Secure Team needs a dedicated maintainer

This issue is a follow-up of our retrospective for %11.4.

Since the creation of the Secure Team in January 2018, we had a lot of success with shipping features, because we managed to review the code ourselves, without involving maintainers from other teams. Nevertheless, a lot of features, like the Security Dashboard, require to integrate deeply in GitLab codebase. We had the chance to work with @ayufan for the last 3 months, but getting up to speed with the domain costs us a lot of time and efforts (from @ayufan to understand, and the rest of the team to explain). If @ayufan happened to switch to different topics, we will have the same issue with another maintainer and will have to go through the same "onboarding" process. This leads us to either:

Keep @ayufan in the team, which wasn't the initial plan (but obviously something I'm comfortable with).
Start onboarding another maintainer now, and spend some time again on the onboarding.

Anyway, depending on maintainers from other team is a roulette we can't afford anymore. We want to ship more features, and increase our throughput. This requires to have more time dedicated from reviewers/maintainers.

/cc @dhavens @gl-secure

Edited Oct 24, 2018 by Philippe Lafoucrière