Web Development

From Secure Group Wiki
Jump to navigation Jump to search

The job of Web Developers is to plan, build, test and maintain internet sites and applications. Some relevant part of their work is customer-oriented: either when designing new applications or when suggesting improvements in existent projects. This work-relationship can be very delicate and requires a broad view of the market, business management processes, marketing, and other necessary skills.

A developer needs to master several technologies and in different layers. Let's take a brief look at some of them:

In the presentation layer, we have HTML, CSS, and Javascript as required technologies. They should also be familiar with other optional technologies such as Actionscripting (Flash), Silverlight, among others. Knowing HTML and CSS is the minimum possible hard skill to have in order to start being effectively productive in Secure Group.

In the business rule layer, the PHP language and ASP.NET technology are the starting points. There are, however, several technologies such as JSP, ColdFusion, Ruby on Rails, CGI, among others that can be very useful as well. Of course, to master any of these languages ​​it's required knowledge of programming logic in order to minimize time and effort and maximize results.

In the data layer, knowledge of the SQL language and some of the most commonly used databases on the web, such as MySQL and SQL Server, is indispensable.

As a Web Developer in Secure Group, you will have the opportunity to develop hard skills and soft skills and progress in our Career Journey as:

Level 1: Web Developer
Level 2: Sr. Web Developer
Level 3: Software Engineer
Level 4: Senior Software Engineer
Level 5: System Architect
Level 6: Senior System Architect

Introduction

In order to achieve the best of their performance, we will introduce the list of requirements and concepts our Web Developers should focus on to succeed in our business, as well as their remuneration.
In order to progress in our Career Journey, they need to:

- General Knowledge a list of indispensable softwares, tools, platforms and more, for Secure Group, that they need to know (it can be a little bit out of the scope of their position).
- Specific Knowledge: a list of concepts, tools, software and etc, that are indispensable for them to develop under the scope of their position.
- Secure Group Knowledge: a list of products, company profile and features that they need to know in order to succeed in Secure Group.
- Basic IT Concepts: a list of essential concepts that we consider to be basic for our Frameworks and that we expect employees to master.

Observation: if there's any requirement that is repeated in the following tables but with different grades, the higher requested proficiency will prevail in the Performance Evaluation.

General Knowledge

To be able to reach Level 3 in our Career Journey there is some General knowledge regarding a variety of subjects that we request from our Web Developers. This means that considering the KAI grades of proficiency, they will need to score from 4 to 6 in the following items:

General Knowledge
Concepts Balanced Scorecard
Scrum
Frameworks Scrum
Languages Perl
Softwares/Tools/Platforms - Usage Atlassian Bamboo
Atlassian Bitbucket
Atlassian Confluence
Atlassian Jira
BambooHR
Combain
Countly
Crowdin
Docker Harbor
Docker Swarm
Elastic Kibana
Elastic Logstash
Jetbrains PhpStorm
Kamailio
Kubernetes
Libib
MS Exchange
OpenSTF
Small Improvements
Thycotic Passwordbox
Unwired Labs
Softwares/Tools/Platforms - Configuration Atlassian Bitbucket
Countly
Docker Engine/Container
Docker Harbor
Docker Swarm
Elasticsearch
Elastic Kibana
Elastic Logstash
Kamailio
Kubernetes
Softwares/Tools/Platforms - Server Administration Elasticsearch
Kubernetes
Languages (Idioms) Advanced English

Specific Knowledge

To be able to reach Level 3 in our Career Journey there is some technical knowledge we request from our Web Developers. This means that, considering the KAI grades of proficiency,they will need to score from 4 to 6 in the following items:

Specific Knowledge
Concepts Design Patterns
Version Control via Git
Highload projects
IDE
OOP
CMS
REST
Web Performance Experience
Web Security
Frameworks Bootstrap
PHPUnit
Selenium
Symfony
Vue.js
Yii
Languages Bash Script
CasperJS
CSS
HTML
JavaScript
JSON
Less
PHP
Python
SASS
SCSS
SQL
XML
Libraries Ajax
Faker
Guzzle
JQuery
React.js
Twig
Protocols Oauth2
JWT
Softwares/Tools/Platforms - Usage Docker Compose
MySQL
NGINX
Softwares/Tools/Platforms - Configuration Apache Tomcat
Microsoft Azure
MySQL
NGINX
Softwares/Tools/Platforms - Server Administration MySQL
NGINX

Secure Group Knowledge

To be able to reach Level 3 in our Career Journey there is some specific knowledge from our company that we request from our Web Developers. This means that considering the KAI grades, they will need to score a minimum proficiency considering Secure Group Knowledge in a Documentation level in the following perspectives:

