Cybersecurity leadership · security analytics · open source
Caleb Kinney
I turn security data into clear priorities, defensible decisions, and measurable risk reduction.
I lead programs across application security, vulnerability management, cloud security, incident response, and security operations. I combine hacker instincts with data science methods, analytics, and reporting systems so teams can understand exposure, act with context, and measure whether security work is actually reducing risk.
Practice
Security work should make risk easier to understand and act on.
-
Security leadership
Programs across application security, vulnerability management, cloud security, incident response, and security operations, grounded in clear ownership, practical tradeoffs, and business context.
-
Security analytics
Metrics, data pipelines, analysis, and visualization that reveal exposure, improve prioritization, and show whether security work is actually reducing risk.
-
Open source and community
Practical tools, conference infrastructure, and security guidance built to be useful, maintainable, and sustainable for the communities that depend on them.
Work and service
Current work, projects, and community.
-
Manager, Security Operations at Posit
Managing security operations work across incident response, operational security, compliance, risk-based remediation, and the metrics and reporting that support clearer decisions.
-
HackerTracker
Technical lead for HackerTracker web initiatives, responsible for the public web experience and supporting data pipelines that deliver structured conference schedules for DEF CON and other security events.
-
TypeError
Open-source security engineering focused on vulnerability analytics, application security tooling, risk prioritization, and operational metrics.
-
Community service
DEF CON Goon and member of the NumFOCUS Security Committee, contributing operational and technical support to communities built around open infrastructure and open-source software.
Background
Old-school hacker roots.
My path started with a hand-me-down Apple IIe, late-night IRC, and the early web. I was hand-coding sites before security became a career, then moved through bug bounties, application security, vulnerability management, and security leadership. That history still shapes how I work: stay curious, test assumptions, build practical tools, and prefer evidence over theater.