[Owasp-leaders] Hiring a technical author

Paul Ritchie paul.ritchie at owasp.org
Mon Nov 9 22:12:38 UTC 2015


+1 to Josh's comment about contract editors for flexibility in expertise
and project size, rather than commit to FTE at this point.

There appears to be broad community acceptance of the concept, so next
steps would be.....

1.  Project leaders in need of support today, or by early 1st Qtr 2016, *should
draft up a 1 page summary of 'need',* defining any specific editing skills,
the length of time the person might be needed, and the list of anticipated
outputs......Create document A, Edit & update document B, etc.

2.  I'm open to 'how' we connect job need with freelance editors.
---  OWASP culture supports Project leaders reaching out directly to
contractors to select the 'best fit' for their project.
---  Elance is a reasonable solution too.
---  We can also allocate a portion of Claudia's time as Project
Coordinator to help coordinate finding contractors to fit project needs.

3.  The Foundation will need to have the contractors sign off on some basic
contractor agreement for payment and deliverables, so once a contractor is
identified, let us know so we can help finish 'the paperwork'.

4.  Funding - As always, Project level budgets get used first, then if the
need is more than a project has budgeted, Project leader can make the
request for the additional funding.  As Josh mentioned, funds are available.

My suggestions to move this issue toward some actionable next steps.
Paul


Best Regards, Paul Ritchie
OWASP Executive Director
paul.ritchie at owasp.org


On Mon, Nov 9, 2015 at 1:46 PM, Josh Sokol <josh.sokol at owasp.org> wrote:

