Day 40 なぜ、成長する人と、変わらないままの人がいるのか Why Some People Progress and Others Stay the Same - The Story of Sarah
Day 40 なぜ、成長する人と、変わらないままの人がいるのか - Sarah の物語
昨日、私たちは「専門性が人の世界の見え方そのものを変える」という話をしました。
初心者、初級者、熟練者ー同じ現象を見ても、まったく違う意味として受け取る、そんな知覚の変化です。
では今日は、その"反対側"に目を向けてみたいと思います。
なぜ、ある人は着実に成長・成熟し、ある人は年齢だけを重ねて、同じ場所に留まり続けるのか。
これは、サイバーの世界だけの話ではありません。
どんな職場にも、どんな組織にも、どんな社会にも存在する普遍的なテーマです。
私はこれまでの人生で、何度も同じ光景を見てきました。
若手なのに驚くほど伸びる人たち。深く考え、問いかけ、試して、内省し、次につなげていく人たち。
一方で、10年働いても、新人の頃と同じつまずきを繰り返す人たち。周囲を戸惑わせ、時にはチーム全体の前進を静かに止めてしまう人たち。
そして残念ながら、大人の外見をしていても、内側は未成熟なままの人もいます。
- 権利は主張するのに、義務は果たさない
- 貢献の前に、見返りを求める
- 約束を破り、責任を問われると怒る
- 自分の問題を誰かが"代わりに"解決してくれると期待する
- 同僚を仲間ではなく、保護者のように扱う
ただ、誤解しないでください。これは誰かを批判したいのではありません。
人は誰でも、ストレスや不安のなかで簡単に"未熟な自分"に戻ってしまう。私自身も、その弱さを嫌というほど知っています。
だからこそ、今日は「なぜ人は成長するのか」を、理論ではなく"物語"から見ていきたいと思います。
同じスタートラインに立った2人の若手、Sarah と Michael。能力も、教育も、ほとんど同じ。違ったのは、学びをどう扱ったかだけでした。
今日は、ゆっくりと成長の階段を上っていった Sarah の物語を紹介します。
明日は、その階段の前で足を止めてしまった Michael を見ていきます。
この2つの物語は、
なぜ大人になっても成長、成熟し続ける人と、そうでない人がいるのか
その本質を照らす"入口"になります。
Sarah ー 意図的に、成長を選んだ人
Sarah がサイバーセキュリティの世界に入ったのは、2019年6月。
中堅金融企業の SOC アナリストとして働きはじめた日のことは、今でもよく覚えているそうです。
SIEM の画面を前に、呼吸が浅くなる。
何が重要で、何がノイズなのか、まだわからない。
「私は本当にここでやっていけるのだろうか」
そんな不安に包まれた、典型的な"初心者の世界"でした。
しかし、ここから Sarah の物語は静かに動き始めます。
Stage 1(0〜3ヶ月)初心者 ー でも"姿勢"が違った
Sarah はルールに頼りながら、手順書を一つずつ確認しながら仕事を進めました。
ほとんどの新人がたどる道です。
けれど Sarah には、最初から"違うもの"がありました。
1. わからないことを、そのままにしない
「なぜ5回の失敗ログインは疑わしいのに、4回は違うのか?」
「このルールは何を守るためのルールなのか?」
"知ったふり"をしない。
未熟さを隠そうとしない。
その素直さが、彼女の成長を底から支えていました。
2. 経験を経験のまま流さない
誤検知を誤ってエスカレーションしたとき、彼女はこう書きました。
「次回は、まず IT Ops に確認する。自動化は一定間隔で動くことが多い。不自然な時間に動くものだけ疑う。」
ミスに蓋をしない人は、早く伸びます。
Sarah はその典型でした。
3. フィードバックを"取りに行く"
調査が終わるたびに先輩をつかまえ、必ず聞く。
「私の調査にはどんな抜けがありましたか? 次はどこを改善したらいいでしょう?」
間違いを恐れるより、成長しないことを恐れる。
そんな姿勢でした。
Sarah は「人としての基礎体力」も同時に鍛えていた
サイバーの現場では、技術だけでは務まりません。
- 気づいたら早めに共有する
- 判断に迷うときは勝手に進めず相談する
- 努力のあとに、適切に助けを求める
