The Startup CISO Who's Been There

I'm not a consultant who studied security from the outside. I built a security program from zero at a healthcare startup — navigating HITRUST audits, tight budgets, and board-level risk conversations — before going independent to help other companies do the same.

 

If you're a Series A-C founder or CTO trying to figure out how to build security without it slowing everything down, that's exactly what I do.

I understand your constraints because I've lived them. Real startup CISO experience means practical solutions that work within your budget and timeline.



What I Actually Bring to the Table

Been in Your Shoes

Seasoned startup CISO who understands budget constraints, growth pressures, and the need for security that enables business growth, not blocks it.

 

 

Practical Solutions

Focus on solutions that work in the real world of limited budgets and tight timelines. No academic theory - just practical security.

AI Security Pioneer

Leading-edge expertise in AI/ML security, model protection, and safe AI implementation. Secure AI adoption without slowing innovation.

Technology Strategy Expert

Comprehensive technology assessments and strategic planning. From infrastructure evaluation to team capability analysis.

Cloud Security Mastery

Deep expertise in AWS, Azure, and GCP security. From cloud-native architecture to enterprise-scale deployments across 400+ global sites.

HITRUST Expertise

5+ years maintaining HITRUST CSF certification. Deep healthcare compliance knowledge that most consultants simply don't have.

 

For 5+ years I was CISO at VEDA Data Solutions, a healthcare technology company. I built their security program from scratch, maintained annual HITRUST CSF certification, and led secure AI implementation initiatives in a regulated environment. When VEDA was acquired, a mature security posture was part of what made that happen.

 

Before VEDA, I ran global technology infrastructure at Amazon across 6 time zones and 400+ sites. That experience gave me a sense of scale most startup security consultants don't have — and a strong bias toward practical solutions over theoretical ones.

 

I started Mark Wochos Consulting because I kept getting asked for advice by startup CTOs facing the same challenges I had. At some point it made more sense to make it official.

Let's Talk

No pitch deck, no sales process. Just a straightforward conversation about where you are and what you actually need. If I can help, I'll tell you. If you'd be better served by someone else, I'll tell you that too.

©Copyright. All rights reserved.

We need your consent to load the translations

We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.