The AI Tech Lead Path

1. What is the single hardest aspect of a cross-team / cross-BU AI Tech Lead role?

• · Writing the most code on every team
• ✓ Leading people who don't report to you (influence without authority)
• · Knowing every model's benchmark scores
• · Owning the cloud budget

Why: “Cross” means no direct authority — influence, standardization and enablement matter more than raw technical output.

2. Select the four “hats” of the role.

• ✓ Technical authority
• ✓ Platform / enablement
• ✓ Change agent / influencer
• · Sole code owner
• ✓ Strategist / translator

Why: Technical authority, platform/enablement, change agent, and strategist/translator — not sole code owner.

3. What is your existing AI-SDLC experience best understood as?

• · Proof you should do all the building yourself
• ✓ Credibility that earns you the right to influence others
• · A reason to stop coding entirely
• · Irrelevant to leadership

Why: It's the credibility base — but the role is multiplying others, not doing it all yourself.

1. Why draft the role charter yourself rather than wait for one?

• · Because no one else can write
• ✓ Because a fuzzy new role gets judged against private assumptions — and leading its definition proves you fit it
• · To avoid talking to your sponsor
• · Because charters are legally required

Why: Define the role or be defined by others' assumptions; drafting it is itself the first demonstration of fit.

2. Select what you should lock in writing with your sponsor.

• ✓ Mandate & scope
• ✓ Success metrics
• ✓ Visible exec backing & protected time
• · A promise to never code again

Why: Mandate, metrics, backing and protected time — keep ~20–30% build time, don't give up coding.

3. Why does explicit exec backing matter so much for this role?

• · It lets you skip governance
• ✓ Air cover makes influence-without-authority work far better across BUs
• · It increases your salary automatically
• · It removes the need for champions

Why: Loud sponsorship is what makes cross-BU leaders take the collaboration seriously.

1. What usually gives the biggest quality improvement?

• · More persuasive adjectives in the prompt
• ✓ Putting the right information, examples and tools into the context
• · A longer system prompt
• · Raising the temperature

Why: Context engineering — the right inputs — beats clever wording almost every time.

2. Why place key instructions at the start AND end of a long prompt?

• · It looks tidy
• ✓ Models can lose information in the middle of long context ('lost in the middle')
• · It doubles the token budget
• · It disables caching

Why: Long-context attention degrades in the middle; bookend the critical instructions.

3. You'll parse the model's answer in code. What should you do?

• · Ask for prose and regex it
• ✓ Request structured output / tool calling with a defined schema
• · Hope the format is consistent
• · Lower max tokens

Why: Define an output contract (JSON/tool calls) so downstream code is reliable.

4. Before changing a production prompt, you should…

• · Ship it and watch for complaints
• ✓ Run it against an eval set to catch regressions
• · Ask one colleague if it 'feels better'
• · Add more examples blindly

Why: Prompts are code — gate changes with evals to avoid silent regressions.

1. A RAG system gives a confidently wrong answer. Where do you look FIRST?

• · The model weights
• ✓ The retrieval step (what context was fetched)
• · The temperature
• · The output parser

Why: RAG quality is bounded by retrieval — inspect what chunks were actually retrieved.

2. Why add keyword (BM25) search alongside vector search?

• · It's cheaper only
• ✓ Hybrid search catches exact terms (codes, names) that embeddings miss
• · It removes the need for a database
• · It eliminates chunking

Why: Hybrid + re-ranking outperforms pure vector for most enterprise corpora.

3. Select good practices for RAG at a regulated insurer.

• ✓ Enforce access control at retrieval time
• · Index everything regardless of permissions
• ✓ Add citations so answers are auditable
• ✓ Mind where the vector store lives (data residency)

Why: Permission-aware retrieval, citations and data residency matter; never index beyond a user's access.

1. What is the agent loop?

• · Train → deploy → monitor
• ✓ Plan → act (tool) → observe → repeat
• · Chunk → embed → retrieve
• · Prompt → cache → return

Why: Agents plan, call tools, observe results, and iterate until the task is done.

2. When should you prefer a fixed workflow over a free-roaming agent?

• · Never — agents are always better
• ✓ When the steps are predictable; it's cheaper, testable and safer
• · Only when offline
• · When you have no tools

Why: Default to the simplest thing; use agents only when the path is genuinely dynamic.

