California’s IT and software sectors continue to produce cybersecurity leaders with deep experience across cloud transformation, enterprise risk, product security, compliance, incident response, and large-scale operational leadership. The executives in this feature have led security programs inside software companies, enterprise technology organizations, healthcare systems, fintech businesses, and infrastructure-heavy global enterprises. Their backgrounds reflect the range of cybersecurity work required across California’s technology economy, from board-level strategy and global security operations to engineering, governance, and business alignment.
Jeff Henry — Chief Information Security Officer and Chief Information Officer, Cotality
Jeff Henry is chief information security officer and chief information officer at Cotality, following a long technology leadership career that includes senior roles at CoreLogic, Nielsen, ACNielsen, Ernst & Young, and Shell. At Cotality, he holds combined leadership responsibility for security and technology, building on prior work at CoreLogic where he led cloud strategy, infrastructure, security operations, and application migration efforts. Earlier at Nielsen, he managed several large global technology organizations, including teams of more than 500 people, enterprise architecture functions, major cloud transition efforts tied to Microsoft Azure, and large-scale business platforms serving hundreds of customers across multiple countries. His background combines enterprise architecture, cloud transformation, analytics and big data, large program execution, and broad operational leadership.
Timothy Torres — Chief Security Officer, TriNet
Timothy Torres is chief security officer at TriNet, where he brings more than 25 years of experience across technology, cybersecurity, business relationship management, data governance, software, hardware, networking, and risk management. Before joining TriNet in 2020, he spent more than a decade at Sutter Health, where he served in roles including regional chief information security officer, chief information security officer for the Bay and Valley area, and senior deputy chief information security officer enterprise-wide. His background also includes board work with HealthRIGHT 360 and advisory work with CommSafe [ai]. Across those roles, he has focused on security strategy, board-level reporting, privacy and incident response, governance, vulnerability management, and business-aligned security execution.
Rick Orloff — Chief Information Security Officer, Pure Storage
Rick Orloff is vice president and chief information security officer at Pure Storage, where he leads enterprise-wide risk management, cloud and product security, governance, risk, and compliance, cyber investigations, global resiliency, and national security programs. Before joining Pure Storage in 2024, he served as chief information security officer at 8×8 and previously held senior security leadership roles at Kaseya, Code42, eBay, Apple, and Lam Research. His career has included responsibility for global security strategy, fraud operations, product and infrastructure security, incident response, red team programs, privacy, and board reporting. Earlier roles at Apple and eBay placed him in charge of large-scale security programs protecting intellectual property, customer data, corporate operations, and global digital platforms.
David Tsao — Chief Information Security Officer, Notion
David Tsao is chief information security officer at Notion, where he is responsible for platform security, information technology, and security engineering. He joined Notion after serving as chief information security officer at Instacart and earlier as vice president of security engineering at Marqeta. Prior to those roles, he was head of information security at BYTON and global information security officer at Veeva Systems, where he held overall responsibility for information security including security engineering, security operations, program management, and compliance. Earlier at Gilead Sciences, he helped establish both the enterprise information security program and the enterprise data privacy program, with work spanning incident response, penetration testing, identity management, network security controls, supplier management, endpoint and mobile security, and privacy impact assessments. His career reflects long-running leadership across security engineering, privacy, governance, and security operations in major California technology companies.
Wagner Nascimento — Vice President and Chief Information Security Officer, Synopsys
Wagner Nascimento is vice president and chief information security officer at Synopsys, where he was recruited to build the company’s first modern enterprise-wide cybersecurity program and elevate cyber into a board-trusted strategic function. His role spans global enterprise cybersecurity strategy across product security, enterprise defense, artificial intelligence governance, and governance, risk, and compliance, with responsibility for a security organization of more than 150 team members. Before Synopsys, he was senior director of information security at Ellie Mae, where he built and scaled the company’s information security program across enterprise and product security, including secure software development, security operations, monitoring and response, patching, and compliance. Earlier at Safeway, Cisco, and Visa, he led security operations, security architecture, application security, cloud security risk management, and network security engineering. His background combines enterprise transformation, secure-by-design product work, artificial intelligence governance, cloud security, and large-scale acquisition integration.
Nikolay Chernavsky — Chief Information Security Officer, ISSQUARED, Inc.
Nikolay Chernavsky is chief information security officer at ISSQUARED, Inc., where he is responsible for developing and executing an enterprise-wide information security and risk management strategy that balances asset protection, compliance, and business enablement. Before joining ISSQUARED in 2020, he served as senior vice president and chief information security officer at PennyMac, following more than 12 years at Amgen in roles that included director of information security, senior manager, principal, and systems specialist. At Amgen, he developed enterprise information security architecture and roadmaps, helped build adaptive cybersecurity capabilities, led eDiscovery and forensics, strategy development, cloud security and data loss prevention, engineering and architecture teams, and served as incident commander during high-severity security incidents. He has also held leadership roles with FS-ISAC and the Southern California CISO Community, reflecting a career that spans healthcare, financial services, threat intelligence collaboration, and enterprise cyber strategy.
California’s IT and Software Security Bench Runs Deep
The leaders in this feature reflect how broad cybersecurity leadership has become across California’s IT and software sectors. Their work spans enterprise platforms, cloud transformation, healthcare technology, semiconductor security, privacy, governance, customer trust, and large-scale risk management. Taken together, they show how security leadership in California increasingly sits at the center of business execution, product strategy, and long-term organizational resilience.
Explore more profiles of the leaders shaping cybersecurity across numerous industries in our CISOs to Watch collection.