Jun 2023 – Dec 2023 · 6 mos · Jakarta Metropolitan Area

Sep 2021 – Jun 2023 · 1 yr 9 mos

• GoTo Financial is the Fintech pillar of GoTo Group companies. Commerce Enablement is a business unit at GoTo Financial that focuses on the offline merchants segment.
• The Products under Commerce Enablement are :
• Moka POS - https://www.mokapos.com/
• GoStore - https://www.mygostore.com/
• GoKasir - https://gobiz.co.id/gokasir
• Selly - https://www.selly.id/
• As the Head of Information Security in Commerce Enablement, my responsibilities includes :
• Strategic Security Leadership: Head of Information Security, I provide visionary leadership in developing and executing the organization's information security strategy. I align security initiatives with business objectives, ensuring that security is an enabler, not an obstacle, to growth.
• Comprehensive Risk Management: I oversee the identification, assessment, and management of cyber security risks. My role involves conducting thorough risk analyses to prioritize and implement security measures that protect the organization's critical assets and data.
• Incident Response and Recovery: Spearhead incident response and forensic investigations, delivering actionable insights for continuous improvement. In the event of a security breach, I orchestrate swift and efficient responses, minimizing damage and ensuring a rapid return to normal operations.
• Security Governance: I establish and maintain a robust security governance framework, including security policies, standards, and procedures. I work closely with internal and external stakeholders to promote a culture of security awareness and compliance.
• Regulatory Compliance: I ensure that the organization complies with relevant industry regulations and standards such as ISO 27001, PDPA, PSE Kominfo. This includes establishing and maintaining policies and procedures to meet compliance requirements.

Jan 2020 – Jan 2022 · 2 yrs

• Information Security Manager (DevSecOps Leads) manages a team of Security Engineers, with the main goal is to Build an effective and efficient information security measures for all GoBiz's Cloud-based Infrastructure
• Responsibilities includes :
• Develop and oversee the organization's infrastructure security architecture
• Assess and oversee the design and implementation of new infrastructure tools technologies
• Implement effective and efficient risk-bases security measures through automation and orchestration
• Observe and monitor the evolving threats and vulnerability that might impact GoBiz's Infrastructures
• Conduct Incident Responses and Forensic investigations
• Produce various relevant security metrics
• Simplify security-related processes with automation and orchestration
• Work with different stakeholders to reduce cybersecurity risks

Jan 2019 – Dec 2019 · 11 mos

• GoMerchants is a group withing the Gojek organization which focus in handling merchants-related business processes. Midtrans and SPOTS are two of the companies within the Scope of GoMerchants.
• As an Information Security Manager at Gojek (GoMerchants) my goals are to identifies, develops, implements and maintains security-related processes that reduce the organization's operational risks.
• Responsibilities includes :
• Establish and implement security-related policies
• Ensure regulatory compliance (PCI DSS, ISO 27001, BI Licenses) for both Midtrans and SPOTS
• Oversee data security and privacy
• Manage the company's Computer Security Incident Response Team
• Supervise identity and access management
• Establish and oversee the organization's security architecture
• Conduct electronic discovery and digital forensic investigations
• Work with different department to establish disaster recovery (DR) and business continuity plans

Sep 2014 – Dec 2018 · 4 yrs 3 mos

• AVP Information Security & Compliance identifies, develops, implements and maintains security-related processes that reduce the organization's operational risks.
• Responsibilities includes :
• Establish and implement security-related policies
• Ensure regulatory compliance (PCI DSS, ISO 27001, BI License)
• Oversee data privacy
• Manage the company's Computer Security Incident Response Team
• Supervise identity and access management
• Establish and oversee the organization's security architecture
• Conduct electronic discovery and digital forensic investigations
• Work with other high-level executives to establish disaster recovery (DR) and business continuity plans

Sep 2013 – Sep 2014 · 1 yr

• Responsible of Corporate Information Technology (IT) Infrastructures Operation and Management
• Maintained a high level of service delivery in Corporate Network
• Designed and Implemented Corporate IT Infrastructure Development
• Design, implement, support, and evaluate security- focused tools and services
• Develop and interpret security policies and procedures
• Conduct risk assessments, penetration tests and vulnerability assessments
• Implement technical solutions and Participate in security compliance efforts (PCI-DSS)

Oct 2012 – Aug 2013 · 10 mos

• Deploy and maintain Infrastructures to comply with PCI-DSS compliance.
• Deploy and maintain Infrastructures redundancy and DR system for 99.5% availability.
• Manage CentOS servers running Java and Ruby for Online Payment Gateway system.
• Design, build and manage Automatic Deployment System for Agile Software Development
• Manage MySQL Cluster database.
• Manage Cisco devices (ASA Firewall, IPS, Router and Switches), Mikrotik Router and Safenet HSM.
• Manage data logging, analysis and backup.

Feb 2010 – Feb 2012 · 2 yrs · Bandung Area, West Java, Indonesia

• Teaching in subject courses :
• Computer Networks
• System Administration

Jul 2003 – Oct 2012 · 9 yrs 3 mos · Bandung, West Java, Indonesia

• Responsible of Campus’ Information and Communication Technology (ICT) Infrastructures Operation and Management • Assisted The IS Manager to service students and staff
• Maintained a high level of service delivery in Campus Network
• Designed and Implemented Campus’ ICT Infrastructure Development

Jun 2001 – Jul 2003 · 2 yrs 1 mo · Bandung, West Java, Indonesia

• Support Network & System Operation