Gerard Vince Lillo

SECURITY ENGINEERING PORTFOLIO

Gerard Vince Lillo

Security Engineer focused on practical automation.

I build clean security workflows for CI/CD, cloud posture, and detection response. Less noise, faster action, clearer ownership.

View projects Download resume

Currently

Security Engineer at Cloud Ready Technologies Corp.

400+ endpoints protected

CI/CD security pipeline automation

SOAR detection-to-ticket integrations

Python AWS Bitbucket Jira

Automate triage

Convert findings into actionable tickets.

Harden cloud posture

Prioritize fixes with practical remediation paths.

Improve response

Reduce handling time across detection workflows.

About

I design security systems that teams can actually run day to day.

What I optimize for

Clear signal, repeatable workflows, and measurable improvements.

I prefer practical controls over heavy process.

Focus areas

Vulnerability pipelines Detection automation Cloud posture Pentesting SOC workflows Reporting systems

Approach

A simple model I use to move from finding to fix.

Step 01

Assess & Prioritize

Find recurring risks and rank fixes by impact.

Step 02

Automate & Integrate

Turn output into tickets, owners, and deadlines.

Step 03

Validate & Iterate

Test, tune, and improve from real incidents.

Projects

Selected case studies plus latest repositories from GitHub.

PrivacyIntent privacy scanning CLI output screenshot

Flagship

PrivacyIntent

Open-source CLI for privacy risk scanning.

  • Playwright-driven checks for trackers, headers, cookies, and possible PII.
  • JSON and Markdown outputs for engineering workflows.
Python Playwright Privacy CLI
View case repo

Private build

PrivacyIntent Pro

Extended workflow for teams needing policy checks and monitoring.

  • CI/CD privacy gate with policy-based pass/fail checks.
  • Scheduled scans with change detection.
  • Compliance-oriented reporting outputs.
Private CI/CD Gate Monitoring Policy-as-Code
Talk through this build
GuardSweep EDR project screenshot

Case study

GuardSweep

Python endpoint monitoring prototype.

  • Real-time process, file, and network activity checks.
  • Designed for lightweight triage visibility.
Python EDR Threat detection
View case repo

Loading projects...

Experience

Cloud Ready Technologies Corp. - roles and impact.

Security Engineer

Cloud Ready Technologies Corp.

May 2025 - Present

Highlights

  • Deployed Trend Micro Vision One FSS for detection monitoring, investigation support, and response coordination.
  • Designed and implemented a CI/CD security pipeline using Bitbucket Pipelines to automate vulnerability scanning with Trivy.
  • Built a Python parser for Trivy JSON to identify critical misconfigurations and de-duplicate findings.
  • Automated remediation workflow by creating Jira tickets directly from pipeline findings.
  • Performed SaaS API pentesting and reported issues like CORS misconfigurations and token replay vulnerabilities.

Security ops & cloud

  • Conducted cloud posture assessments using Prowler and Plerion; researched remediation strategies.
  • Configured CrowdStrike Falcon SOAR to create Jira tickets from detections, improving response time.
  • Deployed Bitdefender BEST to 400+ Windows endpoints via Active Directory integration.
  • Led design of managed backup service; created SOW and cost analysis for Commvault/AWS backups.
  • Resolved domain reputation issue by coordinating with VirusTotal and vendors to clear false positives.
Trivy Bitbucket Pipelines Jira Trend Micro Vision One CrowdStrike SOAR Prowler AWS

Security Analyst

Cloud Ready Technologies Corp.

July 2024 - April 2025
  • Monitored and triaged security alerts using Splunk, documenting incidents by severity and escalation protocol.
  • Analyzed Indicators of Compromise (IoCs) to identify and neutralize threats across client environments.
  • Authored weekly health check reports on endpoint malware detection, agent status, and policy compliance.
  • Provided tailored security recommendations including upgrade advisories and mitigation plans.
Splunk Incident triage IoC analysis Reporting

Software Engineer

Cloud Ready Technologies Corp.

Jan 2024 - July 2024
  • Developed Python log parsers to automate alert processing and integrate output with Jira for SOC analysts.
  • Used AWS Lambda for serverless execution, CloudWatch for debugging, S3 for storage, and EC2 for hosting Wazuh/Graylog.
  • Implemented SQS for delayed processing and improved automation reliability.
  • Configured VPCs and security groups to restrict access and secure Wazuh and Graylog instances.
Python AWS Lambda SQS Wazuh Graylog

Certifications

Professional credentials relevant to security engineering and operations.

Certifications

Junior Penetration Tester INE Security - Issued on October 20, 2024 GravityZone Cloud MSP Security Technical Specialist Bitdefender - Issued on June 20, 2025 ICSI | CNSS Certified Network Security Specialist ICSI - Issued on July 10, 2020 IBM Cybersecurity Analyst IBM - Issued on February 23, 2023

Contact

Open to security engineering roles and project collaborations.