3. Select essential guardrails for agents.

• ✓ Tightly scoped tools / allow-lists
• ✓ Step, time and cost limits
• ✓ Treat tool outputs as untrusted (injection)
• · Unlimited autonomy for speed

Why: Bound scope, resources and trust; unlimited autonomy invites runaway loops and injection.

1. What's the best STARTING point for building evals?

• · Generic public benchmarks
• ✓ Error analysis on real outputs to find your actual failure modes
• · A vendor's leaderboard
• · Maximizing the eval set size first

Why: Start from real failures; let them define metrics. Generic benchmarks rarely reflect your task.

2. Why put a golden eval set in CI?

• · To slow down deploys
• ✓ So a prompt/model change that regresses quality fails the build automatically
• · To replace code review
• · To increase token spend

Why: CI evals catch silent regressions — the core of eval-driven development.

3. A key pitfall of LLM-as-judge is…

• · It's always too strict
• ✓ Bias/inconsistency — it must be calibrated against human labels
• · It can't be automated
• · It only works for code

Why: Judges scale but drift; calibrate them and prefer pairwise comparisons for subtle quality.

4. Why does owning evals give you authority as a lead?

• · Evals are flashy in demos
• ✓ Quality is your currency; proving/defending it is something most teams can't do
• · It avoids ever coding
• · It replaces governance

Why: Whoever can measure and defend quality sets the bar — that's leadership leverage.

1. Why call modern AI features 'compound AI systems'?

• · They use multiple GPUs
• ✓ Value and bugs live in the system around the model (retrieval, tools, guardrails), not the model alone
• · They compound interest
• · They require multiple models always

Why: The orchestration, retrieval and guardrails are where most engineering (and risk) lives.

2. How should the architecture handle a model/API being slow or down?

• · Crash and alert only
• ✓ Timeouts + retries + a fallback (cheaper model / cache / graceful 'I don't know')
• · Increase max tokens
• · Disable logging

Why: Design for non-determinism and failure with graceful degradation.

3. Why put the model provider behind an interface?

• · To make it slower
• ✓ Swappability — avoid vendor lock-in and enable model right-sizing
• · To bypass the gateway
• · It's required by GDPR

Why: Keeping providers/retrieval swappable protects against lock-in and lets you change models.

1. What makes an AI gateway the highest-leverage platform investment?

• · It speeds up the model
• ✓ One governed path gives consistent logging, cost control, safety & residency for every team
• · It removes the need for prompts
• · It trains custom models

Why: A single governed entry point is how you standardize and de-risk AI across teams.

2. Why version prompts and models?

• · Cosmetic tidiness
• ✓ So you can compare, deploy deliberately and roll back when something regresses
• · To increase latency
• · GDPR requires semantic versioning

Why: Treat prompts/models like deployable artifacts with rollback.

3. How do ops and evals relate?

• · They're unrelated
• ✓ Production signals feed eval sets, which gate the next change — one closed loop
• · Evals replace monitoring
• · Ops replaces evals

Why: Production feedback → evals → CI gate → safer change. Two halves of one system.

1. What is indirect prompt injection?

• · A typo in the system prompt
• ✓ Malicious instructions hidden in retrieved docs or tool outputs that hijack the model
• · A slow API call
• · Too many tokens

Why: Untrusted content the model reads (RAG, tool output) can carry injected instructions.

2. Why is 'excessive agency' a security risk?

• · Agents are too slow
• ✓ The more actions/permissions an agent has, the larger the blast radius if it's manipulated
• · It increases token cost only
• · It breaks caching

Why: Over-permissioned tools mean a hijacked agent can do real damage — scope tightly.

3. Select sound AI-security practices.

• ✓ Keep PII/secrets out of prompts and logs
• ✓ Treat model output as untrusted before executing it
• ✓ Red-team your own system and standardize fixes
• · Give agents broad permissions for convenience

Why: Least privilege, untrusted-output handling and proactive red-teaming; never broaden agency for convenience.

1. What's the disciplined approach to model selection?

• · Always use the most powerful model
• ✓ Use the smallest model that passes your evals; escalate only the hard steps
• · Pick by brand
• · Whatever is newest

Why: Right-size against evals and cascade — frontier only where needed.

2. Which metric best supports an ROI conversation with execs?

• · Total tokens used
• ✓ Cost per unit of value (per ticket / PR / case)
• · Number of prompts written
• · Model parameter count

Why: Unit economics (cost per outcome) is what ROI cases are built on.

