(PREAMBLE)
The Security Response Team (SRT) is formally calling for applications to join the SRT. People from the Haskell community with information security experience are encouraged to apply. This is an opportunity to have a large impact on the practice of Haskell programming going forward. If you have an interest in helping the team continue its mission, please apply!
The general responsibilities of the SRT are:
- Manage the Haskell Security Advisory Database, on behalf of the Haskell community and the Haskell Foundation.
- Triage and assess incoming security reports or proposed/candidate security advisories.
- Assist reporters to determine CVSS scores and CWE values for confirmed security issues.
- Communicate with package maintainers and the community to promote the timely resolution of reported security issues.
- Ensure the security advisory data are useful for downstream security tooling. (Development of downstream tooling is not an SRT responsibility, but engaging with the developers is)
- Report quarterly on the activities of the SRT and statistics/trends in new security issues.
- You can apply.
- If you don’t want to apply but know someone who would be great, encourage them to apply.
- Applicants should have experience in one or more of the following
areas:
- web application security
- information security incident response
- vulnerability research and analysis
- penetration testing
- cryptography
- authentication and identity management
- governance, risk management and compliance (GRC)
- secure application development
- algorithms, data structures, and their role in DoS attacks
- related disciplines
The current membership of the SRT is:
- (CURRENT MEMBERS)
The team is hoping to gain (FILL ME) new members via this call for volunteers.
Email (DELEGATE EMAIL@ADDRESS) with subject Haskell SRT Application. Include a brief overview of your background in security and the specific topics (e.g. from the list above) with which you have experience.
Please submit your applications by end of day (DEADLINE).