How do you work within small, agile teams when requirements are changing and security constraints are strict?