3. Select legitimate ways to cut cost without hurting quality.

• ✓ Prompt caching of stable prefixes
• ✓ Retrieval instead of stuffing huge context
• ✓ Bounding output length
• · Removing all evals

Why: Caching, retrieval and output limits cut cost; never remove your evals.

1. What is the #1 soft skill for a cross-team AI Tech Lead?

• · Public speaking
• ✓ Influence without authority
• · Writing documentation
• · Time management

Why: You change how teams work without managing them — influence is the core lever.

2. When communicating with executives and risk officers, the best format is…

• · A long technical deep-dive with code
• ✓ A one-page, decision-oriented summary with options and tradeoffs
• · A live coding demo
• · A Slack thread of links

Why: Execs need decisions framed with risk and options, not implementation detail.

3. What's the right move with a vocal AI skeptic?

• · Ignore them and route around
• · Overrule them with authority
• ✓ Enroll them as a reviewer / red-teamer so they become an owner
• · Escalate to their manager

Why: Skeptics ignored become blockers; skeptics enrolled become advocates.

4. “Evangelism with substance” means…

• · Hyping AI in every meeting
• ✓ Always attaching a number and a way to verify quality to your demos
• · Only presenting to executives
• · Avoiding demos entirely

Why: Demos backed by real evals build durable trust; hype gets found out.

1. An exec asks about an AI initiative. Best format?

• · A 20-slide technical deep dive
• ✓ One page: recommendation, options, trade-offs, with the bottom line up front
• · A live debugging session
• · A link to the repo

Why: Execs want a decision framed with options and trade-offs, conclusion first.

2. Why are written artifacts so valuable for this role?

• · They look professional
• ✓ A crisp one-pager scales you — it reaches rooms and people you're not in
• · They replace meetings entirely
• · They avoid accountability

Why: Good writing is leverage; it carries your thinking across the org without you present.

3. What does 'manage up with no surprises' mean?

• · Only share good news
• ✓ Give regular short updates and surface risks early, never bury them
• · Escalate everything
• · Wait for quarterly reviews

Why: Sponsors trust leads who flag risks early and keep them informed.

1. What's the strongest sign your enablement is working?

• · You write the most AI code
• ✓ Teams ship AI features without you in the room
• · You attend every standup
• · You own the biggest budget

Why: Independence is the goal — capability multiplied through others.

2. What's the main purpose of the guild / community of practice?

• · A status meeting
• ✓ A cross-BU forum to share patterns, demos and decisions — your scaling lever
• · A place to assign tickets
• · A replacement for governance

Why: The guild spreads knowledge across teams and BUs without you being everywhere.

3. Which enablement is most likely to actually be used?

• · A 40-hour course
• ✓ Short docs, office hours, templates and runnable examples
• · A one-time all-hands
• · A long PDF

Why: Small, practical, on-demand enablement beats long courses people don't finish.

1. What's the core operating principle of the model?

• · Centralize everything in one team
• · Decentralize standards, centralize building
• ✓ Centralize the standards & platform, decentralize the building
• · Let every team do whatever they want

Why: Hub owns standards + paved road; spokes (champions) do the building.

2. What role do “AI champions” play?

• · They approve every PR centrally
• ✓ They are embedded, upskilled engineers who multiply your reach inside teams
• · They replace the governance process
• · They manage the cloud budget

Why: Champions are spokes — they let you scale across BUs without being in every room.

3. Why prefer a “paved road” over policing?

• · Policing is illegal
• ✓ People follow easy defaults far more reliably than policy documents
• · Paved roads need no maintenance
• · It avoids ever talking to security

Why: Make the compliant, high-quality path the easiest path and adoption follows.

1. What's the default way to build AI capability in an org?

• · Hire all new specialists
• ✓ Upskill strong existing engineers, hiring only for specific gaps
• · Outsource everything
• · Wait for the model to improve

Why: Most capability is grown internally; hire selectively for depth you lack.

2. Which is the best signal in an AI engineer?

• · Memorizes model benchmark numbers
• ✓ Frames problems and measures them with evals; knows when NOT to use AI
• · Writes the longest prompts
• · Prefers the newest model always

Why: Measurement instinct and judgment beat trivia and tool-chasing.

3. Why plan succession and spread knowledge early?

• · To reduce your importance
• ✓ So the program is resilient and survives turnover — avoid single points of failure
• · It's an HR rule
• · To slow hiring

Why: A bench and a second hub person keep the program alive beyond any one person.

