Brandeis GPS Blog

Insights on online learning, tips for finding balance, and news and updates from Brandeis GPS

Tag: Project and Program Management (page 3 of 3)

SPOTLIGHT ON JOBS: New Dimensions in Technology Recruiting

spotlight-CHANGED-300x200SPOTLIGHT ON JOBS

Members of the Brandeis GPS Community may submit job postings from within their industries to advertise exclusively to our community. This is a great way to further connect and seek out opportunities as they come up. If you are interested in posting an opportunity, please complete the following form found here.

Where: This position is with a confidential company in Cambridge, MA. Applicants interested in the position will work with the New Dimensions in Technology Recruiting Agency.

New Dimensions in Technology (NDT) continues to be on the forefront of change. Our experienced Recruiting Team has seen industry trends come and go. NDT Recruiters have developed keen insight into companies that are most likely to grow and prosper. NDT also offers a proven track record of successful matching of candidates with client companies by understanding our candidates career goals and knowing the needs of our client companies and their corporate cultures. We have partnered with start-up companies to staff and grow their businesses into FORTUNE 500 companies; we have assisted our mid-size and large client companies in recruiting the most sought after superstars. No matter what the global economic conditions, NDT consistently delivers value to both new and long-time client companies and candidates.

Position: Head of Engineering Operations

The engineering team is looking for a results-oriented person to establish our Engineering Operations capability. The ideal candidate will thrive in a fast-paced environment, have strong project management and organizational skills, be experienced with modern software development process and tracking tools including data analysis and reporting functions, be familiar with agile software development processes, and strong communications and people skills.  The Head of Engineering Operations reports to the SVP Engineering, and is a project management and reporting service resource to the individual development teams and the engineering department as a whole.

Required Skills and Experience:

  • 5+ years of industry experience as software project manager.
  • Experience with Agile Methods (Scrum), especially as it relates to project-level information and reporting.
  • Strong organizational skills and comfort with detailed information, including financial, technical tasks and workstreams, and deliverables/action items.
  • Self-motivated, driven, and results-oriented.
  • Strong verbal and written communication skills.
  • BS or BA in Management, Business, Computer Science or equivalent. 

Great to have Skills and Experience:

  • High-tech software company experience, especially databases.
  • Experience with specific development environment tools experience:
    • JIRA
    • Confluence (Wiki)
    • Bamboo

Click here to view further details on this opportunity!

To receive full consideration for this position, candidates are asked to submit a Resume/CV and Cover Letter through the recruiting agency’s online portal here.

Please make sure to reference seeing these positions through the Brandeis GPS job spotlight post.

Not subscribed to our blog?

Click here to subscribe!

Footerindesign

SPOTLIGHT ON JOBS: New England Quality Care Alliance-2 positions

spotlight-CHANGED-300x200SPOTLIGHT ON JOBS

Members of the Brandeis GPS Community may submit job postings from within their industries to advertise exclusively to our community. This is a great way to further connect and seek out opportunities as they come up. If you are interested in posting an opportunity, please complete the following form found here.

Where: New England Quality Care Alliance, Braintree, MA 02184

Position: Director of Data and Informatics

The Director of Data and Informatics will be responsible for providing oversight of informatics operations, data architecture, and the production cycle. They will also serve as the executive sponsor of the data governance committee, and will be ultimately responsible for the success of all governance initiatives. They will be heavily involved in all vendor relationships that fall under their realm of responsibility, working with the Director of IT.

 

To receive full consideration for this position, candidates are asked to submit a Resume/CV and cover letter with salary requirements to the careers site.


Where: New England Quality Care Alliance, Braintree, MA 02184

Position: Senior Healthcare Analyst

The Sr. Healthcare Analyst will perform analysis, synthesis, and modeling of data to support system contracting, performance reporting, physician and hospital benchmarking, financial planning, and forecasting processes.  The Healthcare Analyst will build strong working relationships with key internal and external customers, acting as the liaison between end users and the development team to ensure the needs of the business are met through reporting.

