Complete specification diagrams, including data flow, network architecture, and encrypted storage, as well as devops build infrastructure.
Must be able to design sane, comprehensive diagrams using [login to view URL] and [login to view URL] and write the specification and product brief (approximately 20 to 50 pages).
Successful project will result in offer to build some or all of the final product, or design other products (three others are waiting behind this one).
PLEASE STATE THAT YOU HAVE READ ALL OF THE ABOVE AND PLEASE PROVIDE SPECIFIC DETAILS ON WHAT DELIVERABLES YOU WOULD DELIVER TO HELP A TEAM TO BUILD THE PRODUCT.
PLEASE NOTE: PROPOSALS HAVE NOT READ THE DESCRIPTION WILL BE IGNORED AND FLAGGED.
PLEASE NOTE: Functional screen layouts and mockups are nice, but these are enterprise security applications, so UX is much less important than data model, network, and security, traffic lane, and data flow diagrams. Please be prepared to provide at least examples of how you would design a security model.
ADDITIONAL INFORMATION ABOUT THE APPLICATION:
The application is a distributed scanning and analysis application cluster. It's designed to be operated from one or more clusters and deposit scanned data in a 'big data' facility. The user flow will be limited to perusing reports via email notifications and 'drilling down' into the data in the UX.
WHAT WE ARE LOOKING FOR:
We are looking for you to provide not just a price, but also a list of the deliverables that you would provide. These deliverables could range from data flow and trust models to threat and attack surface models. The deliverables will serve as working documents for the development and security teams. The most effective deliverables will be diagrams. These diagrams should be functional and do not need to be beautiful. (we can work through drafts to final so that you don't waste time developing beautiful but inadequate diagrams). We also expect a narrative plan about the product based on how the plan operates.
WHAT THIS PROJECT IS NOT:
This project is NOT to develop a User Interface, a Mobile App, or anything remotely related. The key purpose of this application is to gather data and then present it in a simple, drill-down report on a periodic basis. The limiting factors of this application are security and performance: how do you scan large numbers of objects and gather and analyze more data than can fit in a single server? This makes it a big data application with a WRITE-HEAVY access pattern.
The key takeaways from this brief are:
You should be well-versed in security, or at least interested enough to learn how to write formal security documents.
You should know how to build a scalable service, or at least how to document one thoroughly. (We can provide basic architecture diagrams that you build out and formalize.)
The scanning application will scan external network-attached components and will gather approximately 30 data points about each one and do minimal analysis during the initial data collection period.
The data will be committed to a "big" data repository (TBD) and later analyzed.
There may be billions of data objects.
These data objects need to be analyzed in a timely and horizontally scalable fashion and results need to be generated, at most, within 24 hours.
(WE WILL TRY TO ENSURE THAT ALL CANDIDATES RECEIVE THE SAME INFORMATION, SO PLEASE CHECK THIS PROJECT DESCRIPTION FROM TIME TO TIME TO REVIEW THE LATEST INFORMATION BASED ON CANDIDATE QUESTIONS AND ANSWERS.)