1. What three axes should you score AI use cases on?

• · Hype × novelty × budget
• ✓ Value × feasibility × risk
• · Model size × latency × cost
• · Team size × deadline × scope

Why: Value, feasibility and risk together tell you what's worth building.

2. Where should you usually start, especially at an insurer?

• · High-stakes fully-automated decisions
• ✓ High-volume tasks where errors are cheap and a human stays in the loop
• · The most technically impressive idea
• · Whatever a vendor is selling

Why: Assist-the-human, low-stakes, high-volume tasks capture value at low risk first.

3. Why is saying 'no' well part of the job?

• · To seem tough
• ✓ A criteria-based no protects credibility and capacity for the bets that matter
• · To avoid building anything
• · To slow other teams down

Why: Disciplined prioritization (and visible reasons) is how you create real impact.

1. Why is governance described as a “superpower” specifically at an insurer?

• · Because regulation is optional there
• ✓ Because the constraint is safe operation under regulation, and few people speak both AI and risk
• · Because insurers don't use AI
• · Because it removes the need for evals

Why: The bottleneck is running AI safely under regulation; bridging AI + risk makes you indispensable across BUs.

2. What's the smartest way to make AI governance credible to risk officers quickly?

• · Invent a brand-new framework from scratch
• ✓ Frame it as an extension of the existing model-risk governance they already trust
• · Avoid risk officers until launch
• · Copy a startup's playbook verbatim

Why: Insurers already validate actuarial models — extend that trusted framework rather than replacing it.

3. Select regulations/standards directly relevant to AI at an EU insurer.

• ✓ EU AI Act
• ✓ DORA
• ✓ GDPR
• ✓ NIST AI RMF / ISO 42001

Why: All four matter: EU AI Act (risk tiers), DORA (ICT/vendor resilience), GDPR (data), NIST/ISO (frameworks).

4. What single artifact puts you at the center of every BU's AI workflow?

• · A model leaderboard
• ✓ An AI use-case intake & risk-triage template
• · A prompt cheat sheet
• · A cost dashboard

Why: Intake/triage routes every proposal through you and saves every BU pain.

1. What is a 'proxy' in the fairness context?

• · A caching server
• ✓ A feature that stands in for a protected attribute (e.g. postcode encoding ethnicity)
• · A fallback model
• · A type of embedding

Why: Proxies let bias sneak in even without using a protected attribute directly.

2. Why can't you simply 'satisfy fairness' with one metric?

• · Fairness can't be measured
• ✓ There are multiple, mathematically conflicting definitions — the choice is contextual
• · Regulators forbid metrics
• · It's purely subjective

Why: Different fairness definitions conflict; you choose contextually and document the trade-off.

3. Why is this chapter especially load-bearing at an insurer?

• · Insurers don't use models
• ✓ Pricing/underwriting can be high-risk and regulated; biased models cause real harm and legal exposure
• · It only affects marketing
• · Fairness is optional there

Why: Consequential, regulated decisions make fairness, explanation and recourse essential.

1. Which is a vanity metric to avoid leaning on?

• · Cycle time
• ✓ Lines of AI-generated code
• · Change-fail rate
• · Eval scores over time

Why: Lines of generated code says nothing about value; measure outcomes instead.

2. What's the clearest signal that YOU are succeeding as the lead?

• · You personally write more AI code each quarter
• ✓ Teams ship AI features without you in the room; active champions grow
• · You attend more meetings
• · You own a bigger cloud budget

Why: Your success is other people's capability — independence and a growing champion network.

3. Why prefer conservative, honest numbers to optimistic ones?

• · They're easier to compute
• ✓ They build the trust the role depends on; vanity numbers destroy it
• · Regulators require pessimism
• · They make the AI look worse

Why: Trust is your currency across BUs; honest metrics protect it.

1. What should you do in your FIRST 30 days?

• · Mandate a new platform org-wide
• ✓ Listen & map (don't propose yet), then land one low-risk quick win
• · Rewrite every team's codebase
• · Hire a large team

Why: Listen first, build trust, prove value with a quick win before proposing big changes.

2. What's the right order of the phases?

• · Scale → listen → quick win → governance
• ✓ Listen/quick win → build paved road → scale via champions → strategic
• · Governance → scale → listen → build
• · Build everything first, then listen

Why: Listen & quick win → paved road → scale → strategic. Never jump straight to scaling.

