Command Center

Building the Security Platform for 400+ Engineers and 7000+ B2B customers.

HUGE shoutout - Command Center was called out on our QBRs - not just once or twice, but by EVERY SINGLE Concierge Team!
— Mike J, Senior Director of Concierge Security

Role:
Director of Product - Operated as primary PM

Timeline to release:
9 Months (Aug 2022 - May 2023)

Team:
Junior PM, UX Designer, 7 Developers

The Challenge

Arctic Wolf's Concierge Security team had a scaling crisis.

The team grew from 15 to 200 engineers in 4 years, supporting the company's entire customer base. Plans were underway to double again to 400+ engineers. Growth was essential. But every new hire took 6 months to onboard before they could independently manage customer engagements. Six months of ramp time wasn't sustainable when you're planning to add 200 more people.

The bottleneck wasn't knowledge transfer. It was tooling fragmentation.

Engineers navigated ~8 disconnected systems daily. They'd open Zendesk to review tickets, switch to Jira for tech support requests, hunt through Confluence documents to run security posture reviews (SPiDRs), check the customer directory for reports, then track their work manually in OneNote with dozens of browser bookmarks just to remember where everything lived.

Critical work fell through the cracks. Tech support tickets sat unresolved for months. Customer reports languished for days. Ticket closure was measured in weeks instead of hours. Without a centralized view, engineers simply forgot to check certain systems.

The operational impact was real: longer customer response times, inconsistent service delivery across teams, and an onboarding burden that would break under 2x growth.

But the problem was bigger than Concierge. The Deployment, Technical Support, and Incident Response teams faced identical fragmentation. Different tools, same structural problems. If we solved this once, we could solve it for them as well.

My Approach

Identified time sinks with data, then prioritized by impact

Through metrics analysis and interviews with engineers, we found three major drains:

  1. Running SPiDRs required constant context-switching between Confluence docs and investigation tools,

  2. Reviewing tickets across multiple platforms consumed hours daily with no aggregated view, and

  3. Tracking which SPiDRs had been completed for each customer required manual spreadsheet management.

Tracked emergent metrics instead of predefined KPIs

Rather than setting a north star upfront, we watched how engineers used the platform and let success signals emerge: SPiDRs delivered per quarter (efficiency reinvested) and time to onboard (standardization working).

Build a platform foundation, not just a Concierge tool

The Deployment and Technical Support teams faced similar fragmentation. Rather than build Concierge-specific features, we architected the platform with generic abstractions (dashboard framework, modular content library, API-first design) so other teams could adopt it. This added approximately 2 months to the build but positioned Command Center as the long-term solution for operational tooling across Arctic Wolf.

Made a deliberate sequencing decision based on impact assessment

I prioritized SPiDR Library and Runner first - these were the highest-impact features that would transform how engineers executed security reviews. This approach successfully achieved 80% adoption in 3 months as teams using spreadsheets immediately recognized the value. When Dashboard launched 3 months later, it accelerated adoption to 95% in just 2 months by establishing the daily login habit that made using SPiDR Runner feel natural. In hindsight, shipping Dashboard first (4-5 months vs. 9 months) would have established that habit earlier, creating momentum for the heavier platform components.

The Solution

Command Center consolidated 4 of 8 fragmented tools into a unified workspace where engineers could manage their entire workflow without context-switching. Engineers could now start their day with a centralized view of all work, execute standardized security reviews with guided workflows, and access version-controlled content - eliminating the manual tracking and scattered documentation that previously consumed hours daily.

Key Capabilities:

Dashboard: Aggregated view of open tickets, pending reports, outstanding tech support requests, and SPiDR completion status across all customers. Engineers started their day with a prioritized queue instead of hunting across systems.

SPiDR Library: Centralized content management and authoring system for 55+ security posture reviews, replacing scattered Confluence docs. Technical leads could create and version-control new SPiDRs (library has since grown to 200+).

SPiDR Runner: Guided execution of security reviews with embedded investigation tools, automatic progress tracking, and data capture. Eliminated the need to bounce between runbook documentation and separate tooling during customer engagements.

This is helping our teams all the time and I constantly hear how they are happy with the tool and excited about the enhancements that have and will continue to be released.
— Mike, Senior Director of Concierge Security

The Impact

The Efficiency Story

Command Center delivered measurable operational improvements:

  • Engineers went from 22 SPiDRs per person per quarter to 45 (a 104% increase)

  • Onboarding time dropped from 6 months to under 30 days through standardized tooling

  • Ticket resolution times now targeted at less than 24 hours (previously weeks)

These weren't just productivity metrics. They represented capacity reinvested into customer value. Engineers weren't working less; they were delivering more proactive security reviews, resolving tickets faster, and spending less time hunting for forgotten work.

The Platform Story (The Long Game)

Three years later, Command Center has expanded into the core platform for delivering the Concierge experience.

  • 400+ engineers across 4 global regions and 7000+ B2B customers

  • 3 additional business units are preparing their move to it (Deployment, Technical Support, Incident Response)

  • 12 distinct components (started with 3): automation, AI integrations, customer-facing portal, API access for dev teams

This wasn't accidental. The 2-month architectural investment in platform thinking (generic abstractions, modular design, API-first) enabled multi-year expansion without rebuilding core components. We validated the foundation with Concierge, then scaled it.

The Platform bet paid off.

Key Learnings

What I'd Do Differently: Ship the Habit First

If I could re-sequence the build:

  1. Ship Dashboard first (month 4-5): Consolidate scattered toil, establish daily login habit, build internal credibility

  2. Launch SPiDR Runner second (month 12): Drop high-impact workflows into an already-adopted platform

Dashboard achieved 95% adoption in 2 months. SPiDR Runner took 3 months to hit 80%. The data is clear: daily habits unlock high-impact workflows. By deprioritizing un-tracked toil, I left 3-4 months of goodwill, habit formation, and centralized data collection on the table.

The lesson: ship the habit first, even if the complex feature is objectively more valuable.

What Worked: Platform Thinking Compounds Over Time

By designing extension points (API architecture, modular dashboard, generic content library) without implementing them in v1, we validated core workflows first, then expanded capabilities with new components. The 2-month architectural investment enabled multi-year expansion without rebuilding. The success is leading into the imminent expansion of Command Center to support 3 additional business units: Deployment, Technical Support, and Incident Response.