- 約束を守り、期限より早く仕上げる
信頼は、一朝一夕では築けません。
Sarah はその積み重ねを、最初の3ヶ月で着実に始めていました。
Stage 2(3〜12ヶ月)初級者 → 中級者へ
パターン認識という"目"が育つ
6ヶ月が経った頃、彼女は初めて大きな事件調査を任されます。
ここからが、実は多くの人が"止まってしまう場所"です。
しかし Sarah は違いました。
調査が終わるたび、必ず自分自身に問いかける。
- これは以前見た攻撃と何が似ていて、何が違ったのか
- なぜ私は最初に誤った仮説を立てたのか
- この事件は、私に何を学ばせようとしているのか
"振り返る力"がある人は、強い。経験が、血肉になるから。
Sarah は業務の外にも学びを広げました。
- 初心者向けに誤検知パターン集を作る
- PowerShell 調査ガイドを作る
- Tabletop Exercise に積極的に参加
- 外部コミュニティで最新の攻撃例を学ぶ
成長は、こうして静かに積み上がっていきます。
1年後 ー 彼女は「頼られる側」になっていた
- 特定の検知ルールの改修を任され
- 新人が最初に相談する相手になり
- インシデントの前線に立ち
- 自分のキャリアの道筋を自ら描き始めた
マネージャーはこう書きました。
「Sarah の強みは"なぜ"を考えること。その姿勢が、チーム全体の質を引き上げている。」
Sarah の物語は、ひとつの"成功例"としてとても美しいものです。
実際の現場でも、こうした成長を遂げる若手のほうが多い。
健全な組織には、静かに、確実に伸びていく人たちが大多数を占めています。。
ここでひとつ、どうしても触れておきたいことがあります。
成長の鍵は、年齢ではありません。
どれだけ年齢を重ねていても、どれだけ別の分野で実績があっても、新しい領域に足を踏み入れるとき、人は誰でも"初心者"です。
だからこそ大切なのは、好奇心と謙虚さを携えて、自分をいったん真っ白に戻すこと。
役職も、過去の栄光も、他分野での経験も、すべて一度そっと脇に置いてみる。
知らないことを、知らないと言う勇気。見えていないものを、見ようとする姿勢。新しい組織やプロジェクトに、 "まっさらな目"で向き合おうとする心。
その姿勢こそが、 どんな年齢の人にとっても成長の第一歩であり、そして成功の本質なのだと思います。
ただし、ここにはもう一つ、大切な視点があります。
若手の成長と、すでに成熟を経験してきた人の成長は、まったく違うということ。
若手は、ゼロから形をつくるところから始まります。一方で、長い時間をかけて多くの山を登ってきた人は、その経験を"どう使うか"が成長の質を決めます。
人生も、仕事も、若手のような育ち方はしません。経験は力であると同時に、プライドという重さにもなり得る。だからこそ、どこから、どう再スタートを切るのかは百人百様です。
私はよく、成長を登山にたとえます。
若いうちは、小さな山から始まり、息を切らしながら少しずつ高度を上げていく。
しかし、たくさんの山を登ってきた人は、体の使い方も、呼吸の整え方も、自分の癖も熟知している。だからこそ、新しい山を登ることに臆する必要はないし、むしろ成熟のスピードは、若手より速いことさえあります。
どのくらい、どんな山を登ってきたか。その蓄積こそが、新しい環境で"即戦力"になれるかどうかを決める。
年齢ではなく、肩書きでもなく、その人が本当に歩いてきた"道の質"がすべてを決めるのです。
──しかし。
世界には、もう一つのタイプの人がいます。数は多くありませんが、確実に存在します。
そして彼らが職場に現れると、
本人にとっても、チームにとっても、マネージャーにとっても、静かで深い課題を生み出すことがあります。
明日は、その対照的な存在である Michael の物語を紹介します。
-----
Why Some People Progress and Others Stay the Same - The Story of Sarah
Yesterday, we explored why expertise transforms the way we think--how novices, advanced beginners, and experts literally perceive the world differently.