> Going back to Simon's original request, I think that he had the right
> idea.  Projects that have funds should absolutely feel free to hire a
> contract technical editor to help with these things.  For projects that
> don't have funds, in January you'll have $500, and can certainly use that
> for this purpose.  There are also still pools of money that could be used
> for it.  As for hiring a FTE to do this, I'm not sure that's warranted.  As
> the charity is moving over $1m/yr in revenue, we need to be conscious of
> how much money is spent on overhead vs on the mission.  FTE's are typically
> viewed as overhead to support, while a contractor would be directly
> supporting an initiative.  A small difference, but a difference nonetheless
> where reporting is concerned.  I would like to see us follow Paul's
> guidance here in establishing the need and quality before considering
> hiring somebody as a FTE.
>
> ~josh
>
> On Mon, Nov 9, 2015 at 1:50 PM, Bill Sempf <bill at pointweb.net> wrote:
>
>> Hey, everyone, I have a large number of freelance technical writer/editor
>> resources from my writing with Wiley.  I can reach out and get a list of
>> people we can bring in who are known entities.
>>
>> S
>>
>>
>> On Mon, Nov 9, 2015 at 2:26 PM, johanna curiel curiel <
>> johanna.curiel at owasp.org> wrote:
>>
>>> Dinis Idea is great. I think hiring contracting through Elance is a good
>>> way to experiment without much risk
>>>
>>>
>>> On Mon, Nov 9, 2015 at 1:20 PM, Jim Manico <jim.manico at owasp.org> wrote:
>>>
>>>> Sounds reasonable so we can pull from different sets of expertise....
>>>>
>>>>
>>>> On 11/9/15 7:09 AM, Dinis Cruz wrote:
>>>>
>>>> I agree that this is a very important resource, and maybe instead of
>>>> hiring a FTE, why don't we make a budget available for this, and then allow
>>>> the leaders to allocate it using 'blocks of time contracts'
>>>>
>>>> The actual contract could/should be managed by OWASP's FTE (or
>>>> something like elance) and in practice OWASP would be contracting 5/10/20
>>>> days of technical editing from N contractors (located anywhere in the world)
>>>>
>>>> This will most likely be better than one FTE dedicated as technical
>>>> author (since we would be able to hire based on technical knowledge and
>>>> focus)
>>>>
>>>> Dinis
>>>>
>>>> On 9 November 2015 at 16:56, Jim Manico <jim.manico at owasp.org> wrote:
>>>>
>>>>> Johanna,
>>>>>
>>>>> I've been thinking about this hire quite a bit. I agree with you,
>>>>> Simon and several other project leaders who have echoed this request. It
>>>>> seems like a solid hire request (in some form or fashion) that would serve
>>>>> the foundation in several regards. I get the feeling we could keep a
>>>>> technical writer busy full time year round.
>>>>>
>>>>> I'd also like to see some technical resources enhance the wiki,
>>>>> especially around editorial controls, but I think we could make that happen
>>>>> with a contractor.
>>>>>
>>>>> At the end of the day, this is Paul's call, but these suggestions
>>>>> certainly help. :)
>>>>>
>>>>> Aloha,
>>>>> Jim
>>>>>
>>>>>
>>>>>
>>>>> On 11/8/15 5:29 AM, johanna curiel curiel wrote:
>>>>>
>>>>> Hi All
>>>>>
>>>>> I think we need a Technical Editor to help us clean up the text and a
>>>>> Wiki admin content manager, someone responsible for organising the content
>>>>> The Wiki Content Manager can work on how to structure the Wiki and
>>>>> apply a process similar to the Mozilla wiki for reviewing and publishing
>>>>> content
>>>>> I think we need to be realistic that a Wiki Content manager will not
>>>>> be able to 'know' how to structure Security content if himself is not
>>>>> familiar with the content
>>>>>
>>>>> I think a Technical Editor will help shape the actual content and we
>>>>> should apply he rule 'divide and conquer'
>>>>>
>>>>> Begin helping first some projects like ZAP, then it can move on to
>>>>> other tasks but these ones should be organised in a project , prioritising
>>>>> the content that needs to be reviewed and organised first.
>>>>>
>>>>> Regards
>>>>>
>>>>> Johanna
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Fri, Nov 6, 2015 at 12:42 PM, Jim Manico < <jim.manico at owasp.org>
>>>>> jim.manico at owasp.org> wrote:
>>>>>
>>>>>> I agree with you 1000%, Tim.
>>>>>>
>>>>>> I am trying to encourage OWASP to hire someone full time to own the
>>>>>> wiki from a technical and editorial point of view. We do not even have the
>>>>>> wiki community editorial features turned on, which is one of the main
>>>>>> benefits of a real wiki...
>>>>>>
>>>>>> I'm trying, Tim.
>>>>>>
>>>>>> Aloha,
>>>>>> Jim
>>>>>>
>>>>>>
>>>>>> On 11/6/15 6:40 AM, Tim wrote:
>>>>>>
>>>>>>> I think this is an excellent idea.  Certainly some projects need the
>>>>>>> documentation help, but I'd be particularly interested in seeing this
>>>>>>> applied to the wiki.  Lots of areas can be improved.  Far too many
>>>>>>> technical topics in the wiki are out of date or disorganized to the
>>>>>>> point where I (as a pentester) don't feel good about pointing my
>>>>>>> clients to them.  But as Paul mentions, a conservative step-by-step
>>>>>>> approach is prudent.
>>>>>>>
>>>>>>> tim
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Fri, Nov 06, 2015 at 08:30:37AM -0800, Paul Ritchie wrote:
>>>>>>>
>>>>>>>> Hello Simon Jim, All:
>>>>>>>>
>>>>>>>> Re:  technical author working on a load of ZAP documentation.
>>>>>>>>
>>>>>>>> +1 on my side.  I would like to see this proceed with some
>>>>>>>> 'first-hand'
>>>>>>>> recommendations from the Community on 'contract authors' who have
>>>>>>>> been
>>>>>>>> efficient & successful on past projects.
>>>>>>>> I'd also like to see the search look on a Global Scale to help
>>>>>>>> reduce costs.
>>>>>>>>
>>>>>>>> At this moment, I would not be supportive of a FT person until we
>>>>>>>> see
>>>>>>>> enough work for FT, and the quality/consistency of the contractors
>>>>>>>> output.
>>>>>>>>
>>>>>>>> Paul
>>>>>>>>
>>>>>>>> Best Regards, Paul Ritchie
>>>>>>>> OWASP Executive Director
>>>>>>>> paul.ritchie at owasp.org
>>>>>>>>
>>>>>>>>
>>>>>>>> On Fri, Nov 6, 2015 at 7:57 AM, Jim Manico <jim.manico at owasp.org>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>> Simon,
>>>>>>>>>
>>>>>>>>> Your request is duly noted, Simon.
>>>>>>>>>
>>>>>>>>> What a great time to bring this up as we are going to be
>>>>>>>>> discussing 2016
>>>>>>>>> budgeting soon.
>>>>>>>>>
>>>>>>>>> Give me a few weeks but I'll keep you updated on the progress of
>>>>>>>>> this
>>>>>>>>> request.
>>>>>>>>>
>>>>>>>>> I get the feeling that between the wiki and a few projects alone,
>>>>>>>>> we could
>>>>>>>>> keep more than one technical writer busy full time....
>>>>>>>>>
>>>>>>>>> Aloha,
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> Jim Manico
>>>>>>>>> Global Board Member
>>>>>>>>> OWASP Foundationhttps:// <http://www.owasp.org>www.owasp.org
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On 11/6/15 12:14 AM, psiinon wrote:
>>>>>>>>>
>>>>>>>>> We could _really_ do with a technical author working on a load of
>>>>>>>>> ZAP
>>>>>>>>> documentation.
>>>>>>>>> Does anyone have any recommendations for someone we could employ
>>>>>>>>> (we have
>>>>>>>>> some funds)?
>>>>>>>>>
>>>>>>>>> Are any other projects interested in doing something similar?
>>>>>>>>> Could OWASP employ a technical author (full time/part
>>>>>>>>> time/contract) and
>>>>>>>>> them make them available to projects (possibly for a discounted
>>>>>>>>> fee)?
>>>>>>>>> I suspect we could keep one pretty busy between us...
>>>>>>>>>
>>>>>>>>> Cheers,
>>>>>>>>>
>>>>>>>>> Simon
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> OWASP ZAP < <https://www.owasp.org/index.php/ZAP>
>>>>>>>>> https://www.owasp.org/index.php/ZAP> Project leader
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> OWASP-Leaders mailing <listOWASP-Leaders at lists.owasp.orghttps://>
>>>>>>>>> listOWASP-Leaders at lists.owasp.orghttps://
>>>>>>>>> lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> OWASP-Leaders mailing list
>>>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>> OWASP-Leaders mailing list
>>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>>
>>>>>>>
>>>>>> --
>>>>>> Jim Manico
>>>>>> Global Board Member
>>>>>> OWASP Foundation
>>>>>> https://www.owasp.org
>>>>>>
>>>>>> _______________________________________________
>>>>>> OWASP-Leaders mailing list
>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Jim Manico
>>>>> Global Board Member
>>>>> OWASP Foundationhttps://www.owasp.org
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> OWASP-Leaders mailing list
>>>>> OWASP-Leaders at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>
>>>>>
>>>>
>>>> --
>>>> Jim Manico
>>>> Global Board Member
>>>> OWASP Foundationhttps://www.owasp.org
>>>>
>>>>
>>>
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>>
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20151109/e5b13b4a/attachment-0001.html>


More information about the OWASP-Leaders mailing list