- Confirm the new steward agrees to keep all private information confidential to the project and not to use/disclose to their employer.
- Add them to the security-stewards team in the GitHub nodejs-private organization
- Add them to the standard team in H1 using this page;
- Add them to the jenkin-admins team in the GitHub nodejs org. This is needed for them to be able to lock/unlock the CI during a security release.
- Add them as managers of the nodejs-sec mailing list.
- Remove them from security-stewards team in the GitHub nodejs-private organization
- Unless they have access for another reason, remove them from the standard team in H1 using this page.
- Unless they are a Jenkins admin for another reason, remove them from the jenkin-admins team in the GitHub nodejs org.
- Downgrade their account to regular member in the nodejs-sec mailing list.