doc: fix order of announce work

doc/guides/security-release-process.md

@@ -47,6 +47,10 @@ information described.
       having duplicate CVEs for the same vulnerability.
   * Described in the pre/post announcements
 
+* [ ] Pre-release announcement to nodejs.org blog: _**LINK TO BLOG**_
+  (Re-PR the pre-approved branch from nodejs-private/nodejs.org-private to
+  nodejs/nodejs.org)
+
 * [ ] Pre-release announcement [email][]: _**LINK TO EMAIL**_
   * Subject: `Node.js security updates for all active release lines, Month Year`
   * Body:
@@ -62,10 +66,6 @@ The google groups UI does not support adding a CC, until we figure
 out a better way, forward the email you receive to
 `oss-security@lists.openwall.com` as a CC.
 
-* [ ] Pre-release announcement to nodejs.org blog: _**LINK TO BLOG**_
-  (Re-PR the pre-approved branch from nodejs-private/nodejs.org-private to
-  nodejs/nodejs.org)
-
 * [ ] Create a new issue in [nodejs/tweet][]
   ```text
   Security release pre-alert:
@@ -104,6 +104,10 @@ out a better way, forward the email you receive to
 
 * [ ] [Unlock CI](https://github.com/nodejs/build/blob/HEAD/doc/jenkins-guide.md#after-the-release)
 
+* [ ] Post-release announcement to Nodejs.org blog: _**LINK TO BLOG POST**_
+  * (Re-PR the pre-approved branch from nodejs-private/nodejs.org-private to
+    nodejs/nodejs.org)
+
 * [ ] Post-release announcement in reply [email][]: _**LINK TO EMAIL**_
   * CC: `oss-security@lists.openwall.com`
   * Subject: `Node.js security updates for all active release lines, Month Year`
@@ -113,10 +117,6 @@ out a better way, forward the email you receive to
   For more information see: https://nodejs.org/en/blog/vulnerability/month-year-security-releases/
   ```
 
-* [ ] Post-release announcement to Nodejs.org blog: _**LINK TO BLOG POST**_
-  * (Re-PR the pre-approved branch from nodejs-private/nodejs.org-private to
-    nodejs/nodejs.org)
-
 * [ ] Create a new issue in [nodejs/tweet][]
   ```text
   Security release: