While 'security is not a team', you'll find that most companies growing just beyond 60-80 people start employing a group of people focusing primarily on the topic. But the culture of secure engineering in a company does not only strongly correlate with when you start building a security team - it becomes (and grows as) a matter of how they connect with the rest of your organization, and make security, adversarial thinking, and the care for user safety and privacy part of everyone's concern. In this talk, we will review what the purposes of a security team can be, which challenges you'll face, how you can make it scale beyond the team's boundaries; as well as proven good practices of running (fairly operational) engineering teams themselves. Whether your organization already has a security team or is currently distributing security demands across areas, you'll be able to take away how to build (out) a dedicated security team and make your engineers (and, spoiler alert, other teams!) happy, healthy, and sustainable for the years to come.