[Owasp-leaders] Can we be more helpful to job seekers?

Tom Brennan tomb at owasp.org
Mon Dec 15 12:36:42 EST 2008

We thought hard and tried to accommodate both...  The goal is very
simple, its helping people get back to work or find new employment.
OWASP.ORG is not a job board, we're not a employment or head hunter
firm. For most people that I have talked to about this topic and why
our paid job board never "took off" is that many technical people
seeking individuals to hire with APPSEC skill set they reach out to
that project leader, contributor or local chapter members to meet the

It is very hard to "defend" against a job posting that is just
collecting resumes.. so job hunter beware " and note that officially
"OWASP does not endorse commercial products or services (or job
postings) "

In a attempt not to burden anyone with more post/edit/etc..  I simply
created and linked in a streamlined page that anyone can edit (its a
wiki) so if your company is a supporter of OWASP Foundation and has a
careers page, edit and update it.  If you do not have such a "system"
we can still help email kate.hartman at owasp.org your job and we will
post it for you.

The most important VALUE  I think that is now online is the VIDEO
about seeking employment for BOTH the employed and the job seeker
recorded at a recent OWASP conference.

So main page is:  http://www.owasp.org/index.php/OWASP_Jobs

List of jobs

Page #1 links to jobs : https://www.owasp.org/index.php/OWASP_Jobs-page1

So if you have a job and your hiring.....edit away.  If your hunting
in this economy call/email your contacts your personal network is more
valuable then a shotgun resume approach any day.  If you have some
time on your hands apply for a OWASP Grant or take something that you
have done in appsec and follow these steps to officially launch it to
a global audience with OWASP
http://www.owasp.org/index.php/How_to_Start_an_OWASP_Project  that
might help raise your visibility to new employers ;)

Any other suggestions?

On Mon, Dec 15, 2008 at 12:02 PM, Stephen Craig Evans
<stephencraig.evans at gmail.com> wrote:
> It depends on whether you want false positives or false negatives.
> As far as jobs go, I would prefer false positives.
> Stephen
> On Mon, Dec 15, 2008 at 11:00 PM, Jacob Munson <yacoubean at gmail.com> wrote:
>> On Sat, Dec 13, 2008 at 9:51 PM, Stephen Craig Evans
>> <stephencraig.evans at gmail.com> wrote:
>>> Why do they have to give company name? Why can't it just be a
>>> description of what they do? An HR person might want to give a gmail
>>> account and the company might not want to broadcast that they are
>>> hiring software security people. In my neck of the woods, that
>>> requirement alone would scare off potential employers.
>> I can't speak for the people that originally put this jobs page together,
>> but one possibility for including these requirements is to avoid "spam" from
>> job recruiters.  I'm sure most of us have run into "jobs" from recruiters
>> where all of the job info is top secret.  After further investigation, it
>> turns out the recruiter doesn't even have a job lined up, but he is just
>> trying to get more professionals into his database for future jobs.
>> Requiring a company name and contact info is one way to avoid these junk job
>> postings.
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

Tom Brennan
Board Member
OWASP Foundation
Tel: 973-795-1046 x112
Url: www.owasp.org

More information about the OWASP-Leaders mailing list