| Re: [open-regulatory-compliance] Open Regulatory Compliance Working Group Election Notice - Call for Nominations |
Hello Jeremy,
Thank you for your self nomination.
Kind Regards,
Zahra
I, Jeremy Stanley, hereby nominate myself as a candidate for a Foundation Member seat on the Specification Committee.
Candidate profile ("Bio"):
Jeremy Stanley is presently an employee of the Open Infrastructure (OpenInfra) Foundation, which is a Foundation Member of the ORC WG. In addition, he serves on the Board of Directors and as Secretary for Software in the Public Interest (SPI), is presently Debian's Affiliate Representative to the Open Source Initiative (OSI), performs vulnerability management duties in projects like OpenStack and Zuul CI, is a root systems administrator of the OpenDev Collaboratory, holds and has held numerous other free/libre open source software community leadership roles including chairing the OpenStack Security SIG, Zuul Maintainer, member emeritus of the OpenStack Technical Committee, and former lead of the OpenStack Infrastructure Project Team. His professional experience outside F/LOSS communities includes decades as an information security practitioner at data center management, hosting, cloud/IaaS and Internet service provider companies managing systems security processes as well as writing and maintaining regulations-compliant security policies.
Jeremy's voice on the Specification Committee will bring open source community collaboration and information security perspectives to guide ORC WG specification process.
Candidate statement:
My day-to-day focus is on sustaining open source software communities, especially at the intersection of information security, vulnerability management, and regulatory compliance. I've served the past year on the Specification Committee as well as staying involved in reviewing general ORC WG document pull requests, discussions for the Horizontal Security Standards and Vulnerability Handling workstreams, and participating in a number of the CRA Consultation calls attempting to bring open source community centric feedback into those (as much as was possible anyway).
My professional background is a mixed bag. I started as a systems administrator in the early '90s, which was coincidentally when I began to get involved in free and open source software communities. In the years following Y2K, my focus shifted to writing regulations-compliant corporate security policies and managing other information security relevant activities. For over a decade now, I've been on the staff of the OpenInfra Foundation (formerly OpenStack Foundation), serving in a variety of roles but have also spent most of that time as a member of OpenStack's Vulnerability Management Team, and one of the authors of their transparent VMT Process which has seen widespread reuse by other open source communities (and parts of which have since found their way into popular vulnerability management standards in recent years).
If reelected, my continued voice on the Specification Committee will bring open source community collaboration and information security perspectives to guide ORC WG specification process. Whether or not I am reelected, I still intend to stay involved in the specification drafting effort as well as in other areas of the working group. Thanks for your consideration!
Zahra Fazli
Membership Process Lead | Eclipse Foundation
Eclipse Foundation: The Platform for Open Innovation and Collaboration