1. posterid:740821
  2. Messages

Re: Security TAG co-chair nominations

Dave Zolotusky
 

+1 binding

On Tue, Jun 1, 2021 at 1:03 PM Justin Cormack via lists.cncf.io <justin.cormack=docker.com@...> wrote:
+1 (binding)

Justin


On Sat, May 29, 2021 at 5:00 PM Sarah Allen <sarah@...> wrote:

Dear Technical Oversight Committee,

On June 3, 2021, the term for two of the three current Security TAG co-chairs, Sarah Allen (@ultrasaurus) and Jeyappragash JJ (@pragashj) comes to an end. 


The TOC election process requires nomination from TOC and then ⅔ vote.  We have also followed the Security TAG governance process for proposing candidates, since we have clear successors who are already working within the group. The candidates below have unanimous support from our TOC liaisons, as well as the three current co-chairs.


We believe that Aradhna Chetal and Brandon Lum, along with current chair Emily Fox, will enable “full coverage of the leadership capabilities across the key qualities of industry experience, hands-on cloud-native and security experience, as well as administrative experience needed to run a Security TAG.”  While both currently serve as Tech Leads for the group (as did Emily before she became chair), we do not consider that a prerequisite for the chair position.


Aradhna Chetal 

Senior Director Exec, Cloud Security, TIAA

Research Fellow Cloud Security Alliance 

TAG Contributions

  • Tech Lead, Meeting Facilitator

  • Active in Policy team subgroup

  • Initiated serverless security whitepaper - Issue#546

  • Cloud Native Securty Whitepaper - refined scope, created first draft and worked on reviews and completion

External community involvement 

Active member of Cloud Security Alliance (CSA),  has been an advisor to the board - CSA Seattle Chapter,  CSA and NIST Cloud computing workgroups, has influenced best practices & standards for cloud, containers, serverless & microservices security



Brandon Lum

container security, IBM Research 

TAG Contributions

  • Tech Lead, Meeting Facilitator 

  • Repo Triage and Issue Management

  • Process Improvements & governance 

  • Leading Cloud Native Security Map/Landscape - Issue#348

  • Security Reviews - process improvements and initial assessments PR#247

  • Presented SIG-Security session China June 2019, San Diego Nov 2019

  • Organized in-person meetup DockerCon, May 2019 issue#151

External community involvement 

SPIFFE/SPIRE community & contributing to SPIFFE book



Please reply to this email to vote.  As always, the CNCF encourages non-binding votes from the community, along with the required votes of TOC members.


Thank you,

Sarah, in collaboration with other Security TAG co-chairs (Emily and JJ) and TOC Liaisons Liz Rice & Justin Cormack




--
~Dave

Join {cncf-toc@lists.cncf.io to automatically receive all group messages.