Denil Cristianto's Resume

Denil Cristianto

Incident Response Lead | Cyber Threat Intelligence | Digital Forensics

Jakarta, Indonesia

About

Incident Response and Threat Intelligence Lead with 6+ years of experience in cybersecurity operations across enterprise, IT, telco, and cloud environments.

Led 24x7 SOC operations, reduced incident response time by 30%, and improved detection, containment, and root cause analysis outcomes through playbooks, SOAR automation, and cross-functional coordination.

Proficient in SIEM (Elastic, LogRhythm, Splunk ES), EDR/XDR, NDR, WAF, DLP/CASB, and DFIR workflows using Autopsy, Magnet AXIOM, and OpenText EnCase. Experienced in malware analysis, MITRE ATT&CK mapping, and cyber threat intelligence (CTI).

Work Experience

Indosat Ooredoo Hutchison

2023Present

AVP Cloud & IT Security Expert

2024Present
Reduced incident response time by 30% through leadership of a 24x7 SOC team, standardizing playbooks, and improving detection and containment workflows across enterprise, IT, telco, and cloud environments.
  • Led and mentored Tier 1–3 SOC analysts across a 24x7 operating model
  • Built and maintained incident response playbooks, detection use cases, and SOAR workflows
  • Managed the full incident response lifecycle from detection and triage through containment, eradication, recovery, and post-incident review
  • Performed digital forensics across network, endpoint, and telco assets, including 30+ servers in 2 months
  • Conducted compromise assessments on 1,800+ servers and coordinated remediation
  • Drove threat intelligence and proactive threat hunting to strengthen detection coverage
  • Led crisis response and Business Continuity Plan (BCP) activation, coordinating cross-departmental decision-making
  • Prepared audit evidence and delivered incident reports and strategic recommendations to C-level stakeholders
  • SOC
  • Incident Response
  • Threat Intelligence
  • DFIR

Sr. Officer Application Security & DevSecOps

20232024
Delivered application security testing and L3 SOC support for enterprise systems, combining offensive assessment with incident response operations.
  • Conducted penetration testing for web, mobile, API, and infrastructure assets
  • Performed L3 incident analysis, threat hunting, and digital forensics investigations
  • Executed static application security testing (SAST) using Checkmarx
  • Supported technical evaluation and integration of new security products, including EDR and firewalls
  • AppSec
  • DevSecOps
  • Penetration Testing
  • SOC

IBM Indonesia

20222023

Penetration Tester & L3 SOC Analyst

20222023
Integrated penetration testing with L3 SOC operations, threat intelligence, and proactive threat hunting to reduce enterprise exposure and improve detection outcomes.
  • Conducted penetration testing on web applications, APIs, and infrastructure, and delivered actionable remediation guidance
  • Operated cloud-based SIEM platforms and improved log correlation and threat visibility
  • Produced threat intelligence from IOC and TTP analysis, mapped findings to MITRE ATT&CK, and translated insights into prioritized detections
  • Led hypothesis-driven threat hunting and deep-dive incident investigations across hybrid environments
  • Developed detection rules, alert use cases, and automated response playbooks to improve SOC efficiency
  • Managed WAF tuning, reduced false positives, and strengthened policy enforcement
  • Delivered clear technical reporting for high-profile clients and stakeholder teams
  • Offensive Security
  • SOC
  • Threat Intelligence
  • Threat Hunting
  • WAF

Datacomm Diangraha

20202022

Senior Penetration Tester

20202022
Led security assessments supporting PCI-DSS and ISO 27001 readiness across web, mobile, and infrastructure environments.
  • Conducted security assessments across web, mobile, and infrastructure systems, and prioritized remediation efforts
  • Supported compliance audits for PCI-DSS and ISO 27001 with technical evidence and risk findings
  • Developed and maintained security testing methodologies and assessment frameworks
  • Mentored junior analysts on assessment techniques, reporting quality, and remediation tracking
  • Communicated findings and recommendations clearly to technical and business stakeholders
  • Web Security
  • Mobile Security
  • Infrastructure

