David Campman

Senior Infrastructure Security Engineer with 10+ years securing cloud and hybrid environments across architecture, IAM, AppSec, and security automation

View Projects Contact Me

David Campman

Senior Infrastructure Security Engineer with a proven ability to design, implement, and scale security controls across cloud-native and hybrid enterprise environments. Experienced in leading comprehensive vulnerability management programs, performing in-depth threat modeling, and aligning security practices with industry compliance frameworks such as SOC 2, ISO 27001, and PCI DSS. Skilled in securing cloud infrastructure, developing telemetry pipelines for security analytics, and automating infrastructure-as-code and secure SDLC processes. Known for building resilient security architectures and enabling engineering teams to ship quickly without compromising on security. Recognized for translating complex security requirements into practical solutions that reduce risk, support compliance, and enhance operational agility.

Impact at a Glance

Experience

10+ years in cloud, SaaS, and hybrid security engineering

Core Focus

Cloud architecture, IAM guardrails, AppSec, and automation

Security Ops

Vulnerability programs, SIEM/SOAR integration, and detection workflows

Compliance

SOC 2, ISO 27001, PCI DSS, and NIST 800-53 alignment

Expertise

Network Engineering

Cloud Security Architecture, IAM Guardrails, and secure-by-default platform design.

Cloud and Infrastructure Security

AWS, Azure, GCP
Detection engineering, SIEM/SOAR integration, and security telemetry pipelines.

Governance, Regulatory, and Compliance

SOC 2, ISO 27001, PCI DSS, NIST 800-53
Control design, evidence readiness, and audit support.

Vulnerability Management

Python, PowerShell, Bash, SQL
OWASP/Burp-based AppSec reviews and vulnerability remediation workflows.

My Projects

Azure-Powered InfoSec Copilot

Technical implementation notes for a Teams-integrated internal security copilot using retrieval over approved policy content, including grounding controls and operational pitfalls.

AWS: Athena

Reworked Athena-based WAF log analysis to reduce scanned data, lower query cost, and speed up investigations for day-to-day security operations.

All Projects

Get In Touch

Let’s talk about your project and how I can help you or if you just want to chat - shoot me a message…

  • davidecampman@gmail.com

  • www.linkedin.com/in/davidcampman

  • Rochester, NY

View Projects Contact Me