Supporting Advisory & Implementation practice for Security & Resiliency services

+ Reporting directly to Head of Cyber Operation ID (acting as Head for temporary replacement)+ Managing multiple projects and resources + Building services and teams (R&D), and improving the internal delivery process + Supporting pre-sales activities and providing deliverables to meet client’s expectations+ Providing Security Assessment services for various industries, including: •Penetration testing (Web Application, Mobile Application, Network &… Show more + Reporting directly to Head of Cyber Operation ID (acting as Head for temporary replacement)+ Managing multiple projects and resources + Building services and teams (R&D), and improving the internal delivery process + Supporting pre-sales activities and providing deliverables to meet client’s expectations+ Providing Security Assessment services for various industries, including: •Penetration testing (Web Application, Mobile Application, Network & Infrastructure) •Vulnerability assessment and management •Phishing Exercise •Cyber security advisory+ Reverse engineering - building custom javascript to bypass root detection and SSL pining for mobile application security (Android platform). + Part of a red teaming project for infrastructure preparation including servers and tools setup in AWS cloud environment, and phishing campaign setup and execution. Executing post-exploitation and basic malware development using CobaltStrike+ Administering and supporting hiring process for CyberOps consultants IDSeveral vulnerability assessments and penetration testing tools are used: Burp Suite, Nmap, Nessus, MobFS, Nikto, Directory Scanner,Sqlmap, Metasploit,Cobaltstrike, etc.RE Tools: Frida, Objection, Jadx-Gui, APKTool, Visual Studio Code, Ghidra. Programming Language: Basic Java and Javascript. Show less

IT Security Operations with key responsibilities:+ Performing penetration testing and vulnerability assessment towards server infrastructure, web application and mobile application+ Working together with HQ in Czech as part of Security Operations Center (SOC) team in monitoring and handling SIEM+ Working with server team and network team to build secure infrastructure, environment and link of communication (network security, security architecture, vulnerability management, patch… Show more IT Security Operations with key responsibilities:+ Performing penetration testing and vulnerability assessment towards server infrastructure, web application and mobile application+ Working together with HQ in Czech as part of Security Operations Center (SOC) team in monitoring and handling SIEM+ Working with server team and network team to build secure infrastructure, environment and link of communication (network security, security architecture, vulnerability management, patch management, cryptography and WAF implementation)+ Supporting the team to establish and review security standard policy and procedure for IT audit and IT compliance (ISO 27001, PCI DSS, Bank of Indonesia and OJK regulation) - Internal and External IT Audit+ Building secure SDLC with IT Development Team, including basic source code review+ Working with business owner, system and core analyst and application team in assessing and reviewing user access management (UAM)+ Administering Mobile Device Management (MDM)+ Team member of security project implementation: PAM, IDM, & DLP+ Supporting day-to-day operations such as ticketing for access request and firewall request & review and request for changes (RFC)+ Team member of o365 SaaS and hybrid cloud service implementation, including cloud security assessment+ Administer anti-virus and secure end-point assets (including license purchasing)+ Maintaining and establishing good communication with all counterparts in every cyber security tasks and projects+ Cyber Risk / Information Security Risk Assessment, IT Risk Management (IT GRC), Third Party Security Assessment+ Internal Cybersecurity Consultant+ Vendor management (RFP review, Tendering Process, Engagement Letter/SOW document review, etc)+ Review and Reporting (Word & Excel Documentation)+ Involved in CAPEX & OPEX budgeting Show less

Key Responsibilities:+ Performing penetration testing for Web Application, Mobile Application and IT Infrastructure (Ethical Hacking)+ Performing Third Party Security Assessment for client/supplier/vendor in Banking and Global Business Travel (GBT) industry + Performing vulnerability assessment (VA) against servers and IT infrastructure+ Reviewing firewall rules and access policies related to security domain+ Performing compliance review for DC & DRC + Performing IT… Show more Key Responsibilities:+ Performing penetration testing for Web Application, Mobile Application and IT Infrastructure (Ethical Hacking)+ Performing Third Party Security Assessment for client/supplier/vendor in Banking and Global Business Travel (GBT) industry + Performing vulnerability assessment (VA) against servers and IT infrastructure+ Reviewing firewall rules and access policies related to security domain+ Performing compliance review for DC & DRC + Performing IT audit and IT security assessments, including IT compliance review based on government regulatory (POJK and PBI) and security standard and best practices such as ISO 27001 and NIST+ Management consulting of Information Security+ Preparing RFP + Penetration test and VA reporting including risk assessment based on OWASP, CVSS and matrix+ Documentation and reporting Show less

Key Responsibilities as Network Administrator - NOC (L1 & L2 Support):+ Monitoring all network nodes and traffics, including netflow and QoS management+ Working on network security devices such as firewall, proxy server, and web application firewall, load balancer, including configuration and rules review and implementation+ Working on MPLS LAN and WAN (OSPF, EIGRP and BGP), including troubleshooting issues+ Operating PBX/PABX, VOIP and telephony applications and devices… Show more Key Responsibilities as Network Administrator - NOC (L1 & L2 Support):+ Monitoring all network nodes and traffics, including netflow and QoS management+ Working on network security devices such as firewall, proxy server, and web application firewall, load balancer, including configuration and rules review and implementation+ Working on MPLS LAN and WAN (OSPF, EIGRP and BGP), including troubleshooting issues+ Operating PBX/PABX, VOIP and telephony applications and devices, including voice recording+ Communicating and escalating major issues with Singapore regional team+ Working together with network vendors, security vendors, provider, sysadmin and application team and service desk team+ working with management and release team for change request (RFC) in BAU+ Supporting Helpdesk for any network issues (L1 & L2)+ Project Management & Network Reporting+ Ticketing management (Tufin and Remedyforce)Big Project: DC & DRC Migration, Outlook Mail System Migration, IP Segment & Firewall Rule StandardizationKeywords: OSI Layer, TCP/IP, routing, switching, WAN, LAN, checkpoint firewall, rule based policies, bluecoat proxy, load balancer, BigIP F5 VPN access, wireless, windows server, linux, data center, network monitoring, network admin, NICE voice recording, AVAYA voip environment, network security team, network engineer, F5 BigIP LTM, Cisco, Vendor Management, Solarwind, WAF Imperva Show less