Security TAG Technical Lead Proposal Process

Security Technical Leads operate as a team alongside the Co-Chairs. The Co-Chair team seeks enhance the leadership capabilities of the existing co-chairs across the key qualities of industry experience, hands-on cloud-native and security experience, as well as administrative experience needed to assist in the execution of the various projects and efforts that make the Security TAG so successful.

Caveats of Technical Leads

  • The position of a technical lead does not guarantee future co-chair nomination
  • The position of a technical lead is not a paid position (co-chairs are also not paid positions)
  • Technical leads have responsibilities to the Security TAG, the leadership team, and the TOC
  • Nominations by the community (with co-chair endorsement) or co-chairs still requires TOC approval

Process of nominations

Depending on the needs of the community, as determined by the Security TAG leadership team, technical lead nominations may come in the form of “Nominees by community”, “Nominees by co-chairs”, or both.

The Security TAG does not have a current limit on the amount of technical leads.

Final technical lead nominations will adhere to the CNCF’s TOC described process .

Nominees by community

Community nominees should adhere to the technical lead nomination requirements described below. Any individual who is a member of the Security TAG list or the tag-security slack channel may nominate another individual.

The co-chairs reserve the right to endorse a nominee by the community based on:

  • Gender diversity
  • Company diversity
  • Geo diversity
  • Amount of nominations from different companies, people, regions for a single individual
  • Existing body of work
  • Justification provided during nomination

Community timeline

Community nominations will run for at least 1 month with a maximum up to 2 months. Upon close of nominations a decision will be made by the co-chairs within the next month in order to conform to the TOC process.

Submitting a nomination

Nominations are to be submitted to Security TAG Co-Chairs email alias with the details:

  • Subject “Technical Lead nomination: $NAME-OF-NOMINEE”
  • CC the nominee
  • TL requirements with examples (described below)
  • Justification

Endorsement of community nominees

Co-chairs are responsible for providing endorsement of a community nominee to show concurrence and support.

If no nominees are submitted by the community either as a result of lack of participation, lack of requirements, or from co-chair specific selection (non-community nomination process), the co-chairs must endeavor to nominate an individual(s) that meet as many of the requirements as exist.

Nominees by co-chairs

Nominees by co-chairs adhere to the technical lead requirements described below. Co-chairs are responsible for documenting statistic information of all nominee types for endorsement and presentation to the TOC.

Technical Lead nomination requirements

In order to verify nominees by the community or by co-chairs have experience with the group and are actively contributing in a meaningful way, the following requirements must be met in order for an individual to be nominated.

If a given nominee does not meet all the requirements, the co-chairs will still review the nomination and justification to determine if enough intent and commitment is present to move forward with an endorsement.

Nominees must:

  • have been project or review lead on at least one project or security assessment/review
  • be the author of at least one pull request against the Security TAG repository
  • be active in the community within the last 6 months prior to their nomination.
  • active - Attending at least 1 Security TAG Regular Meeting a month
  • engaging in community chat via slack or lists
  • commenting on PRs and issues to drive suggestions to proposals, define scope, resolve clarity issues, etc.
  • agree to the nomination

Nominations must:

  • come from someone other than the nominee
  • have justification from the nominator regarding the nominee’s capabilities

Justification for nominees

To ensure nominations are thoughtful and supported, in addition to the above requirements, a justification must enumerate on the nominee’s:

  • STAG Community involvement
  • leadership skills
  • conflict resolution (technical and non-technical)
  • mentorship
  • willingness to learn and expand existing technical knowledge
  • and any known affiliations or group memberships (if applicable)

Announcing nomination results

The co-chairs will release aggregate information about the nominees at the end of the nomination process once the Technical Leads have been put forward for approval by the TOC. Aggregate information will not include who nominated someone.