Request for participation: Jenkins Security Officer candidates
12 views
Skip to first unread message
R. Tyler Croy
Dec 8, 2017, 2:48:49 PM12/8/17
to jenkins...@googlegroups.com
Time flies when you're having fun, and or, releasing a whole bunch of security
advisories and patches :)
I should thank Daniel Beck for leading CERT over the past couple years in his
tenure as the Jenkins Security Officer. Jenkins is more secure than effort
thanks to his, and others', diligent efforts.
In accordance with our previously agreed upon team lead proposal
(https://wiki.jenkins-ci.org/display/JENKINS/Proposal+-+Project+sub-teams)
I am now asking, again, on behalf of the Jenkins board[1] for candidates who
are willing to act as the Jenkins Security Officer.
The responsibilities of the Jenkins Security Officer would be to lead Jenkins
Security (CERT) team, and:
* Run the Jenkins CERT meeting
* Manage sending gifts to qualifying reporters of resolved security issues [2]
* Coordinate work on, and releases, of security fixes with plugin authors,
Kohsuke and the LTS team lead
* Publish Security Advisories (including CVE IDs and CVSS) and notify the mailing
list
* Drive security policy definition/changes in the community
* Represent the Jenkins project on security topics with third parties
The expected term of the Security Officer would be 12 months.
Contributors interested in being considered for the Jenkins Security Officer
position should email the board: jenkins...@googlegroups.com in the *next
seven days* explaining their qualifications for the position.
In seven days the board will select a candidate to appoint to the position who
will be able to act on behalf of the Governance Board on matters pertaining to
the position described above
Thanks!
[0] https://wiki.jenkins-ci.org/display/JENKINS/Jenkins+CERT+team
[1] The current board: <https://wiki.jenkins-ci.org/display/JENKINS/Governance+Board>
[2] https://wiki.jenkins-ci.org/display/JENKINS/Rewards+for+reporting+security+issues
- R. Tyler Croy
------------------------------------------------------
Code: <https://github.com/rtyler>
Chatter: <https://twitter.com/agentdero>
% gpg --keyserver keys.gnupg.net --recv-key 1426C7DC3F51E16F
------------------------------------------------------
advisories and patches :)
I should thank Daniel Beck for leading CERT over the past couple years in his
tenure as the Jenkins Security Officer. Jenkins is more secure than effort
thanks to his, and others', diligent efforts.
In accordance with our previously agreed upon team lead proposal
(https://wiki.jenkins-ci.org/display/JENKINS/Proposal+-+Project+sub-teams)
I am now asking, again, on behalf of the Jenkins board[1] for candidates who
are willing to act as the Jenkins Security Officer.
The responsibilities of the Jenkins Security Officer would be to lead Jenkins
Security (CERT) team, and:
* Run the Jenkins CERT meeting
* Manage sending gifts to qualifying reporters of resolved security issues [2]
* Coordinate work on, and releases, of security fixes with plugin authors,
Kohsuke and the LTS team lead
* Publish Security Advisories (including CVE IDs and CVSS) and notify the mailing
list
* Drive security policy definition/changes in the community
* Represent the Jenkins project on security topics with third parties
The expected term of the Security Officer would be 12 months.
Contributors interested in being considered for the Jenkins Security Officer
position should email the board: jenkins...@googlegroups.com in the *next
seven days* explaining their qualifications for the position.
In seven days the board will select a candidate to appoint to the position who
will be able to act on behalf of the Governance Board on matters pertaining to
the position described above
Thanks!
[0] https://wiki.jenkins-ci.org/display/JENKINS/Jenkins+CERT+team
[1] The current board: <https://wiki.jenkins-ci.org/display/JENKINS/Governance+Board>
[2] https://wiki.jenkins-ci.org/display/JENKINS/Rewards+for+reporting+security+issues
- R. Tyler Croy
------------------------------------------------------
Code: <https://github.com/rtyler>
Chatter: <https://twitter.com/agentdero>
% gpg --keyserver keys.gnupg.net --recv-key 1426C7DC3F51E16F
------------------------------------------------------
Reply all
Reply to author
Forward
0 new messages