 

To receive full consideration for this position, candidates are asked to submit a Resume/CV and cover letter with salary requirements to the careers site.

Please make sure to reference seeing these positions through the Brandeis GPS job spotlight post.

Not subscribed to our blog?

Click here to subscribe!

Footerindesign

So What Is the Risk of Mobile Malware?

By: Derek Brink

Originally from: https://blogs.rsa.com/risk-mobile-malware/

Obvious, or oblivious? Short-term predictions eventually tend to make us look like one or the other—as Art Coviello astutely noted in making his own predictions for the security industry in 2014—depending on how they actually turn out. (Long-term predictions, however, which require an entirely different level of thinking, are evaluated against a different scale. For example, check out the many uncannily accurate predictions Isaac Asimov made for the 2014 World’s Fair, from his reflections on the just-concluded 1964 World’s Fair.)

Art’s short-term prediction about mobile malware:

Chapa NO MALWARE2014 is the tipping point year of mobile malware: As businesses provide greater mobile access to critical business applications and sensitive data, and consumers increasingly adopt mobile banking, it is easy to see that mobile malware will rapidly grow in sophistication and ubiquity in 2014. We’ve already seen a strong uptick in both over the past few months and expect that this is just the beginning of a huge wave. We will see some high-profile mobile breaches before companies and consumers realize the risk and take appropriate steps to mitigate it. Interestingly, the Economist recently featured an article suggesting such fears were overblown. It is probably a good idea to be ready just the same.

The Economist article Art references (which is based on an earlier blog) asserts that “surprisingly little malware has found its way into handsets. . . smartphones have turned out to be much tougher to infect than laptops and desktop PCs.” (Ironically, the Economist also publishes vendor-sponsored content such as How Mobile Risks Are Pushing Companies Towards Better Security. I suppose that’s one way to beat the obvious or oblivious game: Place a bet on both sides.)

RSA’s Online Fraud Resource Center provides some terrific fact-based insights on the matter, including Behind the Scenes of a Fake Token Mobile App Operation.

But the legitimate question remains: What is the risk of malware on mobile? Let’s focus here on enterprise risks, and set aside the consumer risks that Art also raised as a topic for another blog.

Keep in mind the proper definition of “risk”—one of the root causes of miscommunication internet-security1among security professionals today, as I have noted in a previous blog—which is “the likelihood that a vulnerability will be exploited, and the corresponding business impact.” If we’re not talking about probabilities and magnitudes, we’re not talking about risk.

Regarding the probability of malware infecting mobile devices:

  • The Economist‘s article builds on findings from an academic paper published by researchers from Georgia Tech, along with a recent PhD student who is now the Chief Scientist at spin-off security vendor Damballa. Their core hypothesis is that the activities of such malware—including propagation and update of malicious code, command and control communications with infected devices, and transmission of stolen data—will be discernible in network traffic.
  • From three months of analysis, they found that about 3,500 mobile devices (out of a population of 380 million) were infected—roughly 0.001%, or 1 in 100,000.
  • Compare this to the computers cleaned per mille (CCM) metric regularly reported by Microsoft: For every 1,000 computers scanned by the Microsoft Malicious Software Removal Tool, CCM is the number of computers that needed to be cleaned after they were scanned. For 1H2012, the infection rates per 1,000 computers with no endpoint protection was between 11.6 and 13.6 per month.

All of this nets out to say that currently, mobile endpoints are three orders of magnitude less likely to be infected by malware than traditional endpoints.

But doesn’t this conflict with other published research about mobile malware? For example, I’ve previously blogged about an analysis of 13,500 free applications for Android devices, published in October 2012 by university researchers in Germany:

  • Of 100 apps selected for manual audit and analysis, 41 were vulnerable to man-in-the-middle (MITM) attacks due to various forms of SSL misuse.
  • Of these 41 apps, the researchers captured credentials for American Express, Diners Club, PayPal, bank accounts, Facebook, Twitter, Google, Yahoo, Microsoft Live ID, Box, WordPress, remote control servers, arbitrary email accounts, and IBM Sametime, among others.
  • Among the apps with confirmed vulnerabilities against MITM attacks, the cumulative installed base is up to 185 million users.

