$ Securing the Cloud, Leading the Future

Martin Mkrtchian

Cloud & Security SME • Technical Leader • Fractional CISO

20+ years of cybersecurity leadership, blending executive strategy with hands-on technical expertise across AWS, GCP, incident response, and application security.

Get In Touch LinkedIn
Scroll to explore
// Overview

About Me

Cloud and Security SME with 20+ years leading security organizations while staying deeply technical across AWS, GCP, incident response, IAM, application security, and network segmentation.

Former CISO who blends executive strategy with hands-on execution. I architect cloud environments, lead IR events, build programs, and advise investors on technology and cybersecurity risks.

I'm a technologist at heart, a tinkerer who thrives on exploring GitHub repos, evaluating innovative tools (open and closed source), and finding practical solutions that align with business strategy. I code, automate, and deploy solutions hands-on, staying deeply technical while leading teams. I take a no-BS approach to leadership, believing that effective cybersecurity and technology programs are built on strong relationships, cross-functional collaboration, and genuine teamwork.

My philosophy is simple: cybersecurity must be adaptive and grounded in real risk assessment, not checkbox compliance. Technology and security should accelerate business growth, not hinder it. I work to ensure that every security decision drives value and enables the organization to move faster, smarter, and safer.

// Core Competencies

Expertise

Cloud Security

  • AWS & GCP Architecture
  • Prisma Cloud & HashiCorp
  • Cloudflare & Imperva
  • Britive & JumpCloud

Security Domains

  • Incident Response & Threat Detection
  • Identity & Access Management
  • Application Security
  • SIEM/SOAR & Zero Trust

Security Tools

  • CrowdStrike & Qualys
  • Okta & CyberArk
  • Veracode, Checkmarx, SonarQube
  • Palo Alto & Proofpoint

Consulting & Leadership

  • Architecture Reviews
  • Security Due Diligence
  • Fractional CISO Services
  • Team Management & Governance
// Professional Journey

Experience

2024–2025

VC Advisory / Security Due Diligence Consultant

  • Advised VC and angel investors on acquisition risks, technology maturity, and cloud/security posture
  • Performed deep analysis of IAM, cloud architectures, AppSec pipelines, IR readiness, and vendor risk
  • Provided go/no-go recommendations supported by actionable remediation strategies
2022–2024

Chief Information Security Officer

Upland.me
  • Designed and deployed JumpCloud SSO, Directory Services, and MDM
  • Oversaw Prisma Cloud, Britive PAM, AWS workload protection, and cloud telemetry pipelines
  • Built secure SDLC integrating Veracode, Checkmarx, and SonarQube within CI/CD
  • Reduced technology spend by 65% and AWS cloud costs by 25%
2014–2021

VP, Information Security

Vubiquity / Amdocs
  • Led COVID-19 IR/BCP efforts ensuring secure and uninterrupted global operations
  • Managed IR for major application compromise with layered containment strategy
  • Oversaw Palo Alto UTM/WildFire deployment and cloud hardening initiatives
  • Built secure SDLC and optimized global security operations reducing cost by 50%
2013–2014

Information Security Program Manager

Toyota Motor Sales
  • Led remediation programs reducing non-compliance risk by 90%
  • Built enterprise vulnerability management and hardening standards
2010–2013

CTO / CEO

EMR Logix
  • Led development of cloud-based EMR platform with full HIPAA-aligned controls
  • Owned product, engineering, and security architecture for full technology stack
2008–2010

Principal Security Consultant

McAfee (Foundstone)
  • Delivered Fortune-scale vulnerability management deployments with 100% success
  • Delivered security training and expert consulting to enterprise customers across North America
// Hobby Projects

Projects

Go Forensics

A lightweight, cross-platform digital forensics CLI tool written in Go. Provides essential triage and recovery features for forensic professionals and incident response practitioners.

Key Features:

  • File analysis with magic byte signatures and multi-hash computation (SHA256, SHA-1, MD5)
  • Filesystem inspection supporting MBR/GPT, NTFS/FAT/ext filesystems
  • Windows Registry parsing with artifact extraction and deleted key recovery
  • Windows Event Log analysis (EVTX/EVT) with attack pattern detection
  • Memory dump analysis for process, network, and string extraction
  • File carving and recovery supporting 40+ file types
  • Timeline generation in CSV, JSON, TSK, and Plaso formats
  • NSRL integration for rapid known software identification
View on GitHub

Text Janitor

A comprehensive text analysis and cleaning toolkit for maintaining code quality and text hygiene across your projects.

Key Features:

  • Analyze code for security vulnerabilities, quality issues, and technical debt
  • Detect hardcoded passwords, API keys, and sensitive data patterns
  • Normalize line endings, whitespace, quotes, and Unicode text formatting
  • Custom pattern detection with configurable severity levels
  • Generate reports in HTML, JSON, Markdown, CSV, or text formats
  • Scoring system with health grades (A-F) for codebase assessment
  • Support for encoding issues, mojibake, and Unicode normalization
  • Fix indentation inconsistencies and empty line normalization
View on GitHub
// Get In Touch

Contact

Interested in fractional CISO services, security consulting, or investment advisory? Let's connect.

Email
info@remedyrisk.com
LinkedIn
linkedin.com/in/remedyrisk
Location
Los Angeles, CA