California’s financial infrastructure and fintech sector includes institutions with very different mandates, but they share the same pressure to protect trust, resilience, and sensitive data at scale. The leaders in this feature work across central banking, digital finance, online lending, cross-border payments, and consumer financial platforms. Their backgrounds span security governance, product and cloud security, risk management, regulatory readiness, business continuity, and the buildout of security programs inside organizations where technology and financial services are tightly intertwined.
Charles Tsai — Chief Information Security Officer, Federal Reserve Bank of San Francisco
Charles Tsai is chief information security officer at the Federal Reserve Bank of San Francisco, where he leads an enterprise security portfolio that includes incident response, threat and vulnerability management, product security, architecture, and risk. In the role, he has focused on aligning security strategy with Federal Reserve mission outcomes while balancing cyber defense with NIST-based regulatory compliance. He has also served as an advisor and liaison to the board of directors, the Audit and Risk Committee, and the Federal Reserve Board of Governors.
Tsai’s work at the Federal Reserve has included building a dedicated product security team to support a major cloud and data transformation initiative, launching the bank’s inaugural security architecture function, and leading delivery across enterprise cloud migration, multifactor authentication deployment, and generative AI implementation. Before becoming chief information security officer, he served as director of cyber security and earlier as senior manager of penetration testing and red team, where he established the Federal Reserve System’s first internal red team program. Earlier roles at Booz Allen Hamilton, PwC, and the National Security Agency added experience in security engineering, risk analysis, and security consulting.
Shano Fonseka — Head of Risk | Deputy Chief Information Security Officer, Plaid
Shano Fonseka is head of risk and deputy chief information security officer at Plaid, where he has helped build and mature security, risk, and compliance functions in a growth-stage fintech environment. Earlier at Plaid, he served as security GRC lead and built the first version of the company’s information security program, putting in place technical and administrative controls across engineering, product, data, and people teams. He also launched Plaid’s first business continuity and disaster recovery plan and testing cadence, and established core assurance capabilities including SOC 2 Type II, network penetration testing, and a public-facing bug bounty program.
Before Plaid, Fonseka held cybersecurity and GRC leadership roles at Kaiser Permanente, where he worked on the design and operational effectiveness of key controls protecting technology infrastructure. His responsibilities there included privileged access security, corrective action planning, control redesign, incident-related root cause analysis, and support for HIPAA, SOX, and PCI compliance efforts. Earlier in his career, he worked at State Street in trade settlements, a background that adds direct financial operations experience to his later security and risk leadership work.
Rick Rankin — Senior Vice President, Chief Information Security Officer, LendingClub
Rick Rankin is senior vice president and chief information security officer at LendingClub, where he has led the company’s cybersecurity organization since 2018. His role includes building and leading a security program aligned to NIST 800-53, GLBA, and financial services risk standards, delivering quarterly board updates and annual program reviews, and serving as a voting member of the Executive Operational Risk Committee. His profile highlights experience in cyber transformation, board and regulator communication, cloud and application security, and the design of security programs in regulated industries.
At LendingClub, Rankin has overseen work tied to NYDFS Part 500 compliance, secure cloud initiatives, identity and access management, fraud analytics, and application security. He also directed cyber diligence and integration for a national bank acquisition and led deployment of a SOAR platform that reduced incident response time. Earlier in his career, he held cybersecurity engineering leadership roles at General Electric Healthcare and spent more than a decade in cybersecurity and engineering leadership positions at Kaiser Permanente, where he worked across security operations, application development, penetration testing, security architecture, large-scale analytics, and security assessment programs. He also served as a software architect at Fireman’s Fund Insurance.
Shaobin Wang — Chief Information Security Officer, Ant Group Americas
Shaobin Wang is chief information security officer at Ant Group Americas, based in Sunnyvale, where he leads security, compliance, and data sovereignty strategy for the company’s operations across the Americas. His role includes defining and executing security strategy across the United States, Canada, Mexico, Brazil, and other regional markets, overseeing security and compliance roadmaps for major business initiatives, and building governance frameworks, playbooks, and operational processes to support risk management and incident response.
Before joining Ant Group Americas, Wang spent nearly a decade at Amazon Web Services as head of security engineering and director, where he focused on security by design, security by default, deployment security, and regulatory compliance across frameworks including FedRAMP, HIPAA, PCI, SOC, ISO 27001, NIST-CSF, and GDPR. Earlier roles at Intel and Huawei added experience in cybersecurity research, trusted computing, product and platform security strategy, standards work, and large-scale security engineering. His background also includes academic work, published books, patents, and long-running involvement in international cybersecurity and standards communities.
Jeff Trudeau — Vice President, Chief Information Officer and Chief Security Officer, Chime
Jeff Trudeau is vice president, chief information officer, and chief security officer at Chime, where he has served since 2020. His career spans security, IT, advisory, and leadership roles across financial services, healthcare, consulting, and identity-focused technology. At Chime, he holds a combined technology and security leadership role inside one of California’s best-known fintech companies.
Before joining Chime, Trudeau was chief security officer at Credit Karma and earlier served as chief information security officer for Sutter Health’s Bay Area operations. His background also includes leadership roles at Kaiser Permanente, KPMG, Aveksa, Netegrity, and UBS. Across those posts, he built experience in information security, identity and access management, information risk management, technical services, and financial-sector operations, giving him a long view across both enterprise security leadership and customer-facing digital platforms.
The Security Leaders Shaping California’s Financial Technology Landscape
The leaders in California’s financial infrastructure and fintech sector are working in environments where trust, regulation, speed, and scale are all moving at once. Their backgrounds show how security leadership in this space can extend from central banking and national financial infrastructure to consumer fintech, digital lending, and cross-border payments. Together, they reflect the mix of governance, technical depth, and business alignment required to secure the systems that increasingly define how financial services operate.
Explore more profiles of the leaders shaping cybersecurity across numerous industries in our CISOs to Watch collection.