Cybersecurity Specialist & Penetration Tester with hands-on experience in VAPT, SIEM/SOC operations, incident response, and security architecture across government, enterprise, and Web3 environments. Holds 8 professional certifications including CEH, ECIH, and CND. Proven track record of securing 100+ endpoints, improving client security posture by 40%, and delivering actionable security insights to both technical and executive stakeholders.
Education
Universitas Bumigora — Mataram · GPA: 3.70 / 4.00
Professional Experience
Independent — Remote, Indonesia
- Provide on-demand VAPT, security architecture review, and incident response for SMEs and startups across Southeast Asia
- Conduct web app, API, and network penetration tests using Burp Suite, Nuclei, Nmap, Metasploit, and custom Python tooling
- Advise Web3/crypto projects on smart contract risk assessment, community security hygiene, and phishing prevention
- Deliver executive-friendly security assessment reports with prioritized remediation roadmaps
PT Merdeka Copper Gold
- Built the organization's security system from the ground up — designed architecture, deployed tools, and established security policies for mining enterprise infrastructure
- Developed automation systems for continuous endpoint monitoring and automated report generation, enabling real-time visibility across all endpoints
NOOSC Security Global — Jakarta
- Deployed and managed SIEM platforms (Wazuh) monitoring 100+ endpoints with real-time threat detection and SOC-level alerting
- Designed end-to-end security architectures: network segmentation, IDS/IPS, logging pipelines, IR workflows
- Conducted VAPT using OWASP & MITRE ATT&CK, integrating 10+ security tools into unified client stacks
- Improved client security posture by 40% through monthly assessments and remediation roadmaps
PT. Metrodata Electronics Tbk — Jakarta
- Performed incident analysis and triage across enterprise networks, identifying and escalating 20+ security events
- Applied ethical hacking and network defense techniques under senior security engineer mentorship
Dinas Kominfo KSB — Sumbawa Barat
- Deployed SIEM systems for real-time threat detection across government servers and infrastructure
- Conducted VAPT on 5 government websites using Nuclei, Burp Suite, and OWASP methodologies
- Delivered cybersecurity awareness sessions at 6 institutions, reaching 300+ participants
Telkom Indonesia — Sumbawa
- Installed and maintained fiber optic infrastructure, completing 50 FTTH connections
- Configured access points at 5 client locations to improve network coverage
Community Experience
BasedBot
- Represent and promote BasedBot, engaging community members and communicating project updates
Space Nation
- Tested and provided feedback on Web3 game development; managed Indonesian community queries daily
SmartLayer — Indonesia Region
- Created Bahasa content and managed community of 2,000+ members with daily engagement
Skills & Tools
Offensive Security
Burp Suite · Nuclei · Metasploit · Nmap · SQLmap · Hydra · Hashcat · Wireshark · OWASP ZAP · Gobuster · BloodHound · Python · Bash
Defensive Security
Wazuh · Splunk · Elastic Stack · EDR · NDR · XDR · SOAR · Firewall · IDS/IPS · VPN · VMware · Proxmox · Docker · Ansible
Frameworks & Methodologies
OWASP · MITRE ATT&CK · NIST · OSINT · Threat Intelligence · Reverse Engineering · Forensics · Vulnerability Management
Soft Skills
Client Communication · Technical Reporting · Teamwork · Problem Solving · Critical Thinking · Security Awareness Training
Certifications
- CEH — Certified Ethical Hacker (EC-Council, Mar 2025)
- ECIH — Certified Incident Handler (EC-Council, Jun 2024)
- CND — Certified Network Defender (EC-Council, Jun 2024)
- CAP — Certified AppSec Practitioner (Sep 2024)
- CNSP — Certified Network Security Practitioner (Sep 2024)
- Cybersecurity Awareness Professional (Sep 2024)
- Alibaba Cloud Associate: Cloud Security (Jul 2020)
- BNSP: Network Designer (Mar 2024)