Jonathan Nunez, who has a deep background in intelligence, data and cybersecurity, was named to head the center, which describes itself as “the central organizing hub of state government’s cybersecurity activities and coordinate information sharing with local, state, and federal agencies, tribal governments, utilities and other service providers, academic institutions, and nongovernmental organizations.”
Nunez, 33, was a network intelligence analyst for the U.S. Air Force from 2004 to 2010. After that, he was lead data scientist for Booz Allen Hamilton from 2010 to 2014; IT security adviser for CVS Health from 2014 to 2015; security managing consultant for Accenture from 2015 to 2017; senior manager of cyber risk services for Deloitte from 2017 to 2019. More recently, Nunez was director of cyber advisory services for Dark Matter LLC in 2019, and he’s most recently been based in the Portland, Ore., area.
His LinkedIn profile cites as his areas of expertise Red Teaming/Penetration Testing, Digital Forensics/Incident Response, Protective Monitoring and Vulnerability Management. He is a member of the EC-Council ECIH Global Advisory Board, according to his LinkedIn profile.
Nunez succeeds Keith Tresh, who was Cal-CSIC commander from November 2016 to 2018. Tresh is now state chief information security officer for the state of Idaho. In the interim, Cal-CSIC’s deputy commander, Mario Garcia, had been acting commander.
Nunez’s new position, which doesn’t require Senate confirmation, has an annual salary of $160,008.
Cal-CSIC was created in 2015 with the goal of working across state government agencies to mitigate cyberattacks. It comprises four core partners -- the California Governor’s Office of Emergency Services (CalOES), the California Department of Technology, the California Military Department and the California Highway Patrol. It also coordinates with the FBI and the U.S. Department of Homeland Security. Each of those entities provides experts to the Cal-CSIC, which serves as the central organizing hub of the state’s cybersecurity activities.
The Cal-CSIC is co-located with the California State Threat Assessment Center (STAC), which serves as the state’s primary fusion center with the responsibility to detect and prevent terrorist and other physical threats.
Members of the public and private sectors can work with Cal-CSIC by registering to receive Alerts and Advisories, sharing information and cyber incident reports, and connecting to the California Automated Indicator Exchange. To receive cybersecurity threat information for your organization, register online. The center can also be contacted by email.
