FRACTIONAL CISO · AI CLOUD SECURITY

Jonathan
King.

15 years securing cloud infrastructure at Palo Alto Networks, Amazon AWS, and Microsoft Azure — now building HIPAA-compliant, SOC 2-ready AI security programs for regulated companies.

Book a free posture review → See my work
CCNA CCNA Security CompTIA Security+ CompTIA Server+ Fort Worth, TX
15+
Years experience
5
Cloud providers
F500
Client scale
14+
Roles & employers
5
Compliance frameworks
About me

The practitioner behind the programs.

Jonathan King — AI Cloud Security Advisor

"I don't consult on security programs. I build them — the same way I did at Palo Alto Networks, AWS, and Microsoft."

I started in network security at Rackspace in 2011, building automated security platforms before "security automation" was a common phrase. Three years of IDS, WAF, and Cisco ASA work taught me that the difference between a good security program and a paper one is whether it actually runs when you're not watching.

That philosophy carried through Amazon AWS, where I designed hybrid cloud architectures and led ECS automation migrations. At Microsoft, I became the escalation engineer for the company's highest-severity Azure security cases — the ones that went to senior engineers when standard support couldn't resolve them. At Palo Alto Networks I spent 4.5 years inside enterprise CSPM implementations at Fortune 500 scale, across five cloud providers, delivering HIPAA, PCI, FedRAMP, and GDPR compliance.

Now I take that full stack to regulated AI companies — healthcare AI, fintech, and AI-native startups navigating HIPAA and NIST AI RMF for the first time. I build the actual infrastructure, write the SOPs, and operate the orchestration pipelines. Not as a vendor. As the security engineer your team doesn't have yet.

LINKEDIN
linkedin.com/in/jonathan-king-9708b421
EMAIL
jjkc1988@gmail.com
CURRENTLY AVAILABLE FOR
  • Fractional vCISO retainers
  • HIPAA AI readiness assessments
  • SOC 2 cloud security builds
  • Security orchestration deployments
  • DFW in-person · Remote nationwide
Background

Inside the companies that built the tools.

Not a generalist consultant who read the documentation. I spent years as a practitioner inside AWS, Microsoft, and Palo Alto Networks before going independent.

