Re: Security TAG co-chair nominations


Ricardo Rocha
 

+1 binding

On Tue, Jun 01, 2021 at 04:51:45PM +0000, Sheng Liang via lists.cncf.io wrote:
+1 binding

From: cncf-toc@lists.cncf.io <cncf-toc@lists.cncf.io> On Behalf Of Alena Prokharchyk via lists.cncf.io
Sent: Tuesday, June 1, 2021 9:36 AM
To: Sarah Allen <sarah@ultrasaurus.com>
Cc: CNCF TOC <cncf-toc@lists.cncf.io>
Subject: Re: [cncf-toc] Security TAG co-chair nominations

+1 binding

-alena


On May 29, 2021, at 8:59 AM, Sarah Allen <sarah@ultrasaurus.com<mailto:sarah@ultrasaurus.com>> wrote:

Dear Technical Oversight Committee,
On June 3, 2021, the term<https://github.com/cncf/tag-security#stag-chairs> for two of the three current Security TAG co-chairs, Sarah Allen (@ultrasaurus<https://github.com/ultrasaurus>) and Jeyappragash JJ (@pragashj<https://github.com/pragashj>) comes to an end.

The TOC election process<https://github.com/cncf/toc/blob/main/tags/cncf-tags.md#elections> requires nomination from TOC and then ⅔ vote. We have also followed the Security TAG governance process for proposing candidates, since <https://github.com/cncf/tag-security/blob/main/governance/chair-proposal-process.md> we have clear successors who are already working within the group. <https://github.com/cncf/tag-security/blob/main/governance/chair-proposal-process.md> The candidates below have unanimous support from our TOC liaisons, as well as the three current co-chairs.

We believe that Aradhna Chetal and Brandon Lum, along with current chair Emily Fox, will enable “full coverage of the leadership capabilities across the key qualities of industry experience, hands-on cloud-native and security experience, as well as administrative experience needed to run a Security TAG.” While both currently serve as Tech Leads for the group (as did Emily before she became chair), we do not consider that a prerequisite for the chair position.

Aradhna Chetal<https://www.linkedin.com/in/achetal/>
Senior Director Exec, Cloud Security, TIAA<https://www.tiaa.org/public/>
Research Fellow Cloud Security Alliance<https://cloudsecurityalliance.org/>
TAG Contributions

* Tech Lead, Meeting Facilitator

* Active in Policy team subgroup

* Initiated serverless security whitepaper - Issue#546<https://github.com/cncf/tag-security/issues/546>

* Cloud Native Securty Whitepaper<https://github.com/cncf/sig-security/tree/master/security-whitepaper> - refined scope, created first draft and worked on reviews and completion
External community involvement
Active member of Cloud Security Alliance (CSA), has been an advisor to the board - CSA Seattle Chapter, CSA and NIST Cloud computing workgroups, has influenced best practices & standards for cloud, containers, serverless & microservices security

Brandon Lum<https://www.linkedin.com/in/brandon-lum-a7b79418/>
container security, IBM Research<https://www.research.ibm.com/>
TAG Contributions

* Tech Lead, Meeting Facilitator

* Repo Triage and Issue Management

* Process Improvements & governance

* Leading Cloud Native Security Map/Landscape - Issue#348<https://github.com/cncf/tag-security/issues/348>

* Security Reviews - process improvements and initial assessments PR#247<https://github.com/cncf/sig-security/pull/247>

* Presented SIG-Security session China June 2019<https://docs.google.com/presentation/d/10HAh_gSrtrRyYCihwPXQVBWl2gY0mfSLARJcH-bRG40/edit>, San Diego Nov 2019<https://docs.google.com/presentation/d/1nRu1sDpiJSmezm2e0jrqFren390g5ZrJ8xOccpV1v_E/edit#slide=id.g78de085551_2_2>

* Organized in-person meetup DockerCon, May 2019 issue#151<https://github.com/cncf/sig-security/issues/151>
External community involvement
SPIFFE/SPIRE community<https://spiffe-spire-june21.splashthat.com/> & contributing to SPIFFE book<https://spiffe.io/book/>

Please reply to this email to vote. As always, the CNCF encourages non-binding votes from the community, along with the required votes of TOC members.

Thank you,
Sarah, in collaboration with other Security TAG co-chairs (Emily and JJ) and TOC Liaisons Liz Rice & Justin Cormack








Join cncf-toc@lists.cncf.io to automatically receive all group messages.