11 Skills You Need To Master

Google is the most desirable employer on Earth.

Engineers are the rock stars there — and they’re paid accordingly.

Interns start at $70,000 to $90,000 salaries, while software engineers pull in $118,000 and senior software engineers make an average of $152,985.

But one does not simply walk into the Googleplex.

The company receives upwards of 2.5 million job applications a year, but only hires about 4,000 people.

Thankfully for would-be Googlers, the Google in Education team has released a list of skills that they want to see in potential engineers.

“Having a solid foundation in Computer Science is important in being a successful Software Engineer,” the company says. “This guide is a suggested path for University students to develop their technical skills academically and non-academically through self-paced, hands-on learning.”

Here are the skills Google wants its tech talent to master, complete with online resources to get you started:

1. Mastering the foundation. You have to be able to get through an introduction to CS course, like the ones from Udacity or Coursera 

2. Learn to code in at least one object-oriented programming language. Like C++, Java, or Python. Consult MIT or Udacity.

3. Learn other programming languages. Add Java Script, CSS, Ruby, and HTML to your skillset. W3school and CodeAcademy are there to help.

4. Test your code. Because Google wants you to be able to “catch bugs, create tests, and break your software.” Udacity, once again.

5. Have some background in abstract math. Like logical reasoning and discrete math, which lots of computer science draws on. MIT can help you with mathematics for computer science.

6. Understand algorithms and data structures. Google wants you to learn about fundamental data types like stacks, queues, and bags, as well as grasp sorting algorithms like quicksort, mergesort, and heapsort. MIT provides the recommended online resources, and the book “The Algorithm Design Manual” is super helpful, too.

7. Get to know operating systems. Because they’ll be where you do much of your work. The University of California, Berkeley, provides a primer.

8. Become familiar with artificial intelligence. Google loves robots. Stanford has the knowledge.

9. Learn how to build compilers. Stanford says that when you do that, “you will learn how a program written in a high-level language designed for humans is systematically translated into a program written in low-level assembly more suited to machines.” Head to Coursera for the learning.

10. Learn cryptography. Because cybersecurity is crucial. Coursera and Udacity provide courses.

11. Learn parallel programming. Because being able to carry out tons of computations at the same time is super powerful. The University of Illinois can help you out.

But Google doesn’t just look at skills in its select candidates — the search giant seeks specific personality qualities, too.

Source: http://www.businessinsider.com/skills-for-google-engineering-jobs-2014-10#ixzz3IAbga1qI

Great online tools for startups

My list is not exhaustive but it should capture a good chunk of the tools needed to build your own (software or web) startup. It’s really remarkable how much of the process is modularized and commoditized these days. The old programmer’s adage “don’t reinvent the wheel” has been applied on a mass-scale to the entire startup ecosystem and this list is a testament to that.

Before you continue, check out Leanstack, a service that helps developers find and stay up to date with new developer services. It lets you view services by what other startups use (“cloudstacks”) or through categories (“clusters”).


balsamiq (wireframing mockups): http://www.balsamiq.com/

MockFlow (design UI workflows): http://mockflow.com/

Software/Web Development

Meteor (web dev tool): http://meteor.com/

Action.io (cloud development platform): https://www.action.io/

Foundation (frontend frameworks): http://foundation.zurb.com/

Coderbuddy (Google App Engine dev made easy):https://www.coderbuddy.com/

DivShot (web app interface builder): http://divshot.com/

Rescue.js (web app bug-finder): http://rescuejs.com/

Easel.io (in-browser web dev tool): https://www.easel.io/

Yottaa (web performance as a service): http://www.yottaa.com/

Mobile Development

Clutch.io (A/B testing for mobile apps made easy): https://clutch.io/

Urban Airship (push notifications): http://urbanairship.com/

Parse (mobile dev made easy): https://www.parse.com/

Back-end / Cloud Infrastructure

Backlift (back-ends made easy): https://www.backlift.com/index.html

Fastly (CDN’s made easy): http://www.fastly.com/

RightScale (cloud management): http://www.rightscale.com

Scalr (cloud management): http://www.scalr.net/

Eucalyptus (cloud inf.): http://www.eucalyptus.com/

Firebase (scalable back-end for web apps): https://www.firebase.com/

TightDB (databases made easy): http://www.tightdb.com/

MemSQL (performance databases made easy): MemSQL

MongoHQ (database hosting made easy): Run your Hosted Database with Us

Filepicker.io (file system as a service): FilePicker.io – Dead Simple Uploads for Web and Mobile