Cohere Health
2024–Present
Sr. Cloud & AI Security Engineer
Built end-to-end HIPAA + SOC 2 + NIST AI RMF security program from the ground up. Wiz CSPM, Sumo Logic Cloud SIEM, Expel MDR, AI-assisted security orchestration, SOP library, automated compliance evidence pipeline.
WizSumo LogicExpel MDRAWS BedrockHIPAANIST AI RMFSOC 2
RXMG
Jul 2023–May 2024
Sr. Cloud Infrastructure / Security Architect
Multi-cloud architect across AWS, GCP, and Azure. Kubernetes security, IaC shift-left, Elasticsearch + Datadog monitoring. Improved deployment speed 40%. Azure AKS migration across Staging, QA, and Production environments.
GCPAzure AKSKubernetesTerraformDatadogSentinel
Palo Alto Networks
Feb 2019–Nov 2023
Cloud Security Engineer — Customer Success
Guided Fortune 500 enterprises through HIPAA, PCI, FedRAMP, GDPR, and DoD compliance on Prisma Cloud across AWS, Azure, GCP, Oracle, and Alibaba Cloud. Architected Cortex XSOAR orchestration and automated Terraform/CloudFormation remediation.
Prisma CloudCortex XSOARCSPMHIPAAPCIFedRAMPEKS/AKS/GKE
Microsoft
Sep 2018–Feb 2019
Azure Senior Cloud Support Engineer
Lead engineer for Microsoft's highest-severity Azure customer cases. Sentinel, Defender XDR, Zero Trust, Entra ID, Conditional Access, Key Vault, and Purview DLP. Reduced SLA resolution times 30%.
Azure SentinelDefender XDREntra IDZero TrustKey VaultPurview
Amazon Web Services
Feb 2017–Jul 2018
Cloud Support Engineer — Networking
CloudWatch, Lambda, ELB, EC2, WAF/Shield, IAM, S3. Designed hybrid on-premise-to-AWS architectures. Led Chef-to-ECS automation migrations. Built Python/Bash monitoring and auto-scaling frameworks.
AWSCloudWatchLambdaIAMWAF/ShieldPython
SoftLayer, an IBM Company
Jul 2015–Feb 2017
System Administrator
System and network administration across IBM SoftLayer's bare-metal and virtual server infrastructure. Network configuration, firewall management, and managed hosting operations across a global data center footprint.
Bare metalLinux sysadminNetworkingFirewallsManaged hosting
NCR Corporation
Nov 2014–Jul 2015
Data Center Engineer / Network Architect
Data center engineering and network architecture for one of the world's largest ATM and point-of-sale technology companies. Physical infrastructure management, network design, and enterprise-scale operations in a PCI-regulated environment.
Data centerNetwork architecturePCI environmentEnterprise infra
All About Electronics
Mar 2014–Feb 2015
Business Owner
Founded and operated an independent electronics business. End-to-end ownership of operations, client relationships, and technical services. Built foundational entrepreneurial skills in running a technical services business.
EntrepreneurshipBusiness operationsTechnical services
Rackspace Hosting
Jul 2012–Jun 2014
Network Security Admin
Alert Logic IDS, Imperva WAF, and RSA device management. Built a fully autonomous Python + IDS + Cisco + Linux scripted platform for rapid security resolution and bulk ticket processing across thousands of Rackspace managed clients.
IDS/WAFPython automationCisco ASAAlert LogicImperva
Rackspace Hosting
Jan 2011–Oct 2012
Data Center Operations Technician
Physical data center operations supporting Rackspace's managed hosting infrastructure. Hardware provisioning, rack and stack, network cabling, and hands-on support for one of the world's largest managed hosting providers.
Data center opsHardware provisioningManaged hostingLinux
DG FastChannel
Aug 2010–Jan 2011
Tier II TCP/IP Support
Tier II technical support for TCP/IP networking at a media and broadcast technology company. Troubleshooting network connectivity, routing, and infrastructure issues for enterprise broadcast clients.
TCP/IPNetwork troubleshootingTier II supportBroadcast tech
Quick Supply
Nov 2009–Jul 2010
Web Designer (Contract)
Contract web design and development. Front-end design, layout, and implementation for a supply company's digital presence.
Web designFront-endContract
Cisco
Apr 2009–Nov 2009
Network Engineer / Layer I Support / SAN Tech / Database Dev / Security Admin
Cross-functional technical role at Cisco spanning network engineering, Layer I support, SAN administration, database development, and security administration. Broad exposure to enterprise networking and security fundamentals at the source of the industry.
Cisco networkingSANSecurity adminDatabase devLayer I
Cash America
Aug 2008–Mar 2009
Network / IT Support
Network and IT support across Cash America's retail locations. Desktop support, network troubleshooting, and IT infrastructure maintenance for a large national pawnshop and lending chain.
Network supportIT supportDesktop admin
SkyWi, Inc.
Jan 2006–Jan 2007
Network Engineer / NOC Operator / Hardware Programmer
Network engineering, NOC operations, and hardware programming for a wireless internet service provider. 24/7 network monitoring, troubleshooting wireless infrastructure, and programming hardware for last-mile broadband delivery.
NOC opsWireless networkingHardware programmingISP infrastructure
Certifications

Credentials that verify the depth.

CCNA
Cisco Certified Network Associate
Cisco Systems
CCNA Security
Cisco Certified Network Security
Cisco Systems
Security+
CompTIA Security — Risk & Compliance
CompTIA
Server+
CompTIA Server Infrastructure
CompTIA
Skill depth

Production expertise across every layer.

Not surface-level familiarity. These are tools I have run in production environments at enterprise scale.

