California’s life sciences industry sits at the intersection of scientific innovation, regulated environments, connected devices, sensitive data, and increasingly complex digital infrastructure. The cybersecurity leaders in this spotlight are working across genomics, medical technology, digital health, and pharmaceutical organizations where security has to support research, product development, operational resilience, and trust at scale. Their backgrounds reflect a mix of enterprise security leadership, product security, cloud security, compliance, and cyber operations in organizations shaping the future of healthcare and life sciences.
Michael Mitchell — Vice President, Chief Information Security Officer, Illumina
Michael Mitchell serves as vice president and chief information security officer at Illumina, where he is responsible for information security architecture, engineering, operations, and governance for one of the world’s best-known life sciences and genetic sequencing companies. His background spans more than two decades in information security, risk, compliance, and governance, with prior chief information security officer roles at HireRight and senior security and risk leadership positions at PayPal and American Express. Across those roles, his experience has included enterprise risk management, global compliance management, customer engagement, policy creation, corporate governance, and security leadership in highly regulated environments.
Paul Stapleton — Chief Product Security Officer and Vice President, Cyber Security Engineering, Dexcom
Paul Stapleton leads product security at Dexcom as chief product security officer and vice president of cyber security engineering, overseeing the security of Dexcom’s products across hardware, firmware, client and mobile applications, cloud, and IoT environments. His remit spans the full product lifecycle and includes security architecture, DevSecOps, threat modeling, product security incident response, public key infrastructure, governance, standards compliance, security training, penetration testing, product security operations, and AI-related security work. Before Dexcom, he held senior product security leadership roles at Lenovo and built security design and architecture capabilities at Dell Technologies and Secureworks, with broader experience across consulting, managed services, cloud security, governance, risk, compliance, audits, incident response, and third-party assessments.
Dave McCandless — Senior Director, Information Technology and Global Infrastructure, Guardant Health
Dave McCandless is senior director of information technology and global infrastructure at Guardant Health, where he brings deep experience in solutions delivery, IT operations, global infrastructure, and business-aligned technology leadership. His career has centered on building and optimizing delivery processes, leading high-impact teams, driving value governance, and aligning technology strategy with business needs. Before joining Guardant Health, he spent more than a decade at Navis as vice president of information technology, where he led always-on infrastructure and help desk services, product lifecycle management capabilities, business solutions alignment, and innovation in areas including virtualization, cloud, big data, analytics, and enterprise architecture. His background also includes leadership roles in exchange operations and advisory work with academic and workforce development organizations.
Carlos Fuchen — Security Architecture Leader, ResMed
Carlos Fuchen leads the security architecture team at ResMed, guiding secure design and implementation across products and services in a fast-moving healthcare technology environment. His focus includes secure-by-design architecture, AI security, cloud security strategy, risk management, compliance, governance, and team development, with work spanning traditional infrastructure, hybrid environments, and emerging technologies. Prior to ResMed, he held cloud security and information security roles at Teradata, Mattel, EVault, and Seagate, where his responsibilities covered cloud security architecture, security incident response, vulnerability and risk management, security program development, ISO 27001, PCI DSS, SOC 2, HIPAA-related reviews, mobility, SaaS security, and cross-functional security guidance for software, systems, and network environments.
Anne Willis — Senior Cyber Security Operations Manager, BioMarin Pharmaceutical Inc.
Anne Willis is senior cyber security operations manager at BioMarin Pharmaceutical, where she manages managed security services provider CSOC functions and supports threat intelligence, incident response, project management, and cyber tool modernization. Her career has been rooted in cyber operations, investigations, business continuity, and security engineering, with earlier roles at Belk, CyberSN, Old Dominion Freight Line, and a long tenure at Duke Energy. Across those positions, her work has included digital forensics, incident response, vulnerability management, threat and intrusion monitoring, mobile and endpoint security, business continuity planning, corporate investigations, vulnerability bulletins, court-supported investigative work, and coordination across legal, human resources, and internal security teams.
Security leadership across California’s life sciences ecosystem
Cybersecurity in life sciences now reaches far beyond traditional IT, touching product development, clinical data, genomics, connected devices, manufacturing, research platforms, and cloud-based operations. The leaders in this spotlight are working in organizations where security has to keep pace with innovation while meeting the demands of resilience, governance, and trust. Their roles show how cybersecurity has become a core operational and strategic function across California’s life sciences ecosystem.
Explore more profiles of the leaders shaping cybersecurity across numerous industries in our CISOs to Watch collection.