Non-Startup Cloud Platforms (The Big Boys):

Amazon Web Services: http://aws.amazon.com

Google App Engine: https://developers.google.com/ap…

Google Compute Engine: https://cloud.google.com/product…

Salesforce: http://www.salesforce.com/

Microsoft Windows Azure: http://www.windowsazure.com/en-us/

Rackspace (cloud everything): http://www.rackspace.com/

Heroku (cloud everything): http://www.heroku.com

Web App Modules

Unbounce (landing page management): http://unbounce.com/

LaunchRock (landing pages made easy): http://launchrock.com/

GoInstant (co-browsing module): http://www.goinstant.com/

Kera (in-app tutorials made easy): https://www.kera.io/

Avatars.io (avatars made easy): http://avatars.io/

DailyCred (social authentication module made easy):https://www.dailycred.com/

Janrain (social authentication, user management): http://janrain.com/

Stormpath (user management): http://www.stormpath.com/

Searchify (search-as-a-service): http://www.searchify.com

Swiftype (search-as-a-service): https://swiftype.com/

Elasticsearch (search-as-a-service): http://www.elasticsearch.com/

Mashape (Cloud API marketplace): https://www.mashape.com/

Authy (two-factor authentication module): https://www.authy.com/

DuoSecuity (two-factor competitor): https://www.duosecurity.com/


Stripe (payments for devs): https://stripe.com/

Dwolla (transactions made easy): https://developers.dwolla.com/

Braintree (payments for debs made easy, another Stripe):https://www.braintreepayments.com/

Analytics / DataViz

Chartbeat (analytics/data made easy): http://chartbeat.com/

KISSmetrics (analytics made easy): http://www.kissmetrics.com/

Leftronic (analytics dashboard): https://www.leftronic.com/

Reportgrid (dataviz made easy): http://www.precog.com/products/r…

HeatData (website heat maps): http://www.heatdata.com/

GoSquared (analytics): https://www.gosquared.com/

Customer Communication (Email, support, etc)

SendGrid (mass-email in the cloud): http://sendgrid.com/

MailChimp (email marketing made easy): http://mailchimp.com/

CampaignMonitor (email newsletters made easy):http://www.campaignmonitor.com/

Get Satisfaction (customer support made easy): https://getsatisfaction.com/

ZenDesk (customer support made easy): http://www.zendesk.com/

Big Data

Factual (data-as-a-service): http://www.factual.com/

Platfora (Hadoop-as-a-service): http://www.platfora.com/

Datameer (data-as-a-service): http://www.datameer.com/

Infochimps (Big Data analytics for enterprise): http://www.infochimps.com/

BrightContext (data as a service): http://www.brightcontext.com/

Running the Office

Resumator (make hiring easy): http://www.theresumator.com/

Expensify (expense reports made easy): https://www.expensify.com/

PagerDuty (IT management made easy): http://www.pagerduty.com/

Twilio (telephone in the cloud): http://www.twilio.com/

42Floors (office space made easy): http://42floors.com/

Competitive Intelligence

AngelList: https://angel.co/

TechCrunch CrunchBase: http://www.crunchbase.com/

VentureBeat Profiles: http://venturebeatprofiles.com/


EasyPost (postage for developers): http://www.geteasypost.com/

Keynotopia (presentations and pitches made easy):http://keynotopia.com/

Lastly, for more business-to-developer solutions, see this Quora board:Startups for Startups – Services to Use. Also, Ashley‘s suggested list is really comprehensive–though you won’t find some of these links on there:startuptools

UPDATE: This Hacker News page features some great lists: Ask HN: Tools of the trade, 2013 edition

UPDATE 2: Credit to Nathan Ketsdever for his suggestions:


PMP vs Agile which certification is best

Opm-certificationsn my post about the pros and cons of PMP certification, project managers (and wannabe project managers) often ask me: Which certification is best, PMP, or ScrumMaster (Agile) Certification?