Skills

  • Incident Response Lifecycle
  • Cyber Threat Intelligence (CTI)
  • Digital Forensics (DFIR)
  • Malware Analysis
  • Threat Hunting
  • MITRE ATT&CK
  • 24x7 SOC Operations
  • SIEM Engineering
  • Detection Engineering
  • SOAR Automation
  • EDR/XDR/NDR
  • Log Analysis
  • Root Cause Analysis
  • WAF/DLP/CASB/DDoS Defense
  • Autopsy/Magnet AXIOM/OpenText EnCase
  • Incident Management
  • Crisis Management
  • Vulnerability Management
  • Cloud Security
  • Web/Mobile/API Security Testing
  • Infrastructure Security
  • DevSecOps
  • Team Leadership
  • Executive Stakeholder Reporting

Certifications

EC-Council
EC-Council Incident Handler (ECIH)
EC-Council
EC-Council Certified Threat Intelligence Analyst (CTIA)
AWS
AWS Academy Cloud Foundations
Cisco
CCNA Routing and Switching
Cisco
CCNA Cybersecurity
Fortinet
NSE 1 Network Security Associate
Fortinet
NSE 2 Network Security Associate
Altered Security
Certified Red Team Professional (CRTP)
Google Cloud
Professional Cloud Security Engineer
BSI
ISO/IEC 27017:2015

Education

Satya Wacana Christian University

2016 - 2021
Bachelor's Degree in Computer Science

Projects

Bookipi Platform Security Assessment

Conducted comprehensive penetration testing of Bookipi's integrated platform, payment systems, and electronic signature functionality. Assessed web application security, API endpoints, and cloud infrastructure.

  • Penetration Testing
  • API Security
  • Cloud Security
  • Web Security
  • Mobile App Security

Payroller Security Assessment

Performed thorough security assessment of Payroller's cloud-based payroll system, focusing on securing sensitive financial data, testing API endpoints, and evaluating the security of automated payroll processing functions.

  • Penetration Testing
  • Cloud Security
  • API Security
  • Financial Systems
  • Mobile App Security

GPMMD3 Application

Conducted security assessment of GPMMD3, the official application for Ganjar-Mahfud MD's National Campaign Team (TPN) - Presidential and Vice Presidential Candidate number 3.

  • Penetration Testing
  • Mobile Security
  • Application Security

STIE YKPN Security Assessment

Performed comprehensive security testing of STIE YKPN's homepage and SIAKAD (Academic Information System), identifying and reporting security vulnerabilities.

  • Penetration Testing
  • Web Security
  • Infrastructure Security

Teknologi Edukasi Indonesia

Led security testing and DevOps initiatives, including WAF implementation and bug bounty program coordination. Conducted penetration testing and vulnerability assessments to improve platform security.

  • Penetration Testing
  • Vulnerability Assessment
  • DevOps
  • WAF
  • Bug Bounty Program Management

Arkademi Daya Indonesia

Performed thorough penetration testing for the active platform, identifying and helping remediate security vulnerabilities to protect user data and platform integrity.

  • Penetration Testing
  • Security Assessment
  • Platform Security

Facebook BountyCon Singapore

Selected participant for BountyCon organized by Facebook and Google. Participated in Capture The Flag competition, demonstrating advanced security testing and vulnerability discovery skills.

  • CTF
  • Bug Bounty

Kawasan Industri Wijaya Kusuma

Managed server maintenance and configuration while implementing security measures including WAF deployment and PRTG monitoring system setup for enhanced infrastructure visibility.

  • System Administration
  • WAF
  • PRTG
  • Infrastructure Security

BagusMart

Developed comprehensive Point of Sales system and PPOB (Payment Point Online Bank) website to streamline business operations and payment processing.

  • Web Development
  • Point of Sales
  • PPOB

Bug Bounty Achievements

Bug Bounty Recognition
2019 - Present
Recognized for responsible vulnerability disclosure and validated bug bounty submissions across the following organizations.
  • Google
  • Drift
  • Bookipi
  • Payroller
  • Arkademi
  • Bukukas
  • Fidocredit
  • Flip
  • PT Lintasarta
  • PT Luarsekolah
  • Universitas Harapan Bangsa