Add Security team

[minrk]

It would be valuable to give folks working on security across Jupyter access to advisories on the JupyterHub org, to not rely on maintainers for creating the drafts in the first place, and ensure security folks are available in the advisory discussions without needing to add collaborators one-by-one.

Proposal:

add a 'security' team, and grant them 'Security Manager' permissions.

Tasks:

• [x] document security team's permissions, membership, and how membership is managed
• [x] create security team
• [x] grant security manager role to the team
• [x] add some members (who? Perhaps the whole jupyter/security Council, plus some members of the working group, as selected by the Council)

More info:

• security manager documentation
• security manager role is assigned here

cc @rpwagner @dlqqq

[manics]

Sounds fine to me.

[dlqqq]

Awesome, thanks for opening the issue! Subscribed.

[minrk]

docs and member list started in #721