3. What should happen BEFORE the role officially starts (Phase 0)?

• ✓ Lock a written mandate and start key relationships
• · Announce a company-wide AI policy
• · Fire the skeptics
• · Nothing — wait for day one

Why: Shape the mandate and seed relationships early so you start from strength.

1. What is described as the #1 failure mode?

• · Spending too little on cloud
• ✓ Becoming the bottleneck
• · Reading too many books
• · Hiring champions

Why: If every AI feature needs you, you've failed — multiply through champions and paved roads.

2. What happens if you become the “AI police” who only says no?

• · Teams comply perfectly
• ✓ Teams route around you with shadow AI
• · Governance improves automatically
• · Adoption accelerates

Why: Only saying no drives shadow AI; be the easy, compliant yes path instead.

3. Select genuine failure modes from the list.

• ✓ Hype without substance (no evals)
• ✓ Ignoring governance until it bites
• · Pairing every concept with building
• ✓ Selling with vanity metrics

Why: Pairing concepts with building is good practice — the others are traps.

1. Which is the “keystone” artifact?

• · A prompt cheat sheet
• ✓ A reusable, CI-integrated eval harness
• · A slide deck
• · A Slack channel

Why: The eval harness is the keystone — it underpins quality and your authority.

2. What's the right primary cadence for the cross-BU community of practice (guild)?

• · Daily
• ✓ Biweekly
• · Once a year
• · Never — async only

Why: A biweekly guild is the main scaling lever for sharing patterns and decisions.

3. Why build reusable artifacts at all?

• · To look busy
• ✓ Each one scales you so you don't have to be everywhere
• · To replace champions
• · To avoid writing documentation

Why: Artifacts are leverage — they let teams move without you in the room.

1. What makes this harness valuable beyond your own feature?

• · It's written in a trendy language
• ✓ It's reusable — other teams adopt it, spreading measurable quality
• · It deletes old prompts
• · It hides costs

Why: A reusable harness becomes the org standard — leverage, not a one-off.

2. What should the checks be grounded in?

• · Public leaderboards
• ✓ Error analysis of real outputs
• · The vendor's marketing
• · Random sampling of the internet

Why: Real failure modes define the checks that matter for your task.

1. Why enforce access control at RETRIEVAL time?

• · To speed up embeddings
• ✓ So users can never be shown content they aren't permitted to see
• · To reduce token cost
• · It's optional decoration

Why: Permission-aware retrieval prevents leaking data through the answer.

2. What should the feature do when retrieval is weak?

• · Guess confidently
• ✓ Gracefully say 'I don't know' rather than hallucinate
• · Return raw chunks
• · Switch to a bigger model silently

Why: Graceful refusal beats confident hallucination, especially in a regulated setting.

1. Beyond the user input box, where must you test for prompt injection?

• · Nowhere else
• ✓ In retrieved content and tool outputs (indirect injection)
• · Only in the system prompt
• · Only in the model weights

Why: Indirect injection rides in on documents and tool results the model reads.

2. What turns a red-team into lasting value?

• · A one-time scary demo
• ✓ Converting findings into guardrails, eval checks and a reusable checklist
• · Keeping results secret
• · Blaming the model vendor

Why: Standardized, re-tested fixes — not theatre — are the deliverable.

1. Why draft the charter yourself instead of waiting for one?

• · To avoid your sponsor
• ✓ A fuzzy new role gets judged on private assumptions; defining it proves you fit it
• · Charters are legally required
• · To delay starting

Why: Define the role or be defined by others' assumptions — and leading that is itself the proof.

2. What's the right 90-day sequence?

• · Scale first, then listen
• ✓ Listen & quick win → paved road → scale via champions
• · Governance only
• · Hire a big team immediately

Why: Earn trust with a quick win, build the paved road, then scale through champions.

3. Why baseline metrics on day one?

• · Busywork
• ✓ So you can show before/after deltas and defend the role's impact later
• · Regulators require it
• · To slow the rollout

Why: Without a baseline you can't prove the impact you create.

1. What's the recommended way to actually consume these resources?

• · Read everything before doing anything
• ✓ Pick ~1 book/month and pair every concept with building an artifact
• · Only watch videos
• · Memorize benchmark scores

Why: You learn the role by building; reading alone doesn't transfer.

2. Which book is recommended FIRST for technical leadership without management authority?

• · Designing Data-Intensive Applications
• ✓ The Staff Engineer's Path (Reilly)
• · AI Engineering
• · Switch

Why: Reilly's book is the canonical starting point for staff-level, influence-based leadership.