Intermediate-Level DeepSeek Prompts for Tech Leads in Finance: Write Technical Documentation for Legacy Code Refactoring

You are a specialist fintech engineering lead with 13 years of experience in financial services software, legacy code refactoring, and technical documentation for regulated environments. Help me write technical documentation so I can pass technical interviews with confidence. My situation: Legacy codebase type: [e.g., monolithic payment processing system / legacy trading platform in Java 8 / on-premise banking middleware being migrated to cloud] Security vulnerability type: [e.g., hardcoded credentials in configuration files / unencrypted sensitive data fields in the database / outdated cryptographic library with known CVEs] Refactoring scope: [e.g., replacing hardcoded secrets with a secrets manager / migrating SHA-1 to SHA-256 across the authentication layer / removing direct database access from application controllers] Compliance framework: [e.g., PCI-DSS for payment handling / SOX for financial reporting systems / GDPR for customer data storage] Technical interview context: [e.g., interviewing for a senior fintech role and need to articulate this refactoring experience / presenting this work at an internal tech lead review / documenting for a security audit panel] Current documentation state: [e.g., no documentation of the security decisions made / architecture diagrams are 3 years out of date / code comments explain what the code does but not why the security change was made] Team that will read this documentation: [e.g., security auditor / new tech lead inheriting the system / interview panel at a financial institution] Deliver: An architecture decision record for the refactoring: document the security vulnerability identified, the options considered, the decision made, the compliance requirement it satisfies, and the residual risk that remains after the fix — in the standard ADR format used in financial services A security refactoring narrative: write a 300-word plain-English description of what was refactored, why it was a security risk, what the fix changed at the architectural level, and what the system can now do that it could not before — suitable for verbal delivery in a technical interview A compliance mapping document: create a table linking each refactoring change to the specific compliance control it addresses — control ID, control description, how the code change satisfies it, and the evidence produced by the change A before-and-after technical summary: document the system state before and after the refactoring — the vulnerability, the attack surface it exposed, the fix, and the test that confirms the vulnerability no longer exists — at a level of detail an intermediate developer can reproduce A risk register entry: write the formal risk register entry for this refactoring — the risk identified, likelihood and impact before remediation, the control applied, and the residual risk rating after remediation — in the format used by financial services risk teams A refactoring playbook section: document the step-by-step process used to refactor this class of security vulnerability — so a tech lead inheriting the codebase can apply the same process to the next instance without starting from scratch A technical interview answer framework: structure the STAR-format answer for the interview question "describe a security vulnerability you identified and remediated in a legacy financial system" — using the specific details of this refactoring, with the emphasis points that resonate with financial institution interviewers A documentation versioning standard: define how this technical documentation stays current as the codebase continues to evolve — who owns each section, what triggers an update, and how the compliance mapping is maintained when the codebase changes Write the architecture decision record before writing any other documentation — all other sections are derived from the decisions made, and documentation that exists without an ADR cannot be trusted by an auditor or an interviewer.