CISSP · Active Secret Clearance

Graylon Hampton

Senior Security Engineer, InfoSec Operations

Clearwater, FL · InvestCloud, Inc.

LinkedIn ↓ Resume GitHub Get In Touch
AI Security Governance CNAPP / CSPM Zero Trust / ZTNA Cloud Security Vulnerability Management PAM EDR / XDR U.S. Army Veteran

About

20+ Years Securing Enterprise Environments

CISSP-certified Senior Security Engineer and U.S. Army wartime veteran with 20+ years of progressive experience across enterprise security operations, cloud security architecture, and program management. One of a small number of security practitioners operating at the intersection of hands-on cloud security and enterprise AI governance — serving as security owner and approver for an organization-wide AI adoption strategy including AI/LLM risk assessment, control framework development, and MCP integration security. Currently building and operating the full-spectrum InfoSec program at InvestCloud across cloud security posture, vulnerability management, Zero Trust network access, identity governance, endpoint protection, and data security.

🛡 CISSP — ISC² ↗ Verify 🔐 Active U.S. Secret Clearance ⭐ U.S. Army — Staff Sergeant

Technical Competencies

Platforms & Domains

2026 Differentiator
AI Security Governance
Enterprise AI adoption strategy ownership, AI/LLM risk assessment, Claude Enterprise (Anthropic), MCP integration security, acceptable use policy authorship, control framework development
Cloud Security Posture — CNAPP/CSPM
Cloud-Native Application Protection (Wiz), CSPM, AWS Security Hub, Azure Defender for Cloud, multi-cloud risk governance
Vulnerability Management
Tenable.io, Nessus, Wazuh — SLA-driven remediation programs, risk prioritization, executive reporting
Identity & Access / PAM
Microsoft Entra ID, Conditional Access, Delinea, CyberArk, AWS IAM, MFA governance, ITDR
Zero Trust Network Access — ZTNA/SASE
Zero Trust Architecture, Secure Service Edge (Cato Networks), Secure Web Gateway, network segmentation
Network Access Control — NAC
Cisco ISE, Cisco DNA Center, Meraki — RADIUS authentication, micro-segmentation, enterprise wireless
Endpoint Security — EDR/XDR
Microsoft Defender for Endpoint, server protection, managed device compliance, threat response
MDR & Security Monitoring
Expel.io MDR, Splunk (SIEM analysis), Wazuh IDS/monitoring, incident triage & investigation
Data Loss Prevention — DLP
Microsoft Purview DLP, M365 compliance, data classification, sensitive data governance
Security Automation & DevSecOps
Python scripting, Claude Code + MCP integrations, GitLab CI/CD, Ansible, Git — custom tooling and workflow automation
Edge & Web Application Security
Cloudflare WAF, DNS security, edge controls
Compliance & Governance
NIST 800-53, PCI DSS 4.0, SOC 2 Type 2, Zero Trust Architecture (ZTA), MITRE ATT&CK

Experience

Career History

Senior Security Engineer, InfoSec Operations
InvestCloud, Inc.
Sep 2024 – Present · Tampa, FL (Hybrid)
  • Security owner and approver of the enterprise AI adoption strategy — AI/LLM risk assessments, control gap analysis, acceptable use policy authorship, and MCP integration security governance for Claude Enterprise rollout.
  • Own the enterprise CNAPP/CSPM program (Wiz) — cloud posture management, vulnerability prioritization, and risk governance across AWS and Azure.
  • Operate the enterprise Vulnerability Management program (Tenable.io) end-to-end; produce weekly executive risk reports for security leadership.
  • Architected and deployed Zero Trust Network Access / SSE (Cato Networks) replacing legacy VPN for a globally distributed workforce.
  • Built Python security automation toolkit using Claude Code and MCP integrations to streamline reporting, asset tagging, and risk metrics.
  • Lead Privileged Access Management (Delinea) — least-privilege, just-in-time provisioning, privileged session accountability.
  • Govern Microsoft Entra ID Conditional Access and managed device compliance posture.
  • Administer Microsoft Defender EDR/XDR across hybrid endpoints and cloud-hosted servers.
  • Oversee Microsoft Purview DLP protecting sensitive financial data across M365.
  • Primary escalation for incident triage and response with Expel.io MDR.
Security Analyst, InfoSec Operations
InvestCloud, Inc.
May 2022 – Sep 2024 · Remote
  • Led enterprise Vulnerability Management operations (Tenable.io), building SLA-driven remediation workflows.
  • Managed enterprise password vault migration, standardizing access management and credential governance.
  • Administered CyberArk PAM configurations for privileged access governance in client-facing environments.
Platform Support Engineer
InvestCloud, Inc.
Sep 2021 – May 2022 · Tampa, FL
  • Maintained AWS EC2 environments, Cloudflare WAF, DNS, and NGINX platforms serving global clients.
  • Automated infrastructure deployments using GitLab CI/CD, Jenkins, and Ansible.
Co-Founder & Co-Owner Acquired 2026
CloudArmory LLC
Feb 2024 – Jun 2026 · Self-employed
  • Co-founded an MSP delivering full-spectrum IT and cloud security to fintech clients on AWS infrastructure.
  • Led PCI DSS 4.0 compliance programs two consecutive years — gap assessments, controls, and audit readiness.
  • Achieved SOC 2 Type 2 certification through controls design, evidence collection, and audit coordination.
  • Architected multi-tenant AWS environments with security-first IAM frameworks for financial services clients.
Network Technical Analyst III
Pasco County Government
Jan 2019 – Sep 2021 · New Port Richey, FL
  • Deployed Network Access Control (Cisco ISE, DNA Center) — RADIUS authentication and micro-segmentation across county infrastructure.
  • Managed Cisco Meraki enterprise wireless rollout to 50+ locations.
  • Maintained Duo MFA, firewall policy, and VPN infrastructure for government operations.
Technical Team Lead & Systems Administrator
Kforce Inc.
Mar 2017 – Apr 2019 · Tampa, FL
  • Led four-person infrastructure support team; redesigned incident response protocols and mentored junior engineers.
  • Administered Exchange, Active Directory, and end-user systems infrastructure.

Military Service

United States Army

🎖
Network Systems Operator — Signal Corps (Reserve)
November 2003 – 2024 · Staff Sergeant (SSG) · Wartime Veteran, Operation Iraqi Freedom
  • Served 20+ years as a Reserve Network Systems Operator alongside a full civilian career in IT and cybersecurity.
  • Combat Deployment (2008–2009): Night Shift Supervisor for the theater-wide communications network spanning Iraq and Kuwait — accountable for satellite communications, tactical networking, and signal infrastructure sustaining mission-critical operations around the clock.
  • Led signal platoon operations at the brigade level as acting Platoon Sergeant, overseeing personnel readiness, equipment accountability, and OPSEC enforcement.
  • Trained and mentored junior soldiers on communications security and tactical networking protocols.

Contact

Get In Touch

Open to senior security engineering and security leadership opportunities. Let's connect.

graylonhampton@gmail.com LinkedIn Profile