Sherif Mansour 2017 Bio & Why Me?

Sherif Mansour

About Sherif: I am a chairman and company secretary of a UK private company - with over 6 years of experience on the board, this included helping shape the company strategy reviewing the annual returns & accounts, and running the AGMs.

My as part of my experience as a board member I hold a certificate in company direction from the Institute of Directors (IoD) and I'm on the path to becoming a chartered company director.

I have been working in Information Security 13 years experience in information security, and hold an MSc. in Information Security from Royal Holloway College University of London.

On the technical side I was an appsec engineer, during that time I discovered several undisclosed security vulnerabilities in third party enterprise software. To date Microsoft http://technet.microsoft.com/en-us/security/cc308575#0610(June 2010) and SAP http://scn.sap.com/docs/DOC-8218 (April 2012) have acknowledged the security research work and both companies have listed the work on their websites. I’ve worked in large tech companies, where I eventually lead the software security program for Expedia Inc.

On the management front I have both product and project management experience as a scrum (Agile) product owner in global cyber security teams.

Outside of that I have community organization experience with OWASP London, and Royal Holloway Information Security Alumni Group, ad well as volunteer work at a charity children's hospital. In 2016 OWASP London hosted more events than any other chapter, and our events are fully booked in around 24 hours.

I also help with OWASP ZAP Product Management and volunteered an intern which has contributed some automation code for ZAP to run in a CI/CD pipeline (see link).

Why Me?" I would like to be elected to the Global OWASP Board because I am passionate about OWASP, its community and believe I could be useful at the board level.

I would like to bring my board level experience as well as my experience of running one of OWASP's largest chapters and working with various projects to help shape and improve the organisation.

At the London OWASP Chapter a lot of our success is due to listening to our community. Everything from the type of talks they would like, the hackathon to teach developers how to write security code, or to video record the talks so our community could watch the event even if they missed it or want to listen to a specific part again.

We were one of two principal donors to the OWASP Summit (which helped get the project off the ground). this was an inspiring community effort, and resulted in many tangible outcomes such updates to best practices and OWASP Software.

All of this was due to engaging the community and giving them what they want. I want to continue doing that to help OWASP globally and not just in London.