Software Testing

From Secure Group Wiki
Jump to navigation Jump to search

To ensure the quality of software development and deployment, we have a very qualified team of Manual Software Testers. They are involved in performing manual tests to guarantee that the software created by our Development team is fit for our partner's needs. Some of their duties include analysis of software and systems, risk mitigation, bug reporting and prevention of software issues.

As a Manual Software Tester in Secure Group, you will have the opportunity to develop hard skills and soft skills and progress in our Career Journey as:

Level 1: Software Tester
Level 2: Senior Software Tester
Level 3: Quality Assurance Engineer
Level 4: Senior Quality Assurance Engineer

  • Considering our current business situation, we understand that in terms of technical matters a Manual Software Testing can be continuously developing until Level 4. After that, he/she needs to change Framework and choose another specialty to continue his/her career

Introduction

In order to achieve the best of their performance, we will introduce the list of requirements and concepts our Manual Software Testers should focus on to succeed in our business, as well as their remuneration.
In order to progress in our Career Journey, they need to:

- General Knowledge a list of indispensable softwares, tools, platforms and more, for Secure Group, that they need to know (it can be a little bit out of the scope of their position).
- Specific Knowledge: a list of concepts, tools, software and etc, that are indispensable for them to develop under the scope of their position.
- Secure Group Knowledge: a list of products, company profile and features that they need to know in order to succeed in Secure Group.
- Basic IT Concepts: a list of essential concepts that we consider to be basic for our Frameworks and that we expect employees to master.

Observation: if there's any requirement that is repeated in the following tables but with different grades, the higher requested proficiency will prevail in the Performance Evaluation.

General Knowledge

To be able to reach Level 3 in our Career Journey there is some General knowledge regarding a variety of subjects that we request from our Software Testers. This means that considering the KAI grades of proficiency, they will need to score from 4 to 6 in the following items:

General Knowledge
Concepts Scrum
Frameworks Scrum
Softwares/Tools/ Platforms - Usage Atlassian Bamboo
Atlassian Confluence
Atlassian Jira
Atlassian Jira SynapseRT
BambooHR
Libib
OpenSTF
Small Improvements
Thycotic Passwordbox
Languages (Idioms) Advanced English

Specific Knowledge

To be able to reach Level 3 in our Career Journey there is some technical knowledge we request from our Software Testing team members. This means that considering the KAI grades of proficiency, they will need to score from 4 to 6 in the following items:

Specific Knowledge
Concepts Agile
Application Lifecycle
Balanced Scorecard
Defect life cycle
Defect Report
Defect Track
Stress and Robustness testing
Test Effort estimation
Softwares/Tools/Platforms - Usage Countly
Instabug
SQuirrel SQL client

Secure Group Knowledge

To be able to reach Level 3 in our Career Journey there is some specific knowledge from our company that we request from our Manual Software Testers. This means that considering the KAI grades, they will need to score a minimum proficiency considering Secure Group Knowledge in a Documentation level in the following perspectives:

