[Owasp-leaders] OWASP's New Executive Director - process?

Eoin eoin.keary at owasp.org
Sun Apr 14 14:19:47 UTC 2013


Leaders, if required I believe anyone with a strong view either way could attend a conference call to go through the process of hiring our new exec.

On a board level, when this role was suggested there were sceptics, supporters etc. and the issues were worked through to the final decision and outcome. So this was a robust process.

I think this new role and structure should improve things for the better such as supporting chapters, defining accountability, having an official spokesperson etc.

I'd like to ask what are the perceived nagative issues? 

Eoin Keary
Owasp Global Board
+353 87 977 2988


On 13 Apr 2013, at 23:48, Jim Manico <jim.manico at owasp.org> wrote:

> I meant 90 hours; but you get my point. :) These are good questions
> and I'm endeavoring to answer them as directly and honestly as I can.
> 
> Aloha,
> --
> Jim Manico
> @Manicode
> (808) 652-3805
> 
> On Apr 13, 2013, at 6:47 PM, Tobias <tobias.gondrom at owasp.org> wrote:
> 
>> Thank you for the information and clarification. I see.
>> Best regards, Tobias
>> 
>> Ps.: btw. it seems you might have misread my email: the time from
>> announcement of the role to filling it was 90 hours, not 90 days. ;-)
>> 
>> 
>> 
>> On 13/04/13 23:39, Jim Manico wrote:
>>> There was no selection process. As stated below, the board met in
>>> private (because this was a staffing matter). After several rounds of
>>> discussion by the board, and after an official unanimous vote, we
>>> voted to promote Sarah Baso to Executive Director.
>>> 
>>> This transpired over several weeks, not 90 days.
>>> --
>>> Jim Manico
>>> @Manicode
>>> (808) 652-3805
>>> 
>>> On Apr 13, 2013, at 6:30 PM, Tobias <tobias.gondrom at owasp.org> wrote:
>>> 
>>>> Jim,
>>>> 
>>>> hm, thanks for the answer to my question #2.
>>>> I read your answer as: at the current moment a replacement hire for
>>>> Sarah's previous role is not planned.
>>>> 
>>>> And not sure whether your first part of your email is intended to be an
>>>> answer to my first question of "Would you mind to share some information
>>>> about the process you used for this?"
>>>> 
>>>> Actually, although I don't like "private meetings" too much, I am less
>>>> concerned about them as such, as long as the process itself is clear and
>>>> is being communicated openly and allows community input (e.g. the JD and
>>>> required qualifications and responsibilities and on the process, not the
>>>> individual candidates). In this case I was quite surprised by how fast
>>>> we moved from creation of the ED role to announcement of filling it. You
>>>> did this in just 90 hours. Which is probably the fastest I have ever
>>>> seen and makes me quite curious to find out what process you used. I
>>>> have hired a number of people in the past and so far this is the fastest
>>>> process I have ever seen, which raises a few simple questions:
>>>> - at that speed, was there some kind of selection process already before
>>>> the announcement of the new role and what was that?
>>>> - did you have a JD (job description) with the outlined needed
>>>> qualifications, experience, skills? (I saw the role description with the
>>>> responsibilities of the role, but that doc didn't have any information
>>>> on what person you are looking for), did you have a certain salary range
>>>> in mind? etc.
>>>> - How many candidates did you consider? (and were there any applications
>>>> from the community in these 90hours?)
>>>> - And depending on the number of applications you had, how did you
>>>> determine the match and for what reason did you choose to not ask for
>>>> further applications from the community?
>>>> - How many interviews did you conduct, how many board members were
>>>> involved in the interview process?
>>>> 
>>>> I find your last sentence about the distribution of power interesting.
>>>> And that seizing of new power sounds an alarm for you. Maybe a thought:
>>>> taking a step back it seems what just happened is that in fact we did
>>>> concentrate power from a group of elected people (the board) to one
>>>> individual (the ED), and note: our other staff's power has probably also
>>>> been reduced in relationship to the ED. I am not debating whether this
>>>> is right or wrong in this case (as one might argue that the board needs
>>>> to choose to delegate this power due to time constraints and/or lack of
>>>> own personal capability). But using your own concept, as we concentrated
>>>> power in one individual role, we should be very careful and as open as
>>>> possible (of course within the legal boundaries) with the process of
>>>> doing so?
>>>> 
>>>> So I would be really interested to learn a little bit about the process
>>>> OWASP used in the selection.
>>>> 
>>>> Best wishes, Tobias
>>>> 
>>>> 
>>>> Ps.: and again: Let me be clear I am making no statement about the
>>>> decision itself or Sarah's qualification for this role.
>>>> 
>>>> 
>>>> 
>>>> 
>>>> On 13/04/13 22:26, Jim Manico wrote:
>>>>> Tobias,
>>>>> 
>>>>> We were not seeking candidates for this role. We (unanimously)
>>>>> promoted Sarah to Executive Director. Because these board conversation
>>>>> were about employee matters, we had those conversations in private.
>>>>> It's the •only• private board discussion that I have seen in 2013
>>>>> during my term. It's the primary role of the board to hire staff
>>>>> 
>>>>> As Executive Director, it's now Sarahs job to rearrange the staff as
>>>>> she sees fit or hire someone new (if the budget allows).
>>>>> 
>>>>> So the answer is, we shall see!
>>>>> 
>>>>> Last note, I am very wary regarding "private board discussions". If
>>>>> the board has private discussions that lead to seizing of new power,
>>>>> that's a huge alarm. But the opposite happened here. We removed
>>>>> operational leadership from the board and passed it to Sarah and the
>>>>> staff. It's the boards job to keep watch over this, but I'm personally
>>>>> really thrilled about this change in OWASP's organizational structure.
>>>>> 
>>>>> Aloha,
>>>>> --
>>>>> Jim Manico
>>>>> @Manicode
>>>>> (808) 652-3805
>>>>> 
>>>>> On Apr 13, 2013, at 5:17 PM, Tobias <tobias.gondrom at owasp.org> wrote:
>>>>> 
>>>>>> As OWASP created the new ED position and Sarah got promoted into this. Do we now intend to hire a new person to take over Sarah's previous role?
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders


More information about the OWASP-Leaders mailing list