[Owasp-leaders] Full time OWASP evangelist...

Dennis Groves dennis.groves at owasp.org
Fri Dec 14 18:44:34 UTC 2012


All,

The current operations team are doing an exception job under less than 
ideal circumstances!

Unlike the rest of us - they are completely biased to keeping OWASP 
alive - it is their livelihood! How are we to decide what is best for 
the operations team when we have no skin in the game? What could a CEO 
bring to the table besides an extra voice of pontification about the 
nature of the operational shoestring?

I think a much better use of the already limited funds is to use the 
resources to expand the operations team so they can grow the revenue of 
OWASP more effectively!

We have an 'evangelist team' it is each and everyone of us on the 
leaders list!




Dennis

-- 
[Dennis Groves](http://about.me/dennis.groves), MSc
[Email me](mailto:dennis.groves at owasp.org) or [schedule a 
meeting](http://goo.gl/8sPIy).

*This email is licensed under a [CC BY-ND 
3.0](http://creativecommons.org/licenses/by-nd/3.0/deed.en_GB) license.*

**Please do not send me Microsoft Office/Apple iWork documents.**
Send [OpenDocument](http://fsf.org/campaigns/opendocument/) instead!
Stand up for your freedom to install [free 
software](http://www.fsf.org/campaigns/secure-boot/statement).

On 14 Dec 2012, at 17:39, Steve Kosten wrote:

