Hello, I'm
Dillon
Gonzalez
Senior Security Engineer focused on building scalable, automated security controls that neutralize complex threats. Specializing in cloud security, vulnerability management, and Security-as-a-Service models.
01 / About
Defending the Digital Frontier
I'm Dillon Gonzalez, a Senior Security Engineer based in Atlanta, Georgia. With over five years in the field, I specialize in building scalable, automated security controls that neutralize complex threats at the script and registry levels. I integrate deep technical engineering with business continuity and regulatory compliance.
My background spans critical infrastructure, automotive, and cloud environments, where I've deployed Security-as-a-Service models, managed privileged access for SCADA systems, and led compliance initiatives across SOX, HIPAA, and FedRAMP frameworks. I believe security is about reducing organizational noise while maintaining alignment with global regulatory standards.
I'm passionate about automation, cloud security, and building resilient systems that scale. When I'm not securing infrastructure, I'm exploring new security tools, contributing to the community, and staying ahead of emerging threats in cloud and OT/IT environments.
Cloud Security
Azure, AWS, and GCP security architecture. Identity management, network segmentation, and cloud-native threat detection.
Security Operations
SIEM/EDR deployment, vulnerability management, and continuous monitoring. Building efficient SecOps programs that scale.
Compliance & Governance
SOX, HIPAA, PCI-DSS, FedRAMP, and CCPA compliance. Risk quantification and audit-ready security controls.
Critical Infrastructure
OT/IT security, SCADA systems, PAM solutions, and network access control for mission-critical environments.
02 / Skills
Technical Arsenal
Identity & Access
Tools & Technologies
Proficiency Scale
03 / Experience
Career Timeline
04 / Certifications
Credentials & Certifications
Industry-recognized certifications validating expertise across offensive security, security management, and cloud security domains.
CompTIA Cybersecurity Analyst
CompTIA Security+
Azure Security Engineering Associate
AWS Certified Systems Administrator
Education
05 / Projects
Production Work & Case Studies
Real-world security projects and implementations across cloud, vulnerability management, and critical infrastructure.
Ransomware Defense Layer in Sentinel
Built custom KQL queries to detect anomalous PowerShell behavior and lateral movement threats. Implemented Security Copilot-assisted detection targeting Run/RunOnce registry modifications (Event ID 4104). Automated quarantine via Logic App runbooks based on real-time threat intelligence.
Impact
10% reduction in attack surface, 1.5 hours saved daily on manual analysis
Progressive Vulnerability Management Platform
End-to-end vulnerability management spanning reporting, dashboarding, and automated patching. Built Tableau and Power BI dashboards tracking critical vulnerabilities across Oracle WebLogic servers. Implemented ETL pipelines with IBM DataStage and Azure automation for data warehousing and ingestion into Elasticsearch and Defender for Cloud.
Impact
15% reduction in EOL software, 95% reporting accuracy, 80% fix integration rate
Cloud Security Migration & Patching Automation
Led migration of network, firewall, and email data from SecureWorks Taegis XDR to Microsoft Defender for Cloud, Email, and Sentinel. Collaborated with enterprise teams to build consistent bi-monthly vulnerability patching schedules. Reduced manual on-demand patching through predictable automation.
PAM & SCADA Security Architecture
Designed and deployed privileged access management solutions for critical water infrastructure SCADA systems. Integrated cloud defender and AI tools for automated alerting and threat detection. Audited Azure IAM configurations across 200+ users with evidence collection for compliance audits.
Security-as-a-Service Exception Framework
Implemented 'Deny by Default' security posture with audited exception paths. Created Logic App runbooks for automated threat response and quarantine. Reduced organizational noise by 10% through precision targeting of registry paths and threat intelligence integration.
Multi-Cloud IAM & Access Control
Expertise spanning Azure AD/Entra, AWS IAM, and GCP identity management. Implemented role-based access controls (RBAC) across 200+ users. Managed account federation, user access policies, and cloud security policies across multiple cloud platforms.
Consulting Philosophy
My approach to consulting is grounded in three principles: be relatable — I translate complex security concepts into business-aligned narratives; be direct — clear recommendations backed by data and risk analysis; be patient — I work with teams to implement security at their pace while maintaining rigor. From teaching Photoshop to neighbors, to consulting with small businesses on web infrastructure, to briefing executives on zero-trust architecture, I've learned that the best security outcomes come from understanding your audience and meeting them where they are.
06 / Contact
Get In Touch
I'm actively seeking senior security engineering roles, consulting engagements, and advisory positions. Whether you have a security challenge, need a consultant, or want to discuss an opportunity — let's connect.
Currently open to senior security engineering roles, consulting engagements, and advisory positions. Response time: within 24 hours.