CSPM / CNAPP
  • Wiz
  • Prisma Cloud
  • AWS Security Hub
  • Orca Security
SIEM / SOAR
  • Sumo Logic
  • Cortex XSOAR
  • Azure Sentinel
  • Splunk
MDR / Detection
  • Expel MDR
  • Defender XDR
  • AWS GuardDuty
  • CrowdStrike
AI / LLM Security
  • AWS Bedrock
  • NIST AI RMF 1.0
  • Vertex AI
  • Ovalix AI Proxy
Identity / Zero Trust
  • Entra ID / AAD
  • Okta
  • Twingate ZTNA
  • Conditional Access
IaC / DevSecOps
  • Terraform / Atlantis
  • CloudFormation
  • GitHub Actions
  • Kubernetes
Cloud Platforms
  • AWS (primary)
  • Microsoft Azure
  • GCP
  • Oracle Cloud
Endpoint / Data
  • JAMF MDM
  • Microsoft Purview
  • Key Vault / KMS
  • HackerOne
HIPAA
Privacy + Security Rule. BAA structures, PHI data flow, technical safeguards, breach notification.
SOC 2 II
Trust Services Criteria. Control design, evidence automation, continuous monitoring.
NIST AI
Govern, Map, Measure, Manage. AI risk documentation, model governance, AI-specific IR.
PCI DSS
CDE scoping, network segmentation, logging architecture, vulnerability management.
FedRAMP
NIST 800-53 mapping, continuous monitoring packages, authorization boundary documentation.
Selected work

Programs built. Audits passed.

Representative engagements and the outcomes they produced. All work produced from scratch — no templated artifacts.

01 — Healthcare AI
HIPAA + NIST AI RMF Security Program
Cohere Health — Prior Auth Platform
Built the complete security program from zero: Wiz CSPM integration, Sumo Logic Cloud SIEM pipeline, Expel MDR onboarding, AI-assisted alert triage orchestration, 6-SOP library, Jira SEC project workflow, automated compliance evidence collection, and NIST AI RMF governance documentation for a production AWS Bedrock deployment handling PHI.
6
SOPs authored
3
Cloud integrations
~70%
Triage automated
WizSumo LogicExpelBedrockHIPAANIST AI RMFSOC 2
02 — Multi-cloud Infrastructure
Azure AKS Migration + Security Architecture
RXMG — Digital Marketing Platform
Designed and executed full Azure Kubernetes migration across Staging, QA, and Production environments. Built autonomous DNS management system (Python + Cloudflare + Route53), Azure Sentinel + Defender integration, and IaC security shift-left pipeline. Reduced deployment time 40%.
3
K8s clusters migrated
40%
Deployment speed
Azure AKSTerraformSentinelPythonCloudflare
03 — Enterprise CSPM
Prisma Cloud Enterprise Rollouts
Palo Alto Networks — Fortune 500 Clients
Led Prisma Cloud implementation and compliance configuration for Fortune 500 clients across 5 cloud providers. Delivered HIPAA, PCI, FedRAMP, GDPR, and DoD compliance profiles. Architected Cortex XSOAR alert automation and Terraform-based auto-remediation at scale.
5
Cloud providers
5
Compliance frameworks
4.5
Years at PAN
Prisma CloudCortex XSOARFedRAMPGDPRTerraform
04 — Security Automation
Rackspace Security Automation Platform
Rackspace — Managed Security
Built a fully autonomous Python + IDS + Cisco + Linux scripted security resolution platform handling bulk ticket processing across thousands of Rackspace clients. Alert Logic IDS, Imperva WAF, and RSA device management. Set new internal benchmarks for security ops response time and automation coverage.
1000s
Clients protected
3
yrs Tenure
PythonCisco ASAAlert LogicImperva WAFLinux
Get started

Start with the free posture review.

90 minutes. A 2-page gap report identifying your top three security exposures — no pitch, no obligation. Written by someone who has operated these programs from the inside.

  • Response within one business day
  • NDA available before any technical discussion
  • CCNA · CCNA Security · Security+ · Server+
  • Fort Worth, TX — available for DFW in-person
  • Palo Alto Networks · Amazon AWS · Microsoft Azure
BOOK YOUR FREE POSTURE REVIEW

No pitch. No sales process. Just clarity on your posture.