I myself am both PMP and ScrumMaster Certified, and the short answer that I give is that I believe they are both worth getting. If you’re going to be managing projects for a wide variety of companies and clients, it’s in your best interest to know and understand a wide variety of project management frameworks that you can apply in different situations. I’ve worked on projects suited to Agile methodologies, projects suited to waterfall methodologies, and projects that have benefited from a combination of different approaches. The deeper your knowledge of different approaches, the better you and your team will be suited to tackle a wide range of problems.

That said, it can’t hurt for me to explain a little bit about the differences between the two approaches, and take a closer look at some of the trends in the popularity of each framework.

Waterfall vs Agile methodologies

PMI’s framework is based on a waterfall methodology, while the ScrumMaster Certification is based on Agile. Both of these methodologies comprise very different approaches to software development.

Here’s a short summary of some key differences between waterfall and Agile methodologies:

Waterfall methodologies

  • Waterfall methodologies feature distinct planning, development, and testing phases
  • Software development projects are heavily planned during the planning stage, where little to no code is completed
  • During the build (development, or execution) phase, the product of the project is built
  • Any changes to product design are normally handled by change requests to the original project plan
  • After the build phase is completed, products are tested during a comprehensive testing phase. Clients (or customers) do not normally receive the finished product until all work on the project has been completed and delivered

Agile methodologies

  • Agile methodologies feature iterative development phases
  • Product features are gathered and prioritized in a backlog of features
  • Scrum teams take on development of product features during sprints, where they are designed, constructed, and tested – normally during a two-week period
  • After the sprint, features emerge as deliverable product
  • Clients are presented completed features from an individual sprint during a sprint demo
  • Product changes may not take place during sprints, but they are accepted at any other time, so products are constructed organically

the tale of trends

So which framework is more popular, and which one should you consider getting certified in?

Let’s take a look at the tale of the trends, thanks to Google Trends. This is not the most scientific approach to be sure, but looking at Google Trends is an easy way to see what people are interested in over time.

PMP vs Agile

First, let’s compare the general search terms “PMP” and “Agile”.



Click to enlarge the graphic. Here you can see that searches for PMP appear to have peaked at some point in 2008, and have recently declined. Meanwhile, searches for Agile, while spiking in late 2009, are generally trending upwards.

Note that this does comparison not take into account that people might be searching for PMP or Agile for reasons other than interest in project management methodologies – but I still found this chart quite interesting.

PMP Certification vs ScrumMaster


Click to enlarge the graphic. You can see here that while ScrumMaster searches are trending upward, there are many more searches for PMP Certification. And I wouldn’t say that searches for ScrumMaster are skyrocketing – they appear to be relatively level. One interesting search that you might try yourself is a search comparing “ScrumMaster” and “PMI-ACP”, PMI’s own, and relatively new, Agile certification. I’d be glad to hear your opinions on that comparison in the comments section of this post.

Which project management certification is the best

It does seem to me that interest in PMP certification is level, or perhaps even waning, while interest in Agile methodologies is growing – though interest in the most popular Agile certification, Certified ScrumMaster, does not appear to be “taking off” as much as I had originally thought it might be. Remember, this is a very simple analysis using Google Trends, so I may be way off the mark here – please be sure to tell me if I am! I’d be interested in seeing any data or opinions contrary to what I’ve explored here. I should note that I have noticed that PMP certification appears to be growing in popularity in India… I get a lot of questions from Indian professionals, especially software engineers and test engineers, who are interested in becoming project managers and getting PMP certified.