Secure Group Knowledge What's Expected Impact Product Minimum Grade
User Documentation Good, user-level knowledge regarding the product and its functionalities. From the user documentation, all employees across the company are required to be well aware of our solutions’ core features and functions such as the Password Advisor or how to send an automatic crash report. This knowledge helps us facilitate a user-centric approach internally, which we believe is essential to develop our business and solutions. The user documentation helps team members understand user behavior and needs more thoroughly and feel the impact of their everyday efforts. Secure OS 4
SAS 4
Secure Chat 4
Secure Email 4
Secure Vault 4
Secure Manager 4
Sales Documentation Employees should gain significant knowledge regarding the business side of Secure Group. They need to be aware of commonly used concepts in our day-to-day activities such as our business and distribution model, value proposition, selling prices, key selling points, and target audience. The information in the Sales Documentation supports employees in their daily routine. It conveys the overall business vision within the company. This documentation contributes to making employees aware of how our solutions are distributed, who are our key partners and target market to know exactly the people towards whom team members’ efforts should be aimed. Alignment on company-wide priorities is also achieved through clear communication of our value proposition and key selling points, helping everyone understand the things that matter most. Secure OS 3
SAS 3
Secure Chat 3
Secure Email 3
Secure Vault 3
Secure Manager 3
Support Documentation People within the company need to be aware of commonly occurring problems with our solutions. From the Support Documentation, employees should also extract general level knowledge regarding support processes, the issues that we’re currently having product-wise, and the approach to troubleshooting them. o The Support Documentation helps employees understand short-term priorities more clearly and communicate more openly why they’re needed. It also gives them general knowledge of how to spot and report a problem, which helps us facilitate a company-wide contribution to product development. Last but by no means least, it helps team members understand customers pains and behavioral patterns to strengthen our user-centric approach. Secure OS 3
SAS 3
Secure Chat 3
Secure Email 3
Secure Vault 3
Secure Manager 3
Functional Documentation Through the Functional Documentation, employees should get a thorough understanding of the solutions and their multiple features. People that work closely with the products must understand exactly how they function, how users interact with them, how to configure different settings, and what’s the expected behavior of different software solutions. o The information in the Functional Documentation helps employees whose work is closely connected with our solutions, to gain significant in-depth knowledge into their functionalities that far exceeds users‘ understanding. Such thorough product expertise helps us remain objective, evaluate market data more adequately, and constantly increase our internal expertise. Secure OS 4
SAS 4
Secure Chat 4
Secure Email 4
Secure Vault 4
Secure Manager 4
Technical Documentation Employees concerned with the Technical Documentation and more concretely - software development, must gain complete mastery over all solutions. Such people are regarded as technical experts and need to be well aware of data structures, relational databases, algorithms, programming languages, models, etc. The Technical Documentation is used to make sure people that are technically involved in product development have the required knowledge to perform their day-to-day tasks, optimize our solutions more easily, and support other teams with their in-depth expertise. Secure OS 4
SAS 4
Secure Chat 4
Secure Email 4
Secure Vault 4
Secure Manager 4

Basic IT Concepts

To be able to reach Level 3 in our Career Journey there are some IT concepts that we request our Software Testing team to master. This means that considering the KAI grades of proficiency, they will need to score from 4 to 6 in the following items:

