VP Engineering / Head of Platform Engineering¶
The decision-maker with budget authority.
Profile¶
Firmographics¶
| Attribute | Profile |
|---|---|
| Company Size | Series B-D tech companies, 100-500 engineers |
| Industry | SaaS, fintech, e-commerce, digital health |
| Tech Stack | Modern microservices (TypeScript/Python/Go), Kubernetes, AWS/GCP/Azure |
| Development Velocity | 50-200 PRs/day, 5-10 deployments/day |
| AI Adoption | 60-80% of developers using Copilot/Cursor/Claude |
Budget Authority¶
| Aspect | Detail |
|---|---|
| Annual Software Budget | $500K-2M for developer tools |
| Decision Authority | Direct approval up to $100K, C-suite approval >$200K |
| Procurement Cycle | 3-6 months (pilot → expansion) |
| Existing Spend | Datadog ($150K), GitHub Enterprise ($80K), SonarQube ($50K) |
Pain Points¶
Priority 1: "Our codebase quality collapsed after AI adoption"¶
The Problem: - Technical debt accumulating 3x faster than pre-Copilot era - Architecture patterns inconsistent - Circular dependencies appearing in PRs that pass CI/CD
The Evidence:
Code Review Metrics (Last Quarter):
- PRs merged: 1,200
- Post-merge fixes: 180 (15%)
- Production incidents: 12
- Root cause: architectural violation: 8 (67%)
Substrate Solution: - Active PR blocking on architectural violations - Deterministic policy enforcement - Clear explanation of why rules exist
Priority 2: "Manual code reviews don't scale with AI velocity"¶
The Problem: - Senior engineers spending 40% of time reviewing AI-generated code - Reviewer fatigue leading to "LGTM" approvals without deep inspection - Can't hire reviewers fast enough to keep up with PR volume
The Math:
50 engineers × 3 PRs/day × 5 days = 750 PRs/week
3 staff engineers can deeply review: 60 PRs/week
Superficial review rate: 92%
Substrate Solution: - Automated architectural review on every PR - Human review focused on business logic - Staff engineer time recovered for architecture
Priority 3: "We're failing SOC 2 audits on code quality controls"¶
The Problem: - Auditors asking "How do you ensure architectural standards are enforced?" - No automated proof that layer boundaries are maintained - Manual evidence collection taking 80+ hours per audit
The Audit Finding:
Finding: CC6.1 - Logical and Physical Access Controls
Gap: No evidence of automated enforcement of
architectural access controls
Remediation Required: Implement automated validation
Timeline: 90 days
Substrate Solution: - Automated policy evaluation on every PR - Immutable audit log of all evaluations - Evidence export: 5 minutes vs 80 hours
Priority 4: "Modernization cliff approaching"¶
The Problem: - Technical debt now 40% of total codebase - Fear that system is becoming un-refactorable - Leadership asking "Can we even move to new framework?"
Substrate Solution: - Visibility into structural debt - Simulation of modernization impact - Gradual migration planning
Decision Timeline¶
| Phase | Duration | Activities |
|---|---|---|
| Evaluation | Week 1-2 | Demo, technical deep-dive, reference calls |
| Pilot | Week 3-4 | 1-2 repos, measure violation detection |
| Validation | Week 5-8 | Expand pilot, quantify time saved |
| Business Case | Week 9-12 | ROI presentation, procurement negotiation |
| Rollout | Month 4-6 | Deploy to full engineering org |
Compliance Requirements¶
| Requirement | Status | Notes |
|---|---|---|
| SOC 2 Type II | ✅ Required | Non-negotiable for handling code |
| SSO/SAML | ✅ Required | Okta, Azure AD integration |
| Data residency | ✅ Required | Code stays in region (US/EU) |
| Audit logging | ✅ Required | Who accessed what, when |
| ISO 27001 | ⚠️ Nice-to-have | Not required Year 1 |
| GDPR compliance | ⚠️ Nice-to-have | If EU customers, Year 2 |
Success Metrics¶
KPIs They Track¶
| Metric | Current | Target | Measurement |
|---|---|---|---|
| PR review time | 4 hours | 2.8 hours (-30%) | GitHub metrics |
| Architectural violations/week | 15 | <5 | Substrate dashboard |
| Technical debt % | 40% | Stop growing | Static analysis |
| Developer satisfaction (NPS) | 25 | >50 | Quarterly survey |
| Audit preparation time | 80 hrs | <8 hrs | Internal tracking |
Buying Triggers¶
| Trigger | Likelihood | Response |
|---|---|---|
| Failed production incident (AI-generated code) | High | Immediate evaluation |
| Audit finding on architectural controls | High | Procurement fast-track |
| CTO mandate to "fix the drift problem" | Medium | Budget approval likely |
| Competitor ships faster (cleaner codebase) | Medium | Strategic priority |
Value Proposition¶
ROI Calculation¶
Current State Costs (Annual):
| Cost Item | Calculation | Amount |
|---|---|---|
| Senior engineer review time | 40% × 3 engineers × $200K | $240K |
| Post-merge fixes | 180 fixes × $1,500 avg | $270K |
| Production incidents | 8 arch-related × $25K | $200K |
| Audit preparation | 80 hrs × $150/hr | $12K |
| Total | $722K |
Substrate Investment: - Team plan: $6K/year - Implementation: $2.5K - Total: $8.5K
Net Savings: $713.5K/year (84x ROI)
Business Outcomes¶
| Outcome | Before | After |
|---|---|---|
| Architectural violations in prod | 12/quarter | <2/quarter |
| Staff engineer review load | 40% | 15% |
| Audit stress | High | Minimal |
| System modernization confidence | Low | High |
Messaging¶
Elevator Pitch¶
"Your AI adoption is accelerating technical debt faster than your team can review. Substrate is the governance layer that lets you move fast without breaking architecture — blocking structural violations at the PR level and preserving institutional knowledge as your team scales."
Key Messages¶
- Scale governance, not headcount
- "Automate what staff engineers do in every PR"
-
"Review 100% of changes, not 10%"
-
Prove compliance, don't hope for it
- "SOC 2 auditors get machine-readable evidence"
-
"Every policy evaluation logged, forever"
-
Preserve knowledge, reduce risk
- "When Alice leaves, her context stays"
-
"New engineers understand constraints in 5 seconds"
-
Modernize with confidence
- "Simulate changes before committing engineering time"
- "Know the blast radius before you start"
Objection Handling¶
"This is a feature, not a product"¶
Response: "Each 'feature' is a $1B+ market. IDP ($2.1B), EA ($1.8B), ASPM ($8.4B). The combination creates new value and switching costs that no single point solution can match."
"We'll build this internally"¶
Response: "Platform engineering teams have tried. The combination of graph databases, LLM integration, policy engines, and WebGL visualization is 3 startups in one. Your team has better uses for 12-18 months of engineering time."
"GitHub/Microsoft will add this"¶
Response: "They create the AI slop problem; we solve it. Acquisition makes more sense than building. Meanwhile, you need governance now, not in 2-3 years."
Case Study: FinTech Company¶
Company: 150 engineers, Series C, payment processing
Challenge: SOC 2 audit finding, 3 AI-related incidents in 6 months
Implementation: - Month 1: Deployed on 5 critical services - Month 2: Caught 45 violations before merge - Month 3: Expanded to all 40 services - Month 6: Zero architecture-related incidents
Results: - Audit passed with "no findings" for architecture controls - Staff engineer review time reduced 60% - Feature velocity increased 25% (less rework)