We looked at the Dreyfus Model, Benner's research, and the neuroscience behind how judgment becomes intuitive. In short, we saw how people grow.
Today, I want to take a slight detour and explore the opposite question:
Why do some people never grow--professionally, socially, or emotionally?
Because if the Dreyfus Model explains the transformation of expertise, then its shadow side explains something I've witnessed repeatedly in real life:
People grow older, but they don't necessarily grow up.
I've seen new graduates who flourish within a year, thinking deeply, asking questions, reflecting, seeking feedback, while others remain frozen where they began, repeating the same mistakes, baffling colleagues, and quietly holding back entire teams.
I've also seen adults in their 30s, 40s, 50s, even 60s who behave like workplace teenagers:
- refusing obligations but demanding rights,
- expecting rewards without contribution,
- breaking promises and resenting accountability,
- waiting for others to fix their problems,
- treating colleagues like caretakers instead of partners.
And if I'm honest, there are moments when I, too, regress under stress, fatigue, or insecurity.
Maturity is not a guarantee. It is a developmental process.
So today, I want to examine why some people progress and others stay the same, not in theory, but through imaginative real-life examples that reveal how learning truly works (and fails).
We'll look at two early-career professionals--Sarah and Michael--who start in the same place but take radically different paths. Through their stories, we'll see how the mechanisms that fuel expertise--learning, feedback, and reflection--are the same mechanisms that produce professional maturity.
And we'll see why, without these elements, even the most intelligent person can remain stuck at the novice stage--technically, socially, and emotionally.
Today, we will look at Sarah--someone who begins as a novice, full of uncertainty, but slowly builds maturity through learning, feedback, and reflection.
Tomorrow, we will look at Michael--someone equally capable, equally educated, yet who remains stuck at the novice stage because those same mechanisms never take root.
These two stories form the doorway into the core of this series: what true professional growth looks like, and why many adults--despite age, talent, or intelligence--never reach it.
Meet Sarah: The Path of Deliberate Growth
Sarah graduated with a degree in Computer Science with a cybersecurity specialization in June 2019 and joined a mid-sized financial services company as a Security Operations Center (SOC) Analyst. Her first day was filled with uncertainty--the classic novice experience described in the Dreyfus model. She stared at the SIEM dashboard, overwhelmed by alerts, wondering if the company had made the right choice hiring her.
Stage 1 (Months 0-3): Novice - But With Intentional Learning
Like all novices, Sarah relied heavily on context-free rules and checklists. During her first week, she:
- Set up her security tools following step-by-step runbooks
- Started with Tier 1 alert triage to gain exposure to the security infrastructure
- Met her security mentor (a senior analyst assigned to guide her)
- Attended onboarding sessions about the company's threat landscape, compliance requirements, and incident response procedures
But here's what distinguished Sarah: She implemented three critical practices from day one:
1. Always Asked Questions
She didn't just mechanically follow playbooks. When assigned to investigate a failed login alert, she asked: "Why do we treat five failed logins as suspicious but not four? What attack patterns is this rule designed to catch? Has this threshold prevented real incidents or generated false positives?"
She learned that asking questions--even when you think you should know the answer--is not disturbing others, but building the foundation for deeper understanding.
2. Took Detailed Notes
Sarah maintained a detailed incident journal. When she made her first triage mistake (escalating a benign automated script as a potential breach because she didn't recognize the service account pattern), she wrote:
"Lesson learned: Before escalating unknown service account activity, check with IT ops about scheduled automation. Added company service accounts to my reference list. Document: legitimate automation often triggers at consistent intervals--random timing is more suspicious."
Smart people learn from their mistakes, but sharp ones learn from others' mistakes too. Sarah documented both--attending post-incident reviews even for cases she didn't handle, taking notes on what others missed and why.
3. Sought Active Feedback
After completing her first phishing investigation, she didn't just close the ticket. She scheduled 15 minutes with her mentor to walk through her analysis, asking: "What additional indicators should I have checked? Where are the gaps in my investigation process? How would you have approached this differently?"