Basic IT Concepts
Category Concepts Description
System Administration Linux server set up
  • How to install a Linux server/workstation distribution
  • How to prepare a coding environment on a workstation
Remote servers with SSH connection
  • How to set up SSH
  • How to connect to a server
  • How to use a key to connect to SSH
Users management
  • How to create, remove and modify users on a Unix system
  • How groups work
File permissions
  • How to grant/remove different levels of access to different parts of the file system with chmod and chown.
  • How to read files permission
Init systems
  • How to configure Init system to start/stop processes at specified run levels
  • How to start and stop services
Firewall configuration
  • Understand the need for a firewall
  • How to limit inbound network traffic to specific ports
Basic monitoring
  • Understand the free memory, disk usage, load average and other metrics for server performance
Package manager
  • How to install software packages and how to update them
Web Server
  • How to set up a static web server
  • How to Set up a LAMP server
Static file deployment
  • Understand some automated method of updating: using rsync to keep the files up to date or similar
Basic Docker management & administration
  • What is Docker engine and what is a docker controller
  • How to set up a basic docker environment on a workstation
  • How to create, RUN, Pause, Unpause, Start, Stop Restart, Kill container
Active Directory
  • What are the major features in Active Directory Domain Services (trees, trust, forest)
  • How to create a user, add a mailbox, etc
  • How to create a Group policy and how to enforce it
  • How to troubleshoot and configure Windows 2008 R2 - 2012 R2
  • How to use the administration tools (Active Directory, DNS etc)
Storage
  • What is NFS, ISCSI, Samba
  • How to share folders in windows
  • What is a Security Descriptor
  • What is Access Control List (ACL)
  • What is a parent directory and a child directory
Email Server
  • What's the difference between a transaction e-mail and an email API
  • What's the relation between Simple Mail Transfer Protocol (SMTP), Mail Transfer Agent (MTA), Domain Name System (DNS), Mail Exchanger (MX), Post Office Protocol (POP), Internet Message Access Protocol (IMAP)
  • What are the SPAM rules and how to use SPAM engines
PKI
  • What's a PGP universal server
  • What is a Certificate and a Certificate Authority
  • What's the difference between a Public Key and a Private Key and what are they used for
  • How to configure a web server certificate with SSL (port443)
  • How digital signatures work and how it's related to the authentication
  • What's SSL, TLS, PGP, OTR, OMEMO
Reading logs
  • What are the basic network events: Intrusion detection, packet blocked or allowed, access log
  • How to read the MSexchange tracking log and understand an event
  • How to read the PGP server log and understand an event
  • How to read, request and identify the problem in the Web Server or API server log
Virtualization
  • What is VMware Server/Desktop application and how it works
  • How to replicate VMs
  • How to restart VMs
XMPP
  • What's the XMPP protocol and how to use it
  • What are the main extensions
SIP Protocol
  • What is the SIP protocol and how to use it
  • How to differentiate media from signaling
System Administration - Day to Day Ops
Day to Day Ops
  • How to set up a network printer and put it in the correct driver into a print server
  • How to set up a working station and advanced drivers configuration
  • How to set up a network printer and put it and the correct driver into a print server
Commands
  • What are the universal keyboard commands for operating systems
  • What is a command line
  • What are the most common CMD commands and what are they used for (Ipconfig, Ping, Dir, Nslookup, Tracert)
  • What are the most common PowerShell commands and what are they used for
Hardware
  • Understand Advanced hardware: terminology, troubleshoot and the relation between them
Root cause analysis
  • What is cause and effect and how they are related
  • What is an event in a system log
  • How to navigate an event using a timestamp
Android Development Android Studio
  • How to create a project and how to connect a device
  • How to execute real-time debugging
Adb command
  • How to perform basic adb to capture log
  • How to load an OS via adb
  • What are the most basic adb command and how to use them: devices, push, pull, reboot, reboot-bootloader, reboot recovery, fastboot devices, fastboot unlock, install
  • How to execute USB debugging
Android SDK
  • What are layouts and views and what's the relation between them
  • What are activities and their life cycle
SQL
  • What is SQL and what it does
  • How to write a simple SQL query
Android OS architecture
  • What are the basic components of an Android Phone:
  • Android Runtime – ART Linux Kernel, Libraries, Application Framework, Applications
AndroidOS or Android App log
  • How to identify actions in an app that can cause a log entry
Networking concepts Network concepts
  • What's the OSI model and how to use it
  • What is DHCP
  • What is DNS and the type of records as well as how to edit and check them
  • What are the differences and relations between Internal DNS and External DNS
  • What is a VLAN (from a VERY high level)
  • What is TCP and IP
  • What are the differences between UDP and TCP and when to use each one of them
Basic firewall concept
  • What are the NAT rules
  • What is Port forwarding used for
  • How to set up port forwarding
Basic Traffic Sniffing
  • How to set up Wireshark on a workstation and connect to a device
  • How to use a proxy to intercept traffic
Basic Networking Command
  • What are the most common CMD commands and what are they used for (Ipconfig, Ping, Dir, Nslookup, Tracert)
  • How to use web tools: mxtools, visual trace route, dnstools, etc…
Programming HTML/CSS
  • How to write or modify a very simple web page and basic HTML tag
RestAPI, JSON
  • How to post to an API request
  • How to understand the result using a tool
Basic arithmetic functions
  • How to work on complex Excel or to use VBA formula
  • How to apply general basic arithmetic in any programming language
Variable
  • What is a variable and how to use it
  • What is math, string, array and boolean and how to use them
String manipulation
  • Understand how to concatenate, trim, manipulate strings in any programming language
Looping - flow control
  • Understand basic IF, THEN, ELSE clause in any programming language
  • Understand how to build a looping array in any programming language
SDLC
  • What is the Software Development Life Cycle concept
  • What are the phases of the SDLC
  • What are software development models
Version Control
  • What's version control and where it's used
  • How to identify and administrate revisions
Conditionals
  • How to apply BASIC boolean algebra
  • What are Logical operator (And/Or) and how to use them

Salary Grid

Manual Software Testing Step
Level
Individual Contributor Path Management Path 1 2 3 4
1: Software Tester - 1.000 lv 1.150 lv 1.300 lv 1.450 lv
2: Sr. Software Tester - 2.000 lv 2.150 lv 2.300 lv 2.450 lv
3: Quality Assurance Engineer Manager 3.000 lv 3.150 lv 3.300 lv 3.450 lv
4: Sr. Quality Assurance Engineer Sr. Manager 4.000 lv 4.150 lv 4.300 lv 4.450 lv