Create SECURITY.md

Basic SECURITY.md file for the StackHPC Github org.
Taken from the Azimuth one, with Azimuth specifics removed.

To be further improved and refined:
- email address for contact (waiting on reliable email <--> jira connection)
- supported versions info: this will probably require per-project SECURITY.md

Author: axelsimon

SECURITY.md

@@ -0,0 +1,32 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+Thank you for taking the time to improve StackHPC open sourcec projects.
+
+We take security issues seriously and appreciate your time and efforts in making 
+our open source projects safer through coordinated vulnerability disclosure.
+
+If you believe you have found a security vulnerability in this repository,
+please use the built-in **"Report a vulnerability"** feature to notify us privately:
+1. Navigate to the **Security** tab at the top of this repository.
+2. Click on the **"Report a vulnerability"** button.
+3. Fill out the form with details about the vulnerability and submit it.
+
+This ensures that only repository maintainers and authorized personnel can view the report.
+
+### What to Include in Your Report
+To help us address the issue effectively, please include:
+- A clear and detailed description of the vulnerability.
+- Steps to reproduce the issue.
+- Any potential impact of the vulnerability.
+- Suggestions for mitigation, if possible.
+
+### Response Time
+We are committed to investigating and responding to reported vulnerabilities promptly. 
+You can expect:
+- An acknowledgment of your report within 48 hours.
+- Updates as we progress on resolving the issue.
+- Notification when the issue is resolved.
+
+Again, thank you for helping us keep our projects as secure as possible.