Crucially, Sarah Also Developed Fundamental Professional Skills:
In her first three months, Sarah made deliberate efforts to build what many overlook--basic workplace security competencies and communication skills:
Timely Communication: When she discovered a potential security misconfiguration while investigating an alert, she immediately notified her team lead: "During investigation of Alert #4521, I noticed our web application firewall isn't blocking SQL injection attempts on the customer portal. This might be a configuration gap. Should I create an incident ticket or is this a known exception?"
Proactive Consultation: Before creating a new detection rule based on a pattern she observed, Sarah scheduled a 30-minute meeting with her senior analyst: "I've noticed three incidents this month involving PowerShell executing from temp directories. I'm considering creating an alert rule. Could I walk you through my logic and get your input before I implement it? I want to avoid creating noise."
Support Seeking: When stuck for more than 30 minutes analyzing an unfamiliar malware sample, Sarah reached out: "I'm investigating suspicious file hash a4b3c2d1e5f6... I've checked VirusTotal, analyzed the file strings, and reviewed our sandbox report. The behavior seems polymorphic. Could someone with more malware analysis experience point me toward what I should focus on next?"
She learned that asking for help after demonstrating effort is professional, not weak--especially in cybersecurity where threats evolve constantly and no one knows everything.
Task Follow-Through: Sarah kept a simple tracking system for her investigations. Every alert got documented with timeline, findings, and next steps. She sent brief updates without being asked: "Update on Incident #2847: Completed forensic timeline. Confirmed lateral movement attempt was blocked by network segmentation. Final report by EOD Friday."
Promise Management: When assigned to present a threat intelligence briefing at the weekly team meeting, Sarah prepared three days ahead, researching recent attack campaigns targeting their industry. When she committed to reviewing a colleague's incident report, she completed it within 24 hours with constructive feedback. She understood that reliability builds trust, which is the currency of professional relationships--especially in security, where team members depend on each other during high-pressure incidents.
Stage 2 (Months 3-12): Advanced Beginner - Pattern Recognition Through Reflection
By month six, Sarah was assigned her first significant investigation--a suspected data exfiltration incident involving unusual outbound traffic patterns. This is where the Dreyfus model predicts advanced beginners begin recognizing recurring patterns and situational elements. But this doesn't happen automatically--it requires deliberate reflection.
Sarah's approach to her first major incident investigation:
- Created an investigation plan documenting her hypothesis and analysis steps
- Collaborated with the network security team to gather packet captures
- Worked with the forensics team to analyze endpoint artifacts
- Documented her findings in a detailed incident report
- Presented her completed investigation to the security team for feedback
Critically, after each major investigation, Sarah wrote reflective notes in her journal:
"What attack patterns did I see here that match MITRE ATT&CK techniques I've studied? How is this exfiltration attempt different from the one I investigated last month? What did I learn about attacker behavior in our environment that applies more broadly? Why did I initially suspect malware when this turned out to be an insider threat indicator?"
This is situated learning in action--learning happens not just through investigating incidents, but through reflecting on the investigation within its specific context, understanding why certain indicators mattered and others didn't.
Sarah also began contributing beyond her immediate role:
- She volunteered to document common false positive patterns to help new analysts
- She created a reference guide for investigating suspicious PowerShell activity
- She participated in tabletop exercises, learning how incidents escalate from detection to response
- She attended local cybersecurity meetups, expanding her understanding of threats beyond her company's environment
Year 1 Achievement:
By her first anniversary, Sarah had progressed significantly:
- She owned specific detection rules and investigation playbooks where teammates came to her for guidance
- She could recognize attack patterns and distinguish sophisticated threats from benign anomalies
- She set career goals with her manager--pursuing incident response and threat hunting skills--and created concrete action items including certifications (GCIH) and hands-on practice
- She became a trusted first responder during security incidents
- Most importantly: She became someone people wanted to work with--reliable, communicative, collaborative, and constantly learning
Sarah had successfully transitioned from Novice (relying on System 2 slow, deliberate thinking and strict playbooks) to Advanced Beginner approaching Competence (beginning to develop intuitive pattern recognition, understanding context and situational factors, while still thinking analytically about complex decisions).