In another blog, I’ve noted that mobile applications have a more complex attack surface mobile-appthan traditional web applications—in addition to server-side code, they also deal with client-side code and (multiple) network channels. The impact of these threats is often multiplied, as in the common case of support for functions that were previously server-only (e.g., offline access). This makes security for mobile apps even more difficult for developers to address—mobile technology is not as well known, development teams are not as well educated, and testing teams are harder to keep current.

Meanwhile, malware on mobile is indeed becoming more prevalent: Currently over 350,000 instances from 300 malware families. It is also becoming more sophisticated—e.g., by obfuscating code to evade static and dynamic analysis, establishing device administration privileges to install additional code, and spreading code using Bluetooth, according to the IBM X-Force 2013 Mid-Year Trend and Risk Report.

But threats, vulnerabilities, and exploits are not risks. What would be obvious to predict is this: The likelihood of exploits based on mobile malware will increase dramatically in 2014—point Art.

The other half of the risk equation is the business impact of mobile exploits. From the enterprise perspective, we would have to estimate the cost of exploits such as compromise of sensitive corporate datasurveillance of key employees, and impersonation of key corporate identities—e.g., as part of attacks aimed at social networks or cloud platforms, where the mobile exploits are the means to a much bigger and more lucrative end. It seems quite reasonable to predict that we’ll see some high-profile, high-impact breaches along these lines in 2014—again, point Art.

Obvious or oblivious, you can put me down squarely with Art’s prediction for this one, with the exception that I would say the risk of mobile malware is much more concentrated and targeted than the all users/all devices scenario he seems to suggest.

About the Author:

BA8D94F2924E634831C8CA3D8E7179C7477BBC1Derek E. Brink, CISSP is a Vice President and Research Fellow covering topics in IT Security and IT GRC for Aberdeen Group, a Harte-Hanks Company. He is also a adjunct faculty with Brandeis University, Graduate Professional Studies teaching courses in our Information Security Program. For more blog posts by Derek, please see http://blogs.aberdeen.com/category/it-security/  and http://aberdeen.com/_aberdeen/it-security/ITSA/practice.aspx

Footerindesign

Helping Your Teams Grow Through Coaching

By: Phil Holberton, Adjunct faculty at Brandeis Graduate Professional Studies

Originally from: http://holberton.com/helping-your-teams-grow-through-coaching/

As team leaders, we evaluate our team members and expect them to do the job up to our standards. Sometimes our standards are out of sync with their ability or training. After all, coachingthese individuals have not traveled in the same shoes as we have and may not have the skills or cognitive preparation to achieve what we expect. Therefore coaching becomes an integral part of helping teams grow to the next level.

In my experience, the most effective leaders shine when they are helping others day in and day out. This is where coaching enters the picture. Those team leaders who are really performing up to their capability (in a leadership capacity) are consistently coaching their colleagues (and not trying to micro-manage their activities). Individuals don’t appreciate being managed. But, they are more open to coaching if the coach immediately establishes his or her desire to help the individual meet their established goals.

The first and most important coaching skill is to be in the moment, not distracted by six different things on your mind. Coaching is about How-To-Minimize-Distractionsrespect for each other. There is no more predictable way to show lack of respect as not being “present” or “engaged” during a conversation. I once had a boss whose eyes would become “fish eyes” during our conversations. Do you think I was being heard? Do you think I respected him?

Secondly, a good coach (team leader) will seek to understand by asking open-ended, empowering questions. It is very difficult to understand what is going on in someone else’s head if we ask simple yes/no questions. Questions need to be open-ended so we fully understand the complexity of an individual’s state of mind.

A third critical skill is the need for the coach to suspend judgment and remain reflective and objective. Being contemplative shows that you understand the thoughts or feelings in the conversation. These first three skills will help develop understanding, balance, and respect—all very important ingredients in a successful coaching relationship.

