Heru G.

Experience

• 

  Telkom Indonesia

  Jun 2019 - Aug 2019

  IT Support

  What am I doing?- Install a few Software and setup laptop with windows.- Perform computer troubleshooting if there are problems.- Update and install windows on the PC or Laptop that will be used

• 

  PT Newton Cipta Informatika

  Mar 2021 - Dec 2022

  What am I doing?- Create, improve, and use wireframes, prototypes, and user types to communicate interaction ideas effectively in a variety of ways.- Designing, presenting, and defending design decisions.- Create layouts based on user feedback.- Develop UI display mockups and prototypes to describe product functions and performance (SIMUDAH - PMI Banten).- Designing a framework with HTML and CSS to create a user-friendly web UI design. What am I doing?- Make a SOP flowchart for testing egg quality and laying hen maintenance.- Create monthly security and network improvement reports using the SPSE application.- Attend meetings with clients for discussions on application development.- Make letters for office needs such as work orders and letters of offer of goods and services.- Uploading products to the e-catalog.- Perform company data entry.

  • UI Design

    Jan 2022 - Dec 2022

  • Office Administrator

    Mar 2021 - Dec 2022
• 

  PT Data Protekta Utama

  Jan 2022 - Apr 2023

  PT Data Protekta Utama is a subsidiary of PT Newton Cipta Informatika which is engaged in network security to assist IT business performance at PT Newton Cipta Informatika.What am I doing?- Monitor and analyze indications of cyber threats.- Provides comprehensive information when a threat is detected.- Perform vulnerability assessments both on infrastructure, and web applications.- Generate reports on the results of security assessments, both from the results of vulnerability scanning. Show less

  • L1 SOC Analyst

    Jan 2023 - Apr 2023

  • System Administrator

    Jan 2022 - Dec 2022
• 

  PT. Sembilan Pilar Semesta

  May 2023 - now

  What am I doing?- Develop custom detection rules, alerting logic, and correlation queries in ELK & Stellar Cyber to enhance threat detection capabilities.- Build operational playbooks to support L1 and L2 analysts during security incident investigations.- Create custom dashboards using Stellar Cyber & ELK Dashboard for SOC monitoring purposes.- Analyze security events and correlate them into actionable playbooks for incident response.- Monitor and investigate security alerts from SIEM, Firewall, XDR.- Validate security incidents and escalate significant threats to the SOC Manager or L3 Analyst.- Assist and train L1 analysts by providing guides, cheat sheets, and documentation.- Track SOC performance based on SLA metrics and incident resolution quality.- Managed SOAR workflows to automate incident response tasks, improving SOC efficiency and SLA adherence.- Implemented log filtering strategies and detection techniques to reduce false positives and identify unauthorized access attempts.- Conducted deep-dive analysis on incidents (e.g., website defacements), tracing attack vectors, source IPs, and tactics used.- Collaborated closely with L1, L2, L3 analysts and SOC Managers to investigate incidents and ensure workflow continuity.- Led product demos and Proof of Concept (PoC) initiatives for stakeholders evaluating cybersecurity tools and platforms.- Developed automation tools, including a bulk scanning API for domain/IP reputation checking, to streamline SOC processes.- Generated weekly and monthly security reports to track alert trends, incident metrics, and SLA compliance.- Analyzed and troubleshot parsing errors in Stellar Cyber logs, resolving field mismatches and incomplete data ingestion issues.- Performed deep-dive investigations on incomplete or misstructured logs in ELK to restore visibility and ensure parsing accuracy. Show less What am I doing?- Monitoring SIEM 24/7 and making daily reports of malicious activity detected from the Stellar Cyber system.- Analyzing event logs that indicate a threat or not on the SIEM and SOAR dashboard.- Perform documentation/ticketing for detected incidents or dangerous activities.- Learn the new concept of Blue Team Open XDR Technology for SIEM Monitoring and Cyber Threat Intelligence Analysis with Stellar Cyber Open XDR.- Create a spreadsheet formula that is integrated with the VirusTotal API to scan results for large numbers of malicious domains and IP addresses- Analyze activities that indicate attacks on Threat Hunting Stellar Cyber- Create monthly reports incidents- Checking IP address on the firewall (Palo Alto, Threat Armor) Show less

  • Senior Security Analyst

    Jul 2024 - now

  • Security Analyst

    May 2023 - Jun 2024