Her manager wrote in her annual review: "Sarah has become an even more critical member of the security team. Her growth mindset, attention to detail, and collaborative approach make her someone we can depend on. She doesn't just execute tasks--she thinks about why we do what we do and how we can improve."
A great success story. I have seen many young professionals starting their cybersecurity careers, and even mid-career professionals transitioning into security who follow Sarah's path. These people do exist and are actually quite common in healthy organizations.
But there's another type of person less common, but they absolutely exist. And when they do, they create profound challenges for teams, managers, and themselves.
Tomorrow, I want you to meet Michael.
References 出典・参照
Flores, Jordan. "Milestones From My First Year as a New Grad Software Engineer." Medium - Generation Veeva, July 7, 2020. https://medium.com/veeva-systems/milestones-from-my-first-year-as-a-new-grad-software-engineer-41db5872c914
Türkal, Furkan. "How to survive your first year on a Software Engineer path just after graduation." Medium, 2020. https://medium.com/@furkan.turkal/how-to-survive-your-first-year-on-a-software-engineer-path-just-after-graduation-c4f012726bfe
"First Steps in the Workplace: Why Do Some New Graduates Grow Quickly While Others Advance Gradually." ResearchGate, November 20, 2025. https://www.researchgate.net/publication/397711640_First_Steps_in_the_Workplace_Why_Do_Some_New_Graduates_Grow_Quickly_While_Others_Advance_Gradually
"Linking Career Exploration, Self-Reflection, Career Calling, and Career Adaptability to Subjective Well-Being Among Chinese College Students." National Institutes of Health (NIH) - PMC, July 24, 2023. https://pmc.ncbi.nlm.nih.gov/articles/PMC10378538/
"The Impact of Career Plateaus on Job Performance." National Institutes of Health (NIH) - PMC, February 18, 2024. https://pmc.ncbi.nlm.nih.gov/articles/PMC10886406/
"Career Plateau Warning Signs: What Your Job Is Telling You." Taggd, July 21, 2025. https://taggd.in/hr-glossary/career-plateau/
"5 Signs of career stagnation and tips to overcome it." HeartCount, February 25, 2025. https://heartcount.com/blog/5-signs-of-career-stagnation-and-tips-to-overcome-it/
"Adapting to Professional Environments as a Recent College Graduate." Nivati, 2024. https://www.nivati.com/blog/adapting-to-professional-environments-as-a-recent-college-graduate
"Reflection as a Tool for Professional Growth." Imagine JHU, January 14, 2025. https://imagine.jhu.edu/blog/2025/01/14/reflection-as-a-tool-for-professional-growth/
"Navigating the Challenges of Work Adaptation for Fresh Graduates." MySkyBI, July 20, 2023. https://myskybi.com/navigating-the-challenges-of-work-adaptation-for-fresh-graduates/
Dreyfus, Hubert L., and Stuart E. Dreyfus. "A Five-Stage Model of the Mental Activities Involved in Directed Skill Acquisition." California University Berkeley Operations Research Center, 1980.
Rousse, B.S., and Dreyfus, S.E. "Revisiting the six stages of skill acquisition." Philosophy of Skill, 2021.
Benner, Patricia. "Using the Dreyfus Model of Skill Acquisition to Describe and Interpret Skill Acquisition and Clinical Judgment in Nursing Practice and Education." Bulletin of Science, Technology & Society, 2004.
Kahneman, Daniel. Thinking, Fast and Slow. Farrar, Straus and Giroux, 2011.
Evans, J.S.B.T., and Stanovich, K.E. "Dual-process theories of higher cognition: Advancing the debate." Perspectives on Psychological Science, 8(3), 223-241, 2013.
Ericsson, K. Anders, et al. "The Role of Deliberate Practice in the Acquisition of Expert Performance." Psychological Review, 100(3), 363-406, 1993.