[Owasp-board] 1st OWASP hire - Admin Support?

Andrew van der Stock vanderaj at greebo.net
Tue Oct 16 02:54:52 UTC 2007


(sorry for the cross-posting - board e-mails do not work for me at  
the moment)

When I was SAGE-AU President, one of the very first things we did as  
soon as I made el Presidente was to offload all the administrivia to  
an admin person. Before my presidency, We had a really nice lady 4  
hours a week, and only bumped her hours when the annual conference  
became a nightmare. That really wasn't enough and it was hampering  
growth. So we made her full time against the wishes of a large  
minority on the SAGE-AU executive committee, but it was the best  
thing SAGE AU ever did. Membership jumped from 650 to just under 1000  
in the next two years. It's amazing the difference when the executive  
board is free to do strategy and leave the execution to others.

I think we need this. Once we have an admin person full time, we can  
really concentrate on getting more individual members, and getting  
those processed in a timely fashion. More on this point in another  
post. I firmly believe without a full time admin person, we cannot  
get the 1000 or so individual memberships we could get (an easy $100k  
per year). This position would be self funding if we managed  
somewhere in the range of 500-600 memberships. With 1000 renewals and  
sending out membership packs, and so on, would swamp our current  
resources, so we do need that person to grow to that point.

(Aspect hat really, really off - OWASP hat firmly ensconced on my  
noggin) On the location for this resource, considering three of us  
are in the Aspect offices, I think that makes it the best location -  
we can pop our head around the corner and say "hi". This really  
helped with the interns. If cost is an issue, much of Europe is more  
expensive than the USA, and London even more so. Asia is nice and  
cheap, but we don't really have a lot of solid resources in that area  
yet. Australia is about the only place I'd support the person if it's  
not in the Aspect offices. Justin Derry's company, b-sec, has nice  
offices in Brisbane. We could ask them if they could host our admin  
person. However, honestly, it wouldn't be much cheaper than doing it  
in the USA (maybe $10-20k per year max) and we'd lose the synergy of  
being able to see the person regularly and making sure they're okay,  
have a safe working environment and have adequate resources to do  
their thing on OWASP's behalf. Plus, as OWASP is a not for profit, so  
paying someone and coping with their (foreign) taxes in another  
country might be a tad difficult without setting up another OWASP  
shell company in that country, and we may lose any benefit of our tax  
deductibility. I know Australian law is pretty down on charities with  
a single employee (it just doesn't happen).

OWASP just needs this to go to the next level. I am surprised we've  
taken this long without having someone on the payroll already. I  
strongly urge this course of action, no matter where the person is  
located.

thanks,
Andrew

On Oct 15, 2007, at 3:09 PM, Dave Wichers wrote:

> I think it’s well past time that OWASP hire a full time  
> administrator to do a lot of the stuff that Aspect employees are  
> now doing for OWASP.  Attached is a job description for this position.
>
>
>
> Given the interdependencies of all the various things that Aspect  
> currently does, and to smooth the transition, we’d recommend that  
> this person be hired and work out of Aspect’s offices.
>
>
>
> We’ll plan to set as much up as possible so this person does work  
> for OWASP, is paid by OWASP, has benefits provided by OWASP, and  
> only uses Aspect resources when absolutely necessary. For example,  
> Aspect can lease a tiny amount of office space to OWASP for this  
> person, can share our phone and networking infrastructure, but  
> practically everything else can be provided by OWASP itself. My  
> goal is to make this as completely independent as possible, which  
> would be much more so than the current arrangement where Aspect is  
> reimbursed for OWASP support provided by various Aspect admin  
> personnel.
>
>
>
> Aspect still plans to provide support to OWASP in the way we do now  
> (network admin support, overflow admin support, etc.), but the goal  
> would be for this new hire to take on as much of this work as  
> possible. I actually believe that this person will quickly get  
> overwhelmed and would still need help from Aspect, but when that  
> person got too busy, then we could hire another OWASP employee,  
> etc. This is a way of transitioning to full time OWASP support when  
> the quantity of basic support that Aspect has been providing  
> becomes too great.
>
>
>
> I’m thinking a base salary in the $30K-$50K range for this  
> position, based on the experience of the person being hired. Plus a  
> set of benefits that we would have to define.
>
>
>
> What do you guys think about this idea?
>
>
>
> -Dave
>
>
>
>
>
>
>
>
>
> <OWASP Administrator.docx>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2458 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20071015/a729bb0e/attachment-0002.bin>


More information about the Owasp-board mailing list