In my role as an Information Security Manager, I have had the privilege and responsibility of steering our company's security posture through a comprehensive and strategic approach. Here are some highlights of my journey and achievements in this role:1. Team Leadership: I've been managing a dynamic Information Security team, encompassing both Red Team and Blue Team operations. This role involves orchestrating their efforts in simulating attacks (Red Team) and defending against them (Blue Team), ensuring a robust security environment.2. Security Review Expertise: Regularly conducted thorough security reviews of our systems, technologies, and company processes. This involved a meticulous evaluation to identify and mitigate any potential security vulnerabilities, ensuring our technology stack remains resilient against emerging threats.3. Risk Assessment: Led risk assessment initiatives within our engineering teams, identifying and evaluating potential risks. This proactive approach has been instrumental in fortifying our systems against potential security breaches.4. Vulnerability Management Program: Orchestrated a robust vulnerability management program. My focus has been to address security issues effectively and efficiently, maintaining the integrity and reliability of our systems.5. Research and Development: Engaged in research and development of cutting-edge security tools. These tools have been pivotal in safeguarding our company’s systems, aligning with the latest security trends and technologies.6. Security Procedure Development: Developed and implemented comprehensive security procedures aligned with various regulations such as BI, OJK, ISO 27001, etc. These procedures have been crucial in ensuring our systems are not just compliant, but also secure from potential threats.

Professional Achievements1. Holistic Team Management: Skillfully directed both red and blue teams, orchestrating collaborative efforts to assess and fortify the organization's security landscape.2. Strategic Security Monitoring Development: Spearheaded the conception and execution of security monitoring initiatives, ensuring the organization's readiness to detect and respond to potential threats.3. Effective Vulnerability Management Oversight: Successfully established and operated a robust vulnerability management program, systematically identifying and addressing vulnerabilities across the company's systems.4. Comprehensive Security Risk Assessment: Conducted thorough security risk assessments on the company's systems, meticulously uncovering existing risks and providing valuable insights for risk mitigation.

Professional Achievements1. Privacy Impact Assessment Expertise: Conducted comprehensive privacy impact assessments for Personally Identifiable Information (PII) data during tenure at Finantier. Ensured compliance with data protection regulations and reinforced security measures to safeguard sensitive information.2. Cybersecurity Vigilance: Spearheaded vulnerability assessments and penetration tests for all products developed by the company, demonstrating a meticulous approach to identifying and mitigating potential security risks.3. Security Culture Transformation: Successfully conceptualized and implemented a robust security awareness program within the organization. Empowered staff to become proactive contributors to a secure digital environment.4. Strategic Red Teaming: Orchestrated red teaming exercises to evaluate the company's security posture. Employed simulated attack scenarios to measure preparedness and enhance overall resilience against cyber threats.5. Innovative Research and Development: Led research and development initiatives addressing Finantier's evolving information security needs. Contributions included pioneering solutions such as "Encryption as a Service," dynamic patch management strategies, and advanced identity access management protocols.

Professional Achievements1. Strategic Leadership in Red Teaming: Proficiently orchestrated and coordinated activities within the red team, fostering a culture of proactive security assessment and improvement.2. Robust Vulnerability Management: Successfully designed and executed Vulnerability Management Programs, contributing to a heightened level of threat awareness and prompt mitigation.3. Exemplary Compliance Oversight: Played an integral role in implementing and maintaining PCI DSS and ISO 27001 information security certifications over a span of three years, ensuring rigorous adherence to industry standards.4. Architectural Security Expertise: Conducted thorough architectural security reviews for upcoming applications, collaborating closely with development teams to identify and mitigate potential vulnerabilities.5. Enhancing Employee Awareness: Executed impactful social engineering campaigns, effectively enhancing employee awareness and responsiveness to security threats.7. Risk Management Subject Matter Expertise: Emerged as a Subject Matter Expert in the risk management program, contributing invaluable insights from an offensive security standpoint.8. Innovative Tool Development: Spearheaded the development of tools dedicated to security automation tests, red teaming, and threat intelligence, bolstering the efficiency and effectiveness of security operations.9. Swift Incident Resolution: Actively participated in the resolution of information security incidents, demonstrating adeptness in handling and mitigating emerging threats.

Accomplishments and Expertise1. Risk Assessment Proficiency: Demonstrated adeptness in conducting comprehensive risk assessments, and identifying potential vulnerabilities and threats to ensure effective mitigation strategies.2. Vulnerability Management Excellence: Successfully implemented robust vulnerability management programs, employing meticulous techniques to detect and address vulnerabilities promptly.3. Penetration Testing Expertise: Proficiently conducted penetration testing exercises, rigorously assessing systems for potential weaknesses and providing actionable insights for fortified security measures.4. Web Application Firewall Implementation: Played a pivotal role in planning and executing the deployment of a Web Application Firewall (WAF), enhancing the protection of critical applications from emerging threats.

Achievements and Contributions1. Effective Penetration Testing: Successfully conducted thorough and insightful penetration testing exercises, identifying vulnerabilities and providing actionable recommendations for enhancing system security.2. Comprehensive Vulnerability Assessment: Proficiently executed vulnerability assessments, pinpointing potential weaknesses in systems and applications, contributing to proactive risk mitigation strategies.3. In-depth Security Research: Engaged in comprehensive research to enhance the understanding of evolving security systems, contributing valuable insights to the organization's defensive strategies.4. Integral Role in PCI DSS Compliance: Actively participated in ensuring security compliance with the stringent standards of the Payment Card Industry Data Security Standard (PCI DSS), bolstering the protection of sensitive payment information.5. Strategic Security Awareness Program: Designed and implemented a comprehensive security awareness program, empowering employees with the knowledge and skills to actively contribute to the organization's security posture.6. Thorough Incident Investigation: Conducted meticulous investigations into security incidents within the company, identifying root causes, facilitating resolution, and refining incident response protocols.

Key Accomplishments1. Authentication Control Management: Successfully oversaw authentication control processes, including research, configuration, and implementation of OpenLDAP and Active Directory to align with blibli.com's specific requirements.2. Streamlined Atlassian Tool Setup: Skillfully configured Atlassian tools (Bamboo, Bitbucket, Jira, and Confluence) to establish an efficient Continuous Integration process, enhancing collaboration and productivity.3. Proficient Linux Server Administration: Expertly handled the installation and maintenance of Linux servers, ensuring optimal functionality, security, and seamless operation.4. Comprehensive Monitoring System Implementation: Strategically established a comprehensive monitoring system across servers and network devices, enhancing visibility into system performance and enabling proactive troubleshooting.5. Efficient IT Support Leadership: Skillfully led IT support activities, ensuring smooth operations, timely issue resolution, and exceptional user experience.

- Maintenance of employees' PCs and laptops- Perform internet network maintenance- Helping the process of uploading news to the website