The ability to understand and apply security principles, handle user data appropriately and report security concerns
Is able to understand the importance of security.
Knowledge: You understand basic security principles and apply them to your daily work.
User data: You understand the importance of handling user data and do so responsibly.
Reporting: You immediately report security concerns to manager or security teams.
Is able to understand the importance of security and starts to see work through a security lens.
Knowledge: You understand general security principles and apply them to your daily work. You ask more senior engineers for help on making decisions that may have security implications.
User data: You understand the importance of handling user data and does so responsibly without exception.
Reporting: You immediately reports security concerns to manager or security teams.
Consistently approaches all engineering work with a security lens.
Knowledge: You have an excellent understanding of security principles and you work to better facilitate the team's understanding.
User data: You have faultless handling of user data, and set an example for others within the team.
Proactivity: You actively look for security vulnerabilities both in the code and when providing peer reviews.
Collaboration: You work with the security teams to help refine technical strategy.
Consistently promotes a security first mindset within the team, leading by example.
Knowledge: You have impeccable understanding of security principles, and regularly impart this knowledge on your team.
User data: You have faultless handling of user data, setting an example within the organization.
Strategy: You lead on collaboration between your team and the security teams, to refine the team's approach to security based on the organization's security strategy. You contribute to the organization's broader security strategy.
Is a leader in security strategy.
Knowledge: You have impeccable understanding of security principles, and impart this knowledge on your own team, the organization, and wider tech community.
Strategy: You lead the conversation around security within the organization. You are seen as an expert in the security field.