I still haven’t answered the question “which certification is best”… a lot of factors go into making this decision, and it turns out that one certification may be best for some, while the other certification may be better for others. It seems to me that PMP certification is more powerful if you’re interested in applying for a job as a project manager – many recruitersrequire PMP certification of their project managers – while Agile certification is important if you’re working for an iterative software development shop, or want to learn about a methodology that is slowly but steadily gaining in popularity. In my opinion, Agile methodologies will see even more recognition in the future while interest in waterfall methodologies will continue to wane.

As I mentioned above, I personally recommend getting both credentials. In fact, I make it my own mission to continue to improve myself both personally and professionally however I can, whenever I can, and education is one of the surest ways of doing this. Whichever path you choose to pursue, best of luck to you!



Grails Authentication With Shiro

Shiro is a security framework that is meant to make life easier. The goal of it is to allow the developer to performauthentication, authorization, cryptography and session management. After reading over the 10 minute tutorial, I trust that it is an excellent option to use in my Grails application. It should be also noted that the Grails.org website also uses Shiro for all authentication.


compile ":shiro:1.2.1"



it will create


package shiro

 * Generated by the Shiro plugin. This filters class protects all URLs
 * via access control by convention.
class securitySecurityFilters {
    def filters = {
        all(uri: "/**") {
            before = {
                // Ignore direct views (e.g. the default main index page).
                if (!controllerName) return true

                // Access control by convention.

you could edit it to

class securitySecurityFilters {

     * Array of controller/action combinations which will be skipped from authentication
     * if the controller and action names match. The action value can also be '*' if it
     * encompasses all actions within the controller.
    static nonAuthenticatedActions = [
            [controller: 'home', action: 'index']

     * Array of controller/action combinations that will be authenticated against the user's
     * role. The map also includes the roles which the controller/action pair will match
     * against.
    static authenticatedActions = [
            [controller: 'home', action: 'secured', roles: ['ROLE_ADMIN', 'ROLE_USER']],
            [controller: 'home', action: 'admin', roles: ['ROLE_ADMIN']]

    def filters = {

        all(controller: '*', action: '*') {
            before = {

                // Determine if the controller/action belongs is not to be authenticated
                def needsAuth = !nonAuthenticatedActions.find {
                    (it.controller == controllerName) &&
                            ((it.action == '*') || (it.action == actionName))

                if (needsAuth) {

                    // Get the map within the authenticated actions which pertain to the current
                    // controller and view.
                    def authRoles = authenticatedActions.find {
                        (it.controller == controllerName) &&
                                ((it.action == '*') || (it.action == actionName))

                    if (authRoles) {

                        // Perform the access control for each of the roles provided in the authRoles
                        accessControl {
                            authRoles.roles.each { roleName ->

                    // Skip authentication if the authRoles was not found
                    else {
                        return true

                // Skip authentication if no auth is needed
                else {
                    return true


Update your Config.groovy

security {
    shiro {
        filter.config = """\
                        shiro.loginUrl = /auth/login
                        rg = AnyOfRolesAuthorizationFilter

                        ROLE_ADMIN = *

                        /admin/** = authc, rg["ADMIN,USER"]
                        /guest/ = anon
                        /guest/sec = authc, rg["USER"]

update your resources.groovy

import org.apache.shiro.authc.credential.Sha512CredentialsMatcher

// Place your Spring DSL code here
beans = {
    credentialMatcher(Sha512CredentialsMatcher) {
        storedCredentialsHexEncoded = true

initialize Bootstrap

import org.apache.shiro.crypto.hash.Sha512Hash

class BootStrap {

    def init = { servletContext ->
        def roleUser = new ShiroRole(name:'USER')
//        roleUser.addToPermissions('auth:*')
//        roleUser.addToPermissions('home:sec')
        roleUser.save(flush:true, failOnError: true)

        def roleAdmin = new ShiroRole(name:'ADMIN')
//        roleAdmin.addToPermissions('auth:*')
//        roleAdmin.addToPermissions('admin:*')
        roleAdmin.save(flush:true, failOnError: true)

        def user = new ShiroUser(username: "user", passwordHash: new Sha512Hash("123").toHex())
        user.save(flush:true, failOnError: true)

        def admin = new ShiroUser(username: "admin", passwordHash: new Sha512Hash("123").toHex())
        admin.save(flush:true, failOnError: true)
    def destroy = {

