:
- What do they like best about their job?
- What do they least like about their job?
On GitLab:
- How do they use GitLab?
- What is the number 1 thing they wish they were able to do using GitLab? What’s number 2 ?
What hypotheses and/or assumptions do we have about this role?
[Assumptions to be added based on feedback from the team. We should make our assumptions about Security Analysts who monitor apps in production explicit, so as to be in a position to confirm or refute them with research.]
Methodology
60 minute internal interviews with members of GitLab's Security Operations team.
Why interviews?
We’re taking an iterative approach to this research. Eventually it would be great to conduct field visits / contextual inquiry / diary study, but these are all time consuming studies (they take a long time to carry out, and a long time to analyze the findings). To provide timely insights, we’ll go with user interviews as the first step.
Why internal participants?
Even though GitLab is considered mid-market and eventually we would like to tailor Defend features to enterprise users, we’ll start with internal participants, because:
- It’s far quicker than to recruit external participants.
- Understanding our own Security team’s needs will give us a leg up on designing future research studies for this role.
Links