Denil Cristianto's Resume

Denil Cristianto

Detail-oriented Security Analyst with 5+ years of experience in Offensive and Defensive cybersecurity.

Jakarta, Indonesia

About

Security Analyst with a proven track record in Application Security, Vulnerability Assessment, Alert Triaging, Digital Forensics, Incident Response, and Threat Intelligence. Experienced in conducting Penetration Testing across Web, Mobile, API, and Infrastructure environments. Proficient in E2E Security Operations Center (SOC) workflows, including Log Analysis, Incident Investigation, and Remediation. Strong knowledge of Multiple Operating systems, Multiple Security Devices and Tools, Cloud Security, and practical DevOps/DevSecOps.

Work Experience

Indosat Ooredoo Hutchison

2023Present

AVP Cloud & IT Security Expert

2024Present
Leading security operations and threat detection initiatives across enterprise infrastructure.
  • Overseeing security monitoring, incident response, investigation, and remediation efforts
  • Developing use cases, playbooks, and SOAR workflows to enhance SOC efficiency
  • Performing alert triage, threat/malware analysis, and full-scope DFIR investigations
  • Driving threat intelligence, hunting, and detection strategies to strengthen cyber defense
  • Assisting remediation and escalation processes for critical alerts and L3 incidents
  • Leading crisis handling and execution of Business Continuity Plans (BCP)
  • SOC
  • Incident Response
  • Threat Intelligence

Sr. Officer Application Security & DevSecOps

20232024
Led advanced penetration testing and L3 SOC operations while contributing to enterprise security initiatives.
  • Conducted comprehensive penetration testing on web, mobile, API, and infrastructure assets
  • Performed L3-level incident analysis, threat hunting, and digital forensics investigations
  • Performed manual Static Application Security Testing (SAST) using Checkmarx
  • Provided technical assessment and integration support for new security products (EDR, Firewall)
  • AppSec
  • DevSecOps
  • Penetration Testing
  • SOC

IBM Indonesia

20222023

Penetration Tester & L3 SOC Analyst

20222023
Performed dual-role responsibilities in offensive security and advanced security operations for high-impact enterprise environments.
  • Conducted in-depth penetration testing on web applications, APIs, and infrastructure, uncovering critical vulnerabilities and providing remediation guidance
  • Operated and managed cloud-based SIEM platforms, ensuring optimal log ingestion, correlation, and threat visibility
  • Led threat hunting and deep-dive incident investigations across hybrid environments
  • Developed and fine-tuned detection rules, alert use cases, and automated response playbooks for improved SOC efficiency
  • Handled WAF management, including security rule tuning, false positive reduction, and policy enforcement
  • Delivered detailed threat analysis and reporting for high-profile clients, supporting both proactive and reactive security efforts
  • Offensive Security
  • SOC
  • Threat Analysis
  • WAF

Datacomm Diangraha

20202022

Senior Penetration Tester

20202022
  • Conducted comprehensive security assessments across web, mobile, and infrastructure environments
  • Led security compliance audits for PCI-DSS and ISO 27001 certifications
  • Developed and maintained security testing methodologies and frameworks
  • Provided technical mentorship to junior security analysts
  • Web Security
  • Mobile Security
  • Infrastructure

Education

Satya Wacana Christian University

2016 - 2021
Bachelor's Degree in Computer Science

Skills

  • Security Operations (SOC)
  • Digital Forensics & Incident Response (DFIR)
  • SIEM Implementation
  • Alert Triage & Analysis
  • Log Management & Analysis
  • Security Use Case Development
  • SOAR Implementation
  • Playbook Development & Automation
  • Threat Intelligence
  • Threat Hunting
  • Web Application Security
  • Mobile Application Security
  • API Security Testing
  • Infrastructure Security
  • Vulnerability Assessment
  • Cloud Security
  • DevSecOps

Certifications

EC-Council
EC-Council Incident Handler (ECIH)
AWS
AWS Academy Cloud Foundations
Cisco
Certified Network Associate Routing and Switching
Cisco
Certified Network Associate Cybersecurity
Fortinet
NSE 1
Fortinet
NSE 2
Altered Security
CRTP
Google
Professional Cloud Security Engineer
BSI
ISO27017:2015

Projects

Bookipi Platform Security Assessment

Conducted comprehensive penetration testing of Bookipi's integrated platform, payment systems, and electronic signature functionality. Assessed web application security, API endpoints, and cloud infrastructure.

  • Penetration Testing
  • API Security
  • Cloud Security
  • Web Security
  • Mobile Apps Security

Payroller Security Assessment

Performed thorough security assessment of Payroller's cloud-based payroll system, focusing on securing sensitive financial data, testing API endpoints, and evaluating the security of automated payroll processing functions.

  • Penetration Testing
  • Cloud Security
  • API Security
  • Financial Systems
  • Mobile Apps Security

GPMMD3 Application

Conducted security assessment of GPMMD3, the official application for Ganjar-Mahfud MD's National Campaign Team (TPN) - Presidential and Vice Presidential Candidate number 3.

  • Penetration Testing
  • Mobile Security
  • Application Security

STIE YKPN Security Assessment

Performed comprehensive security testing of STIE YKPN's homepage and SIAKAD (Academic Information System), identifying and reporting security vulnerabilities.

  • Penetration Testing
  • Web Security
  • Infrastructure Security

Teknologi Edukasi Indonesia

Lead security testing and DevOps initiatives including managing WAF implementation and coordinating bug bounty program. Conducted comprehensive penetration testing and vulnerability assessments to enhance platform security.

  • Penetration Testing
  • Vulnerability Assessment
  • DevOps
  • WAF
  • Bug Bounty Program Management

Arkademi Daya Indonesia

Performed thorough penetration testing for the active platform, identifying and helping remediate security vulnerabilities to protect user data and platform integrity.

  • Penetration Testing
  • Security Assessment
  • Platform Security

Facebook BountyCon Singapore

Selected participant for BountyCon organized by Facebook and Google. Participated in Capture The Flag competition, demonstrating advanced security testing and vulnerability discovery skills.

  • CTF
  • Bug Bounty

Kawasan Industri Wijaya Kusuma

Managed server maintenance and configuration while implementing security measures including WAF deployment and PRTG monitoring system setup for enhanced infrastructure visibility.

  • System Administration
  • WAF
  • PRTG
  • Infrastructure Security

BagusMart

Developed comprehensive Point of Sales system and PPOB (Payment Point Online Bank) website to streamline business operations and payment processing.

  • Web Development
  • Point of Sales
  • PPOB

Rewards and Acknowledgements

  • Google
  • Drift
  • Bookipi
  • Payroller
  • Arkademi
  • Bukukas
  • Fidocredit
  • Flip
  • PT Lintasarta
  • PT Luarsekolah
  • Universitas Harapan Bangsa