Add AnyOfRolesAuthorizationFilter Class

public class AnyOfRolesAuthorizationFilter extends RolesAuthorizationFilter {

    public boolean isAccessAllowed(ServletRequest request, ServletResponse response,
                                   Object mappedValue) throws IOException {

        final Subject subject = getSubject(request, response);
        final String[] rolesArray = (String[]) mappedValue;

        if (rolesArray == null || rolesArray.length == 0) {
            //no roles specified, so nothing to check - allow access.
            return true;

        for (String roleName : rolesArray) {
            if (subject.hasRole(roleName)) {
                return true;

        return false;

Geb, What is it?

What is it?

Geb is a browser automation solution.

It brings together the power of WebDriver, the elegance of jQuery content selection, the robustness of Page Object modelling and the expressiveness of the Groovy language.

It can be used for scripting, scraping and general automation — or equally as a functional/web/acceptance testing solution via integration with testing frameworks such asSpockJUnit & TestNG.

The Book of Geb contains all the information you need to get started with Geb.

What does it look like?

Here’s what a simple Geb script to log into an admin section of a website might look like…

import geb.Browser
Browser.drive {
    assert $("h1").text() == "Please Login"
    $("form.login").with {
        username = "admin"
        password = "password"
    assert $("h1").text() == "Admin Section"

This is what is known as the scripting style of Geb and it’s great for quick automation.

Be sure to checkout the highlights in the right navigation bar, and of course the Book of Gebfor in depth information on how to use Geb in your projects.


Allocating business logic in Grails


I’ve been on a couple of larger Grails projects in the past year and half and I’m witnessing a disturbing phenomenon. The allocation of business logic responsibility across the abstractions that Grails provides today is causing considerable pain. Grails provides controllers, services and domain objects where business logic can reside. I’ll contend in this blog entry that these abstraction categories work well for small- to medium-sized Grails projects, but thing quickly start to unravel once your application gets to be large.


I see a lot of business logic code in controllers these days. Controllers shouldn’t contain any business logic whatsoever. The controller’s responsibility is to handle the web request and response. Anything else should be delegated to a collaborator. Don’t do it!


The next logical place to put business logic is in the domain class. Allocating responsibility here works to a point, but you will quickly encounter issues when you need business logic that resides in services. I’m not a fan of injecting Grails services into domain classes. This situation quickly spirals out of control and makes unit testing very difficult to perform. For simple per-domain business logic, free free to allocate to the domain class. Anything more, and it belongs in a service (or something else, which we’ll discuss in a bit).


So most business logic seems to end up in Grails services these days. That’s what the creators of Grails intended. I have no qualms about that. The beef I have with services is that a method is a crappy abstraction for representing business logic in the system. On larger Grails projects, the service approach seems to break down, as services seem to take on more and more responsibility, making them more difficult to test. I’m also witnessing a lot of code duplication; in it’s current incarnation, there is no delineation of public API services versus private services which the public API services compose larger sets of business logic with. What we end up with is large, hard-to-test service methods that collaborate with too many dependencies and do too much.


I want an abstraction in Grails that promotes proper factoring of business logic into unit-testable abstractions. These abstractions can be composed into larger abstractions to provide the necessary logic to fulfill the requirements of the system. The chain of responsibility design pattern may offer some value here. Individual commands that have a singular responsibility can be created, unit tested, and finally composed into “chains” of commands that provide the necessary functionality of the system. The command chains can be integration tested to ensure that the individual commands composition provides the functionality required by the customer/business. When new functionality is needed, a new command chain is created, reusing existing commands where appropriate and creating new commands where functionality does not exist. Spring Batch has a similar concept that is core to its design.


I hope to blog a bit more around this in the coming weeks. I really like Grails and would love to see its usage increase in the coming months and years. I think it has some really cool features that allow you to get up and running very quickly. The plugin system alone is a huge advantage to using Grails, because features like a Chain of Responsibility executor can easily be added to the core Grails system.