First, let me thank Daniel Beck for his work as the inaugural Jenkins Security Officer over the past year. I would also like to thank the numerous members of the CERT[0] team who have helped Daniel guide the project's security policies, disclosures and updates.
In accordance with our previously agreed upon team lead proposal (https://wiki.jenkins-ci.org/display/JENKINS/Proposal+-+Project+sub-teams) I am now asking, again, on behalf of the Jenkins board[1] for candidates who are willing to act as the Jenkins Security Officer. The responsibilities of the Jenkins Security Officer would be to lead Jenkins Security (CERT) team, and: * Run the Jenkins CERT meeting * Manage sending gifts to qualifying reporters of resolved security issues [2] * Coordinate work on, and releases, of security fixes with plugin authors, Kohsuke and the LTS team lead * Publish Security Advisories (including CVE IDs and CVSS) and notify the mailing list * Drive security policy definition/changes in the community * Represent the Jenkins project on security topics with third parties The expected term of the Security Officer would be 12 months. Contributors interested in being considered for the Jenkins Security Officer position should email the board: jenkinsci-bo...@googlegroups.com in the *next seven days* explaining their qualifications for the position. In seven days the board will select a candidate to appoint to the position who will be able to act on behalf of the Governance Board on matters pertaining to the position described above Thanks! [0] https://wiki.jenkins-ci.org/display/JENKINS/Jenkins+CERT+team [1] The current board: <https://wiki.jenkins-ci.org/display/JENKINS/Governance+Board> [2] https://wiki.jenkins-ci.org/display/JENKINS/Rewards+for+reporting+security+issues - R. Tyler Croy ------------------------------------------------------ Code: <https://github.com/rtyler> Chatter: <https://twitter.com/agentdero> % gpg --keyserver keys.gnupg.net --recv-key 1426C7DC3F51E16F ------------------------------------------------------ -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/20161121214738.GA3000%40blackberry.coupleofllamas.com. For more options, visit https://groups.google.com/d/optout.
signature.asc
Description: Digital signature
