Much of what @mmartorana needs for onboarding purposes has either already been completed or is in progress with the new technology department onboarding template. But there are a few more Security-Team -specific items below that will need to be completed.
- Create a wikitech ldap user if you have not yet done so.
- Add 2factor to your wikitech login
- Have a phab admin add you to necessary groups: Trusted-Contributors, acl*security and acl*security_team, mostly (T295788)
- Set up Slack/Element and ensure you are added to Security-Team and #security-admin-feed channels
- Set IRC highlight word "secteam" as this is our standard team messaging indicator
- Set enforce for IRC nick
- Request to be added to security-team@ and security@ mailing lists (@JBennett)
- Subscribe to the wikitech-l mailing list
- Request to be subscribed to the private ops-l mailing list via a new Phab task (request sent)
- Get added to the Security Team Google drive (@JBennett)
- Request to be added to wmf ldap group (T295789)
- Request deployment & stats private data access (T295790)
- Add wikitech static /etc/hosts entry (optional)
- Ensure metawiki account (and other relevant wiki accounts are active - OIT/ITS should have taken care of this for you.)
- Create user page on meta (once OIT creates your meta user account) - example: https://meta.wikimedia.org/wiki/User:SBassett_(WMF) (optional)
- Update contact and team info on officewiki
- Create an officewiki user page (optional)
- Review https://www.mediawiki.org/wiki/Security/SOP/Application_Security_Reviews and linked documentation in References section and provide any relevant feedback you may have.