[Owasp-board] Another OWASP Hire?

tomb at owasp.org tomb at owasp.org
Mon Feb 11 23:01:09 UTC 2008

Where do I apply :) I'll do it for 120k and don't need benefits :) 

Sent via BlackBerry from T-Mobile

-----Original Message-----
From: "Jeff Williams" <jeff.williams at owasp.org>

Date: Mon, 11 Feb 2008 17:02:02 
To:"'OWASP Foundation Board List'" <owasp-board at lists.owasp.org>
Subject: Re: [Owasp-board] Another OWASP Hire?

I strongly support this idea.  I agree with the priorities Dave put suggested (1,3,2).  One of the goals I set back in 2004 was to get OWASP to a place where we could afford to do this, and I’m thrilled we’re finally here. 
From: owasp-board-bounces at lists.owasp.org [mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of Dave Wichers
 Sent: Monday, February 11, 2008 1:34 PM
 To: 'OWASP Foundation Board List'
 Subject: [Owasp-board] Another OWASP Hire? 
OWASP currently has almost $400K at the moment, and revenue/momentum is continuing to build.  I’d suggest we consider another hire. 
There are three positions I think OWASP should consider, but my recommendation is to go after the more expensive but most significant of the three. 
1)      OWASP Chief Evangelist / Leader / Possibly eventual chair – I think hiring someone similar in status to an existing board members that can evangelize, help recruit corporate members, and really push the growth and organization of OWASP is critical to our success.   -  Any of us interested in a new job?   This would be expensive (maybe $125K-$175K) including all benefits but could really be the catalyst to get things moving even faster with OWASP. 
2)      OWASP Developer – Having someone who can work on our key projects, help make them all easy to install/run, merge together similar tools, start generating many more production quality projects at OWASP would be great. 
3)      OWASP Project Manager – Someone like Paulo who has been managing the season of Code Projects who would be responsible for managing ALL OWASP projects, both season of code and standard OWASP projects. 
Each of these gets less expensive, but is not necessarily correspondingly less important. 
If it was me, I’d try to hire #1, then #3, then #2 if I had to pick an order. 
What do you guys think. If you agree that we should consider investing in hiring a senior team member, we should initiate an executive search. Two example people come to my mind, Pravir Chandra (from Cigital) and Michael Sutton (from HP/SPI), but all senior executives like Jack Danahy (Ounce) or Kevin Kiernan (Was from Secure Software) would be great. Now I’m pretty sure Jack/Kevin are not available but they might be able to help us find the right person. In fact, we could contact the Sr. executives of a number of OWASP members to see if they can help us find candidates.  I don’t know how broad/public we want to make this search but it’s pretty critical to get it right. 
Your thoughts? 
-Dave _______________________________________________
Owasp-board mailing list
Owasp-board at lists.owasp.org

More information about the Owasp-board mailing list