[Owasp-leaders] Full time OWASP evangelist...

Dennis Groves dennis.groves at owasp.org
Fri Dec 14 06:13:19 UTC 2012


Hi Jerry,

I love your recent OWASP TV shows, and your participation in OWASP. 
Thank you!

I couldn't agree more with you about us needing more full-time 
employee's. However, for me the problem with bringing on an evangelist 
at this time - is that we currently have a single employee running 
*four* major AppSec conferences per year. Something unheard of for any 
other conference. Do you think RSA, SANS, InfoSec, Blackhat or DefCon 
are running on one employee???

This is a ridiculous state of affairs. We have just recently hired a 
Project Manager to clean up the *extra-ordinary mess* that is our KEY 
VALUE, the OWASP Projects, all 283 of them. Ordinary project managers 
manage 5 projects. Truly extra-ordinary project managers, maybe twice 
that. The current staff have an insane burden, and many in the community 
disagree with what little the staff are doing; making it even more 
difficult to get what little change that they can drive done.

We have a single operations manager, a single person managing 
memberships and sponsors. A part-time accountant and currently we have 
no IT, no sales, no marketing at all to speak of! We don't even have any 
administrative support for the staff!!! Can you imagine WhiteHat / 
Aspect / IO Active or any other company running the same way?! While we 
are a non-profit, this is a pathetic state of affairs.

So I agree, we do need more employees, we need more employees to support 
the existing staff so that they can operate even better. We need to fill 
in the vacancies in IT (we owe an enormous debt to Matt for all the 
volunteer work he does - he uses his personal vacation time to serve 
OWASP - WTF??? ) This way we can have an infrastructure that will 
support all the awesome that a full-time evangelist would bring!

We need to step up to the plate and support our incredible team with 
more than just our undying gratitude and thanks. We need to start 
supporting the staff with support in the form of additional employees to 
ease the incredible workload that 32k people create world-wide. OWASP is 
awesome, but we should also make sure it is an awesome place to work.

Thank you again Jerry, lets work together to change the current state of 
affairs;

Dennis

-- 
[Dennis Groves](http://about.me/dennis.groves), MSc
[Email me](mailto:dennis.groves at owasp.org) or [schedule a 
meeting](http://goo.gl/8sPIy).

*This email is licensed under a [CC BY-ND 
3.0](http://creativecommons.org/licenses/by-nd/3.0/deed.en_GB) license.*

**Please do not send me Microsoft Office/Apple iWork documents.**
Send [OpenDocument](http://fsf.org/campaigns/opendocument/) instead!
Stand up for your freedom to install [free 
software](http://www.fsf.org/campaigns/secure-boot/statement).

On 14 Dec 2012, at 4:52, Jerry Hoff wrote:

> Esteemed Board and Leaders,
>
> I've been doing a lot of thinking about OWASP and our mission - and I 
> really think we need a little more balance.
>
> We obviously have a strong volunteer base consisting of many of the 
> most experienced and motivated web app sec pros on the planet.
>
> However, I think we also need more full time owasp employees to 
> evangelize, coordinate and guide us as we experience sustained growth, 
> attention and involvement.
>
> We want to make appsec more visible, to inform as many stakeholders as 
> possible of the security issues that plague web and application 
> development.
>
> To better achieve these ends I move to start a petition / movement to 
> hire a full time evangelist.
>
> Ideally this would be a position filled by a vocal advocate for OWASP 
> and appsec who can take our message and advance it out to the 
> developer community at large.
>
> This role could also assist the other full time owasp employees shape 
> and guide the organization and its outreach efforts.
>
> Along with owasp, I've been highly involved with toastmasters - what 
> they have done as an organization can easily serve as an 
> organizational  template for us.
>
> I have deep love and respect for OWASP and everyone who volunteers - 
> I'm extremely confident that investing in a full time evangelist will 
> reap huge returns and cement OWASP even more firmly in the development 
> world.
>
> Leaders, what do you think? Would love to hear from those who agree / 
> disagree. Anyone interested in full time OWASP evangelizing?
>
> In the meantime I'm going to be working towards getting corporate 
> sponsorship to fund more full timers.
>
> Distinti saluti,
> Jerry
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders


More information about the OWASP-Leaders mailing list