Secure Group Knowledge What's Expected Impact Product Minimum Grade
User Documentation Good, user-level knowledge regarding the product and its functionalities. From the user documentation, all employees across the company are required to be well aware of our solutions’ core features and functions such as the Password Advisor or how to send an automatic crash report. This knowledge helps us facilitate a user-centric approach internally, which we believe is essential to develop our business and solutions. The user documentation helps team members understand user behavior and needs more thoroughly and feel the impact of their everyday efforts. Secure OS 4
SAS 4
Secure Chat 4
Secure Email 4
Secure Vault 4
Secure Manager 4
Sales Documentation Employees should gain significant knowledge regarding the business side of Secure Group. They need to be aware of commonly used concepts in our day-to-day activities such as our business and distribution model, value proposition, selling prices, key selling points, and target audience. The information in the Sales Documentation supports employees in their daily routine. It conveys the overall business vision within the company. This documentation contributes to making employees aware of how our solutions are distributed, who are our key partners and target market to know exactly the people towards whom team members’ efforts should be aimed. Alignment on company-wide priorities is also achieved through clear communication of our value proposition and key selling points, helping everyone understand the things that matter most. Secure OS 3
SAS 3
Secure Chat 3
Secure Email 3
Secure Vault 3
Secure Manager 3
Support Documentation People within the company need to be aware of commonly occurring problems with our solutions. From the Support Documentation, employees should also extract general level knowledge regarding support processes, the issues that we’re currently having product-wise, and the approach to troubleshooting them. o The Support Documentation helps employees understand short-term priorities more clearly and communicate more openly why they’re needed. It also gives them general knowledge of how to spot and report a problem, which helps us facilitate a company-wide contribution to product development. Last but by no means least, it helps team members understand customers pains and behavioral patterns to strengthen our user-centric approach. Secure OS 3
SAS 3
Secure Chat 3
Secure Email 3
Secure Vault 3
Secure Manager 3
Functional Documentation Through the Functional Documentation, employees should get a thorough understanding of the solutions and their multiple features. People that work closely with the products must understand exactly how they function, how users interact with them, how to configure different settings, and what’s the expected behavior of different software solutions. o The information in the Functional Documentation helps employees whose work is closely connected with our solutions, to gain significant in-depth knowledge into their functionalities that far exceeds users‘ understanding. Such thorough product expertise helps us remain objective, evaluate market data more adequately, and constantly increase our internal expertise. Secure OS 4
SAS 4
Secure Chat 4
Secure Email 4
Secure Vault 4
Secure Manager 4
Technical Documentation Employees concerned with the Technical Documentation and more concretely - software development, must gain complete mastery over all solutions. Such people are regarded as technical experts and need to be well aware of data structures, relational databases, algorithms, programming languages, models, etc. The Technical Documentation is used to make sure people that are technically involved in product development have the required knowledge to perform their day-to-day tasks, optimize our solutions more easily, and support other teams with their in-depth expertise. Secure OS 4
SAS 4
Secure Chat 4
Secure Email 4
Secure Vault 4
Secure Manager 4

Basic IT Concepts

To be able to reach Level 3 in our Career Journey there are some basic IT concepts we expect the Web Developers to master. This means that considering the KAI grades of proficiency, they will need to score from 4 to 6 in the following items:

Basic IT Concepts
Category Concept Description/Example
System Administration Linux server set up
  • How to install a Linux server/workstation distribution
  • How to prepare a coding environment on a workstation
Remote servers with SSH connection
  • How to set up SSH
  • How to connect to a server
  • How to use a key to connect to SSH
Users management
  • How to create, remove and modify users on a Unix system
  • How groups work
File permissions
  • How to grant/remove different levels of access to different parts of the file system with chmod and chown.
  • How to read files permission
Init systems
  • How to configure Init system to start/stop processes at specified run levels
  • How to start and stop services
Firewall configuration
  • Understand the need for a firewall
  • How to limit inbound network traffic to specific ports
Basic monitoring
  • Understand the free memory, disk usage, load average and other metrics for server performance
Package manager
  • How to install software packages and how to update them
Web server
  • How to set up a static web server
  • How to Set up a LAMP server
Static file deployment
  • Understand some automated method of updating: using rsync to keep the files up to date or similar
Basic Docker management & administration
  • What is Docker engine and what is a docker controller
  • How to set up a basic docker environment on a workstation
  • How to create, RUN, Pause, Unpause, Start, Stop Restart, Kill container
Active Directory
  • What are the major features in Active Directory Domain Services (trees, trust, forest)
  • How to create a user, add a mailbox, etc
  • How to create a Group policy and how to enforce it
  • How to troubleshoot and configure Windows 2008 R2 - 2012 R2
  • How to use the administration tools (Active Directory, DNS etc)
Storage
  • What is NFS, ISCSI, Samba
  • How to share folders in windows
  • What is a Security Descriptor
  • What is Access Control List (ACL)
  • What is a parent directory and a child directory
Email Server
  • What's the difference between a transaction e-mail and an email API
  • What's the relation between Simple Mail Transfer Protocol (SMTP), Mail Transfer Agent (MTA), Domain Name System (DNS), Mail Exchanger (MX), Post Office Protocol (POP), Internet Message Access Protocol (IMAP)
  • What are the SPAM rules and how to use SPAM engines
PKI
  • What's a PGP universal server
  • What is a Certificate and a Certificate Authority
  • What's the difference between a Public Key and a Private Key and what are they used for
  • How to configure a web server certificate with SSL (port443)
  • How digital signatures work and how it's related to the authentication
  • What's SSL, TLS, PGP, OTR, OMEMO
Server configuration management
  • How to execute a server configuration and manage it: Terraform | Ansible | Puppet | Chef
Reading logs
  • What are the basic network events: Intrusion detection, packet blocked or allowed, access log
  • How to read the MSexchange tracking log and understand an event
  • How to read the PGP server log and understand an event
  • How to read, request and identify the problem in the Web Server or API server log
  • How to read Apache PHP log
SIP protocol
  • What is the SIP protocol and how to use it
  • How to differentiate media from signaling
XXMPP
  • What's the XMPP protocol and how to use it
  • What are the main extensions
Virtualization
  • What is VMware Server/Desktop application and how it works
  • How to replicate VMs
  • How to restart VMs
System Administration - Day to Day Ops Day to Day Ops
  • How to set up a network printer and put it in the correct driver into a print server
  • How to set up a working station and advanced drivers configuration
  • How to set up a network printer and put it and the correct driver into a print server
Commands
  • What are the universal keyboard commands for operating systems
  • What is a command line
  • What are the most common CMD commands and what are they used for (Ipconfig, Ping, Dir, Nslookup, Tracert)
  • What are the most common PowerShell commands and what are they used for
Hardware terminology Understanding of Advanced hardware knowledge: terminology, troubleshoot and the relation between them
Root cause analysis
  • What is cause and effect and how they are related
  • What is an event in a system log
  • How to navigate an event using a timestamp
Android Development Android Studio
  • How to create a project and how to connect a device
  • How to execute real-time debugging
Adb command
  • How to perform basic adb to capture log
  • How to load an OS via adb
  • What are the most basic adb command and how to use them: devices, push, pull, reboot, reboot-bootloader, reboot recovery, fastboot devices, fastboot unlock, install
  • How to execute USB debugging
Android SDK
  • What are layouts and views and what's the relation between them
  • What are activities and their life cycle
SQL
  • What is SQL and what it does
  • How to write a simple SQL query
Android OS architecture
  • What are the basic components of an Android Phone:
  • Android Runtime – ART Linux Kernel, Libraries, Application Framework, Applications
AndroidOS or Android App log
  • How to identify actions in an app that can cause a log entry
Networking concepts Network concepts
  • What's the OSI model and how to use it
  • What is DHCP
  • What is DNS and the type of records as well as how to edit and check them
  • What are the differences and relations between Internal DNS and External DNS
  • What is a VLAN (from a VERY high level)
  • What is TCP and IP
  • What are the differences between UDP and TCP and when to use each one of them
Basic firewall concept
  • What are the NAT rules
  • What is Port forwarding used for
  • How to set up port forwarding
Basic Traffic Sniffing
  • How to set up Wireshark on a workstation and connect to a device
  • How to use a proxy to intercept traffic
Basic Networking Command
  • What are the most common CMD commands and what are they used for (Ipconfig, Ping, Dir, Nslookup, Tracert)
  • How to use web tools: mxtools, visual trace route, dnstools, etc…

Salary Grid

Web Development Step
Level
Individual Contributor Path Management Path 1 2 3 4
1: Web Developer - 2.000 lv 2.150 lv 2.300 lv 2.450 lv
2: Sr. Web Developer - 3.000 lv 3.150 lv 3.300 lv 3.450 lv
3: Software Engineer Manager 4.000 lv 4.150 lv 4.300 lv 4.450 lv
4: Sr. Software Engineer Sr. Manager 5.000 lv 5.150 lv 5.300 lv 5.450 lv
5: System Architect Head of 6.000 lv 6.150 lv 6.300 lv 6.450 lv
6: Sr. System Architect Director 7.000 lv 7.150 lv 7.300 lv 7.450 lv
- Sr. Director 9.000 lv 9.400 lv 9.800 lv 10.200 lv
- Chief of 11.200 lv 11.600 lv 12.000 lv 12.400 lv
- VP 13.400 lv 13.800 lv 14.200 lv 14.600 lv