Sherif Mansour 2017 Bio & Why Me?

Board Level Experience
I am a chairman and company secretary of a UK private company, with over 6 years of experience on the board. This included helping shape the company strategy, reviewing the annual returns & accounts, and running the AGMs.

As part of my experience as a board member I hold a certificate in company direction from the Institute of Directors (IoD) and I'm on the path to becoming a chartered company director.

Technical Experience
I have been working in Information Security for 13 years and hold an MSc in Information Security from Royal Holloway College University of London.

On the technical side I was an appsec engineer. During that time I discovered several undisclosed security vulnerabilities in third party enterprise software.

To date Microsoft http://technet.microsoft.com/en-us/security/cc308575#0610(June 2010) and SAP http://scn.sap.com/docs/DOC-8218 (April 2012) have acknowledged the security research work and both companies have listed my work on their websites.

I’ve worked in large tech & finance companies and led the software security program for Expedia Inc.

Management and OWASP Community Experience
On the management front I have both product and project management experience as a scrum (Agile) product owner in global cyber security teams.

Outside of that I have community organization experience as a chapter leader of the OWASP London and Royal Holloway Information Security Alumni Group, as well as volunteer work at a charity children's hospital. In 2016 OWASP London hosted more events than any other chapter, and our events are typically fully booked within 24 hours.

I also help with OWASP ZAP Product Management and volunteered an intern which has contributed some automation code for ZAP to run in a CI/CD pipeline (see link).

Why Me?
I would like to be elected to the Global OWASP Board because I am passionate about OWASP, its community and believe I could be useful at the board level.

I would like to bring my board level experience as well as my experience of running one of OWASP's largest chapters and working with various projects to help shape and improve the organisation.

At the London OWASP Chapter a lot of our success is due to listening to our community. Everything from the type of talks they would like, the hackathon to teach developers how to write security code, or to video record the talks so our community could watch the event even if they missed it or want to listen to a specific part again.

We were one of two principal donors to the OWASP Summit (which helped get the project off the ground). This was an inspiring community effort that resulted in many tangible outcomes including updates to best practices and OWASP Software.

All of this was due to engaging the community and giving them what they want. I want to continue doing that to help OWASP globally and not just in London.

