Difference between revisions of "Bil Corry 2019 Elect Me"

From OWASP
Jump to: navigation, search
(Creating page)
 
m
Line 2: Line 2:
 
I am a lifetime member of OWASP and I've been involved with OWASP since 2008. I am currently serving on the OWASP Compliance Committee and am the Chapter Leader of the Nashua Chapter, and have contributed to a variety of projects over the years (anyone remember the OWASP Certification project?). I've volunteered at AppSec USA, rounded up speakers for chapter meetings in Chicago and the Bay Area, hosted a Bay Area chapter meeting, helped WIA become a 2.0 Committee and have been a trainer using the OWASP Secure Coding deck.
 
I am a lifetime member of OWASP and I've been involved with OWASP since 2008. I am currently serving on the OWASP Compliance Committee and am the Chapter Leader of the Nashua Chapter, and have contributed to a variety of projects over the years (anyone remember the OWASP Certification project?). I've volunteered at AppSec USA, rounded up speakers for chapter meetings in Chicago and the Bay Area, hosted a Bay Area chapter meeting, helped WIA become a 2.0 Committee and have been a trainer using the OWASP Secure Coding deck.
  
I have contributed to the technology that underpins the “World Wide Web”, namely HTTP (RFC 7230), HTTP Cookies (RFC 6265), TLS (RFC 6125), and the HTML specification.  If you have ever used a web browser to visit a website, then you have personally benefited from my efforts.  Additionally, I’ve contributed to securing the web, including my participation in OWASP and WASC, and contributed to the design of various browser security and privacy controls (Content Security Policy, secure cookies, secure logoff, clickjacking protection, and more).
+
I have contributed to the technology that underpins the “World Wide Web”, namely HTTP (RFC 7230)<!-- https://tools.ietf.org/html/rfc7230#section-10 -->, HTTP Cookies (RFC 6265)<!--  https://tools.ietf.org/html/rfc6265#appendix-A -->, TLS (RFC 6125)<!--  https://tools.ietf.org/html/rfc6125#section-9 -->, and the HTML specification<!-- https://html.spec.whatwg.org/multipage/acknowledgements.html#acknowledgements -->.  If you have ever used a web browser to visit a website, then you have personally benefited from my efforts.  Additionally, I’ve contributed to securing the web, including my participation in OWASP and WASC<!-- http://projects.webappsec.org/w/page/13246968/Threat%20Classification%20Authors -->, and contributed to the design of various browser security and privacy controls (Content Security Policy, secure cookies, secure logoff, clickjacking protection, and more)<!-- https://pdfs.semanticscholar.org/71bb/616fd09203eb32a621d95e70e6c2885da1c3.pdf
 +
https://pomcor.com/whitepapers/file_sharing_security.pdf
 +
http://websec.github.io/unicode-security-guide/
 +
https://www.w3.org/2011/track-privacy/papers/Paypal.pdf
 +
-->.
  
 
Beyond my contributions to the web, I’ve also served on the W3C Tracking Protection Working Group, which produced the specification for the Do Not Track web header, and the European Payments Council’s Payment Security Support Group, a trade group primarily focused on payment security and payment authorization in the European market.  
 
Beyond my contributions to the web, I’ve also served on the W3C Tracking Protection Working Group, which produced the specification for the Do Not Track web header, and the European Payments Council’s Payment Security Support Group, a trade group primarily focused on payment security and payment authorization in the European market.  

Revision as of 17:19, 26 August 2019

Bio

I am a lifetime member of OWASP and I've been involved with OWASP since 2008. I am currently serving on the OWASP Compliance Committee and am the Chapter Leader of the Nashua Chapter, and have contributed to a variety of projects over the years (anyone remember the OWASP Certification project?). I've volunteered at AppSec USA, rounded up speakers for chapter meetings in Chicago and the Bay Area, hosted a Bay Area chapter meeting, helped WIA become a 2.0 Committee and have been a trainer using the OWASP Secure Coding deck.

I have contributed to the technology that underpins the “World Wide Web”, namely HTTP (RFC 7230), HTTP Cookies (RFC 6265), TLS (RFC 6125), and the HTML specification. If you have ever used a web browser to visit a website, then you have personally benefited from my efforts. Additionally, I’ve contributed to securing the web, including my participation in OWASP and WASC, and contributed to the design of various browser security and privacy controls (Content Security Policy, secure cookies, secure logoff, clickjacking protection, and more).

Beyond my contributions to the web, I’ve also served on the W3C Tracking Protection Working Group, which produced the specification for the Do Not Track web header, and the European Payments Council’s Payment Security Support Group, a trade group primarily focused on payment security and payment authorization in the European market.

In my professional capacity, I spent over a decade working at a web developer before switching to information security. As a security professional, I’ve worked for the largest FinTech company in the world, PayPal, in both North America and Europe, and I’ve worked at the largest mobile chip design company in the world, Arm. At PayPal, I was responsible for application security across all product lines and subsidiaries worldwide, and for a time, I was the Information Technology Officer of the Bank, a statutory position within PayPal’s licensed banking unit based in Luxembourg. At Arm, I was responsible for the end-to-end security strategy for their connected devices products (aka IoT, internet of things) and reported two levels down from the CEO. Many people are unfamiliar with the Arm brand, however anyone using a mobile device has used an Arm product as nearly every mobile device on the planet has an Arm processor, including every Apple and Android phone and tablet.

Currently I work at a healthcare startup, Blink Health, in the role of Security Assurance, which includes application security.


Why Me?

I've run for the Board of Directors every year since 2013 - this will be my seventh time running for a seat on the Board and yes, I'm very passionate about OWASP. I run each year because I've noticed that as OWASP has grown larger, it hasn't been growing more mature, and those growing pains show up in a myriad of ways, including an exodus of staff, unhappy members, and lack of visibility.

If elected, I would work toward helping OWASP grow and mature into a more professional organization. Please join me in moving OWASP forward by casting your vote for Bil Corry.