0x600-636x310The fourth critical skill is affirming the conversation. This action brings into focus the individual’s desire to move ahead, whether it’s an improvement in performance or learning new skills and growing as a professional or human being.
These skills, when practiced and used daily, will help you become the most effective leader imaginable.

Help your team grow. Be a coach not a just a team leader or boss.

Click here to subscribe to our blog!

PhilAuthor

Footerindesign

My Journey in Online Learning

The M.S. in Project and Program Management program at Brandeis GPS through the eyes of a recent graduate, Thomas Gratiano.

ProjectManagement_03Three years ago as the manager of the Program Management Group within the Manufacturing and Global Supply Chain (MGSC) Division, my manager challenged me to build my business acumen. To meet this challenge, I started researching: certifications, certificates, and degree programs.

Eventually I came across the Brandeis program, the curriculum was exactly what I was looking for to build on my existing Program Management skills. During the pursuit of my degree at Brandeis I took four classes on campus and six online.  Although I was hesitant at first about taking online classes, the online option provided an increased level of flexibility.  This proved to be a key feature of the program as I ended up Program Managing two projects with our team in Belgium while attending classes online. I was able to travel as often as required with no impact to my ability to participate in class. e-Learning Concept. Computer Keyboard

Upon completion of my degree, I was promoted to senior manager in charge of Framingham manufacturing operations and the MGSC Program Management group. The Brandeis degree built my business acumen and provided me the opportunity to continue to grow with my company. 

Design Your Agile Project, Part 1

by: Johanna Rothman

Find the original post here: http://www.jrothman.com/blog/mpd/2014/03/design-your-agile-project-part-1-2.html

The more I see teams transition to agile, the more I am convinced that each team is unique. Each project is unique. Each organizational context is unique. Why would you take an off-the-shelf solution that does not fit your context? (I wrote Manage It! because I believe in a context-driven approach to project management in general.)

One of the nice things about Scrum is the inspect-and-adapt approach to it. Unfortunately, most people do not marry the XP engineering practices with Scrum, which means they don’t understand why their transition to agile fails. In fact, they think that Scrum alone,without the engineering practices, is agile. How many times do you hear “Scrum/Agile”? (I hear it too many times. Way too many.)

I like kanban, because you can see where the work is. “We have a lot of features in process.” Or, “Our testers never get to done.” (I hate when I hear that. Hate it! That’s an example of people not working as a cross-functional team to get to done. Makes me nuts. But that’s a symptom, not a cause.) A kanban board often provides more data than a Scrum board does.

Can there be guidelines for people transitioning to agile? Or guidelines for projects in a program? There can be principles. Let’s explore them.

The first one is to start by knowing how your product releases, starting with the end in mind. I’m a fan of continuous delivery of code into the code base. Can you deliver your product that way? Maybe.

How Does Your Product Release?

I wish there were just two kinds of products: those that released continuously, as in Software as a Service, and those with hardware, that released infrequently. The infrequent releases release that way because of the cost to release. But, there’s a continuum of release frequency:

Potential Release Frequency

How expensive is it to release your product? The expense of release will change your business decision about when to release your product.

You want to separate the business decision of releasing your product from making your software releasable.

That is, the more to the left of the continuum you are, the more you can marry your releases to your iterations or your features, if you want. Your project portfolio decisions are easier to make, and they can occur as often as you want, as long as you get to done, every feature or iteration.

The more to the right of the continuum you are, the more you need to separate the business decision of releasing from finishing features or iterations. The more to the right of the continuum, the more important it is to be able to get to done on a regular basis, so you can make good project portfolio decisions. Why? Because you often have money tied up in long-lead item expenses. You have to make decisions early for committing to hardware or Non Recurring Engineering expenses.

How Complex is Your Product?

Let’s look at the Cynefin model to see if it has suggestions for how we should think about our projects:

CynefinI’ll talk more about you might want to use the Cynefin model to analyze your project or program in a later post. Sorry, it’s a system, and I can’t do it all justice in one post.

In the meantime, take a look at the Cynefin model, and see where you think you might fall in the model.