> All,
>
> I also think OWASP has done amazingly well in educating the community 
> on
> application security with extremely limited dedicated resources.  As 
> Jerry
> stated, while we have a motivated and very talented volunteer base, 
> perhaps
> more is needed to achieve the mission of the organization.  And as 
> Dennis
> pointed out, there are *so* many areas where we have function while 
> being
> woefully understaffed.
>
> I think we need to ask ourselves, in terms of our mission, where do we 
> want
> to be in 5 years?  Do we see OWASP operating much as it is today with
> dedicated support staff reporting to the board (as this is my current
> understanding).  Or do we see dedicated full time leadership running 
> the
> OWASP day to day activities with support staff while still reporting 
> to the
> board.  Perhaps other options.
>
> While I have not been exposed to the finances of OWASP, I would 
> expect, as
> Jerry stated, that a full-time leadership position could rapidly pay 
> for
> himself/herself and would put us on a stronger foundation for 
> achieving our
> stated mission through the next five years.  By leveraging existing 
> work
> and progress, such a leader could develop additional revenue for the
> organization through training and other means, all of which would be
> actions towards fulfilling our mission.  Sure, we would need revenue
> through sponsorship or other means initially, but I believe we can 
> sell a
> vision that would be rapidly attainable.
>
> To quickly list a few things off, I could see:
>
> - More training for outreach that also funds the organization
> - More support for chapters in lining up speakers for meetings
> - More regional conferences that help fund local chapters and the
> organization
> - Very strong project management and project oversight to help ensure
> our projects are successful in fulfilling our mission goals
>
> My humble thoughts (and always willing to help w/ any of this).
>
> Steve Kosten (Denver chapter lead)
>
>
>
> ------------------------------------------------------
> On Fri, Dec 14, 2012 at 5:34 AM, Sherif Koussa 
> <sherif.koussa at owasp.org>wrote:
>
>> I 100% agree that OWASP need immediate administrative services, 
>> project
>> management, designers, etc more so than an evangelist. However, I 
>> think
>> this is a brilliant idea, because if the evangelist is doing a good 
>> job in
>> spreading the word around, hiring for those positions will be much
>> more attainable goal, because more people will get to know OWASP, 
>> like
>> OWASP, use OWASP and support OWASP which is more likely to turn in 
>> more
>> revenue (training, individual and corporate memberships) that could 
>> be used
>> to hire more people.
>>
>> And the job could definitely be called something else for sure.
>>
>> Regards,
>> Sherif
>>
>>
>> On Fri, Dec 14, 2012 at 2:56 AM, Dinis Cruz <dinis.cruz at owasp.org> 
>> wrote:
>>
>>> They are different things, and yeah we need those too :)
>>>
>>> PS Jim: http://csharp-repl.apphb.com/36
>>>
>>> Dinis Cruz
>>>
>>>
>>> On 14 December 2012 07:38, Jim Manico <jim.manico at owasp.org> wrote:
>>>
>>>> Jerry,
>>>>
>>>> If we substitute "evangelist" with "Marketing Director" or 
>>>> "community
>>>> coordinator" or "volunteer coordinator" or "developer community 
>>>> liaison" -
>>>> would that still work for you?
>>>>
>>>> Let's try a different name to skirt around Dinis' indifference for 
>>>> the
>>>> term "evangelist" even though you were talking about:
>>>> http://en.wikipedia.org/wiki/**Evangelism_marketing<http://en.wikipedia.org/wiki/Evangelism_marketing>- 
>>>> right?
>>>>
>>>> Cheers, Jerry.
>>>> - Jim
>>>>
>>>> PS Dinis:  NTdkZTVkOTcxOTAxOGYwMmVhYzc4Yz**k1OTZmNTlkMDY=
>>>>
>>>>
>>>> We already have that, it's the OWASP leaders (and we should be
>>>>> investing in supporting them better)
>>>>>
>>>>> In terms of hiring staff, there are a lot of other roles that are
>>>>> needed first (sysadmin, tech editors, more project management, 
>>>>> event
>>>>> organisers, designer, reviewers, video/audio editors, etc)
>>>>>
>>>>> And btw, the term 'evangelize' really doesn't work outside the US 
>>>>> and
>>>>> has a lot of religious connotations.
>>>>>
>>>>> That said, if you know of a company that wants to pay somebody to 
>>>>> have
>>>>> that role, them that's great :)
>>>>>
>>>>> Dinis Cruz
>>>>>
>>>>> On 14 Dec 2012, at 04:52, Jerry Hoff <jerry at owasp.org> wrote:
>>>>>
>>>>> Esteemed Board and Leaders,
>>>>>>
>>>>>> I've been doing a lot of thinking about OWASP and our mission - 
>>>>>> and I
>>>>>> really think we need a little more balance.
>>>>>>
>>>>>> We obviously have a strong volunteer base consisting of many of 
>>>>>> the
>>>>>> most experienced and motivated web app sec pros on the planet.
>>>>>>
>>>>>> However, I think we also need more full time owasp employees to
>>>>>> evangelize, coordinate and guide us as we experience sustained 
>>>>>> growth,
>>>>>> attention and involvement.
>>>>>>
>>>>>> We want to make appsec more visible, to inform as many 
>>>>>> stakeholders as
>>>>>> possible of the security issues that plague web and application 
>>>>>> development.
>>>>>>
>>>>>> To better achieve these ends I move to start a petition / 
>>>>>> movement to
>>>>>> hire a full time evangelist.
>>>>>>
>>>>>> Ideally this would be a position filled by a vocal advocate for 
>>>>>> OWASP
>>>>>> and appsec who can take our message and advance it out to the 
>>>>>> developer
>>>>>> community at large.
>>>>>>
>>>>>> This role could also assist the other full time owasp employees 
>>>>>> shape
>>>>>> and guide the organization and its outreach efforts.
>>>>>>
>>>>>> Along with owasp, I've been highly involved with toastmasters - 
>>>>>> what
>>>>>> they have done as an organization can easily serve as an 
>>>>>> organizational
>>>>>> template for us.
>>>>>>
>>>>>> I have deep love and respect for OWASP and everyone who 
>>>>>> volunteers -
>>>>>> I'm extremely confident that investing in a full time evangelist 
>>>>>> will reap
>>>>>> huge returns and cement OWASP even more firmly in the development 
>>>>>> world.
>>>>>>
>>>>>> Leaders, what do you think? Would love to hear from those who 
>>>>>> agree /
>>>>>> disagree. Anyone interested in full time OWASP evangelizing?
>>>>>>
>>>>>> In the meantime I'm going to be working towards getting corporate
>>>>>> sponsorship to fund more full timers.
>>>>>>
>>>>>> Distinti saluti,
>>>>>> Jerry
>>>>>> ______________________________**_________________
>>>>>> OWASP-Leaders mailing list
>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>> https://lists.owasp.org/**mailman/listinfo/owasp-leaders<https://lists.owasp.org/mailman/listinfo/owasp-leaders>
>>>>>>
>>>>> ______________________________**_________________
>>>>> OWASP-Leaders mailing list
>>>>> OWASP-Leaders at lists.owasp.org
>>>>> https://lists.owasp.org/**mailman/listinfo/owasp-leaders<https://lists.owasp.org/mailman/listinfo/owasp-leaders>
>>>>>
>>>>
>>>>
>>>
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders


More information about the OWASP-Leaders mailing list