Denil Cristianto's Resume

Denil Cristianto

Incident Responder | Digital Forensics | Security Operations

Jakarta, Indonesia

About

Cybersecurity professional with 5+ years of experience specializing in Incident Response and Digital Forensics (DFIR). Skilled in detecting, analyzing, and remediating advanced security incidents across diverse infrastructures, with a strong background in SOC operations, log analysis, threat intelligence, and penetration testing. Proven ability to triage alerts, investigate security breaches, perform forensic analysis, and deliver actionable recommendations. Experienced in responding to a wide range of threat actors — from script kiddies to Advanced Persistent Threats (APT) — with practical knowledge of adversary techniques and attack patterns. Possess strong expertise in Telecommunications infrastructure, enterprise IT systems, and cloud technologies

Work Experience

Indosat Ooredoo Hutchison

2023Present

AVP Cloud & IT Security Expert

2024Present
As an Assistant Vice President directly reporting to the VP, I lead and manage a 24x7 SOC Department covering Tier 1, Tier 2, and SOC Managers. My responsibilities focus on ensuring end-to-end operational excellence, threat detection, and incident response across various infrastructure.
  • Leading and managing a 24x7 SOC Department (L1, L2, SOC Manager), ensuring operational readiness and capability building across all tiers
  • Ensuring the SOC maintains playbooks for every threat or alert, providing clear guidance and standardized response procedures
  • Providing security data and documentation for internal and external audits
  • Overseeing security monitoring, incident response, investigation, and remediation efforts
  • Performing digital forensics, alert triage, malware/threat analysis, and acting as War Room Initiator during post-incident investigations
  • Developing and implementing use cases, playbooks, and SOAR workflows to improve SOC efficiency
  • Driving threat intelligence, proactive hunting, and detection strategies to strengthen cyber defense
  • Assisting remediation and escalation processes for critical alerts and L3 incidents
  • Leading crisis handling, execution of Business Continuity Plans (BCP), and serving as decision maker for cross-departmental incident outcomes (takedown or release decisions)
  • SOC
  • Incident Response
  • Threat Intelligence
  • DFIR

Sr. Officer Application Security & DevSecOps

20232024
Led advanced penetration testing and L3 SOC operations while contributing to enterprise security initiatives.
  • Conducted comprehensive penetration testing on web, mobile, API, and infrastructure assets
  • Performed L3-level incident analysis, threat hunting, and digital forensics investigations
  • Performed manual Static Application Security Testing (SAST) using Checkmarx
  • Provided technical assessment and integration support for new security products (EDR, Firewall)
  • AppSec
  • DevSecOps
  • Penetration Testing
  • SOC

IBM Indonesia

20222023

Penetration Tester & L3 SOC Analyst

20222023
Performed dual-role responsibilities in offensive security and advanced security operations for high-impact enterprise environments.
  • Conducted in-depth penetration testing on web applications, APIs, and infrastructure, uncovering critical vulnerabilities and providing remediation guidance
  • Operated and managed cloud-based SIEM platforms, ensuring optimal log ingestion, correlation, and threat visibility
  • Led threat hunting and deep-dive incident investigations across hybrid environments
  • Developed and fine-tuned detection rules, alert use cases, and automated response playbooks for improved SOC efficiency
  • Handled WAF management, including security rule tuning, false positive reduction, and policy enforcement
  • Delivered detailed threat analysis and reporting for high-profile clients, supporting both proactive and reactive security efforts
  • Offensive Security
  • SOC
  • Threat Analysis
  • WAF

Datacomm Diangraha

20202022

Senior Penetration Tester

20202022
  • Conducted comprehensive security assessments across web, mobile, and infrastructure environments
  • Led security compliance audits for PCI-DSS and ISO 27001 certifications
  • Developed and maintained security testing methodologies and frameworks
  • Provided technical mentorship to junior security analysts
  • Web Security
  • Mobile Security
  • Infrastructure

Education

Satya Wacana Christian University

2016 - 2021
Bachelor's Degree in Computer Science

Skills

  • Security Operations (SOC)
  • Digital Forensics & Incident Response (DFIR)
  • SIEM Implementation
  • Alert Triage & Analysis
  • Log Management & Analysis
  • Security Use Case Development
  • SOAR Implementation
  • Playbook Development & Automation
  • Threat Intelligence
  • Threat Hunting
  • Web Application Security
  • Mobile Application Security
  • API Security Testing
  • Infrastructure Security
  • Vulnerability Assessment
  • Cloud Security
  • DevSecOps

Certifications

EC-Council
EC-Council Incident Handler (ECIH)
AWS
AWS Academy Cloud Foundations
Cisco
Certified Network Associate Routing and Switching
Cisco
Certified Network Associate Cybersecurity
Fortinet
NSE 1
Fortinet
NSE 2
Altered Security
CRTP
Google
Professional Cloud Security Engineer
BSI
ISO27017:2015

Projects

Bookipi Platform Security Assessment

Conducted comprehensive penetration testing of Bookipi's integrated platform, payment systems, and electronic signature functionality. Assessed web application security, API endpoints, and cloud infrastructure.

  • Penetration Testing
  • API Security
  • Cloud Security
  • Web Security
  • Mobile Apps Security

Payroller Security Assessment

Performed thorough security assessment of Payroller's cloud-based payroll system, focusing on securing sensitive financial data, testing API endpoints, and evaluating the security of automated payroll processing functions.

  • Penetration Testing
  • Cloud Security
  • API Security
  • Financial Systems
  • Mobile Apps Security

GPMMD3 Application

Conducted security assessment of GPMMD3, the official application for Ganjar-Mahfud MD's National Campaign Team (TPN) - Presidential and Vice Presidential Candidate number 3.

  • Penetration Testing
  • Mobile Security
  • Application Security

STIE YKPN Security Assessment

Performed comprehensive security testing of STIE YKPN's homepage and SIAKAD (Academic Information System), identifying and reporting security vulnerabilities.

  • Penetration Testing
  • Web Security
  • Infrastructure Security

Teknologi Edukasi Indonesia

Lead security testing and DevOps initiatives including managing WAF implementation and coordinating bug bounty program. Conducted comprehensive penetration testing and vulnerability assessments to enhance platform security.

  • Penetration Testing
  • Vulnerability Assessment
  • DevOps
  • WAF
  • Bug Bounty Program Management

Arkademi Daya Indonesia

Performed thorough penetration testing for the active platform, identifying and helping remediate security vulnerabilities to protect user data and platform integrity.

  • Penetration Testing
  • Security Assessment
  • Platform Security

Facebook BountyCon Singapore

Selected participant for BountyCon organized by Facebook and Google. Participated in Capture The Flag competition, demonstrating advanced security testing and vulnerability discovery skills.

  • CTF
  • Bug Bounty

Kawasan Industri Wijaya Kusuma

Managed server maintenance and configuration while implementing security measures including WAF deployment and PRTG monitoring system setup for enhanced infrastructure visibility.

  • System Administration
  • WAF
  • PRTG
  • Infrastructure Security

BagusMart

Developed comprehensive Point of Sales system and PPOB (Payment Point Online Bank) website to streamline business operations and payment processing.

  • Web Development
  • Point of Sales
  • PPOB

Rewards and Acknowledgements

  • Google
  • Drift
  • Bookipi
  • Payroller
  • Arkademi
  • Bukukas
  • Fidocredit
  • Flip
  • PT Lintasarta
  • PT Luarsekolah
  • Universitas Harapan Bangsa