Do you have one collocated cross-functional team who wants to transition to agile? You are in the “known knowns” situation for agile. As for your product, you are likely in the “known unknowns” situation. Are you willing to use the engineering practices and work in one- or two-week iterations? Almost anything in the agile or lean community will work for you.

As soon as you have more than one or two teams, or you have geographically distributed teams, or you are on the right hand side of the “Potential for Release Frequency” chart above, do you see how you are no longer in the “Complicated” or “Obvious” side of the Cynefin model? You have too many unknowns.

Where Are We Now?

Here are my principles:

  1. Separate the business decision for product release from the software being releasable all the time. Whatever you have for a product, you want the software to be releasable.
  2. Understand what kind of a product you have. The closer you are to the right side of the product release frequency, the more you need a program, and the more you need a kanban to see where everything is in your organization, so you can choose to do something about them.
  3. Make sure your batch size is as small as you can make it, program or project. The smaller your features, the more you will see your throughput. The shorter your iteration, the more feedback you will obtain from your product owner and “the business.” You want the feedback so you can learn, and so your management can manage the project portfolio.
  4. Use the engineering practices. I cannot emphasize this enough. If you do not keep your stories small so that you can develop automated unit tests, automated system tests, use continuous integration, swarm around stories or pair, and use the XP practices in general, you will not have the safety net that agile provides you to practice at a sustainable pace. You will start wondering why you are always breathless, putting in overtime, never able to do what you want to do.

If you have technical debt, start to pay it down a little at a time, as you implement features. You didn’t accumulate it all at once. Pay it off a little at a time. Or, decide that you need a project to prevent the cost of delay for release. If you are a technical team, you have a choice to be professional. No one is asking you to estimate without providing your own safety net. Do not do so.

This post is for the easier transitions, the people who want to transition, the people who are collocated, the people who have more knowns than unknowns. The next post is for the people who have fewer knowns. Stay tuned.

Johanna Rothman

Just Announced: Eric Siegel as GPS Commencement Speaker

eric_med_3Brandeis Graduate Professional Studies is pleased to announce our 2014 Commencement speaker for the Rabb School of Continuing Studies Diploma Ceremony, Eric Siegel, PhD.

Eric completed his undergraduate degree from Brandeis University in 1991, and subsequently earned his PhD from Columbia University. Eric is the founder of Predictive Analytics World and Text Analytics World. He is the Executive Editor of the Predictive Analytics Times, and he makes the how and why of predictive analytics understandable and captivating. Eric is the author of Predictive Analytics: The Power to Predict Who Will Click, Buy, Lie, or Die and a former Columbia University professor who used to sing to his students. He is a renowned speaker, educator, and leader in the field. He has appeared on Bloomberg TV and Radio, Fox News, BNN (Canada), Israel National Radio, Radio National (Australia), The Street, Newsmax TV, and NPR affiliates. Eric and his book have been featured in Businessweek, CBS MoneyWatch, The Financial Times, Forbes, Forrester, Fortune, The Huffington Post, The New York Times, The Seattle Post-Intelligencer, The Wall Street Journal, The Washington Post, and WSJ MarketWatch.

 

My Journey as an “Adult” Student

adult-studentOk so here I am, I was told at work that I need to take a course for professional development…really? I already have my master’s degree, I thought I was done with school. Although I did always think that I would be one of those people that was a lifelong student. It has been 10, 11, 12 years maybe since I last took a “real” course. You know what happens, life….marriage, kids, house, etc. etc. all the excuses, I mean, reasons why I haven’t taken any courses since my master’s degree. I must admit this pit in my stomach may be fear or is it excitement? How can I fit a 10-week, 3-graduate credits, minimum 3 posting a week course into my 2 kids (4yr old and 1 yr old), husband, house, full-time job, 2+ hour commute schedule? As I sit hear waiting for fall registration to open, I think the pit in my stomach is excitement and not fear. I’m going to learn again.

Blog CTA main

Newer posts »

© 2022 Brandeis GPS Blog

Theme by Anders NorenUp ↑

Protected by Akismet
Blog with WordPress

Welcome Guest | Login (Brandeis Members Only)