Software Engineering Institute

Leigh Metcalf is a senior network-security research analyst with the CERT Division of the SEI. After earning a PhD in theoretical mathematics, specializing in algebraic topology, Metcalf spent more than 10 years in industry working as a systems engineer and architect at various startups before specializing in cybersecurity and moving to the SEI in 2010. Metcalf is the editor-in-chief of Digital Threats: Research and Practice, a journal of the Association for Computing Machinery (ACM) that promotes scientific rigor in digital security by bridging the gap between academic research and industry practice.

Jonathan Spring is a senior member of the SEI technical staff with the CERT Division. Spring began working at the SEI in 2009. Previous positions include adjunct professor at the University of Pittsburgh’s School of Information Sciences. He currently volunteers on the FIRST Common Vulnerability Scoring System (CVSS) SIG and the ICANN Security and Stability Advisory Committee (SSAC). At the SEI, Spring’s work focuses on producing reliable evidence for various levels of cybersecurity policies. Spring’s approach to work balances leading by example with reflecting on study design and other philosophical issues. Spring earned a PhD in computer science from University College London.