Edho Ferdian Dwi Cahyo

Experience

• 

  Universitas 17 Agustus 1945 Surabaya

  Jun 2017 - Jul 2021

  Cyber Security Red Team | Internal Penetration Tester

  Conduct comprehensive penetration testing of internal systems within the university's network infrastructure.Identify and exploit security vulnerabilities to assess the effectiveness of existing security controls.Utilize industry-standard tools and techniques to simulate real-world attack scenarios.Evaluate the security posture of servers, workstations, and network devices.Generate detailed reports outlining discovered vulnerabilities, their severity, and recommendations for remediation.Collaborate with university IT teams to implement security best practices and mitigate identified risks.Stay up-to-date with the latest security threats, vulnerabilities, and mitigation strategies. Show less

• 

  PT Jasuindo Tiga Perkasa Tbk.

  Aug 2022 - Jul 2024

  Cyber Security Engineer

  1. Implement Automation Vulnerability Assessment using OpenVAS, and reduce cost operationally until 60 million rupiah/year2. Conduct Internal Penetration Test report and give the best recommendation that supports business processes and operational in Digital Certificate Business3. Implement BlackBox Scanner using rengine4. Improve LIDLESS SAST using Semgrep, Trufflehog, Grype and Faraday5. Log Monitoring from security control (SIEM, CCTV, FIM, HSM, and more)6. Improve process and operation IT that is related to information security.7. Conduct Security Awareness and Phishing campaigns for Internal Company8. Conduct Hardening for Almalinux and RHEL based on CIS Level 2 Server9. Security Review and Testing for External Parties10. Transform SDLC to Secure SDLC with the integration of Security tools scanner in CI/CD11. Act as Subject Matter Expert for Holding Issues related to Information Security/Cyber Security12. Conduct Red Teaming Activities like Robust APT, Phishing Campaign and Vulnerability Assessments in Office Environments13. Performs DAST using Nuclei for Apps14. Reproduce issues from External Pentester before release remediations changes15. Penetration Testing using Burp Suite, Akto, Metasploit, Sqlmap, DirBuster, Ghidra, JADX, IDA,16. Implement Metlo an open-source API security platform that inventories endpoints, detects bad actors and blocks malicious traffic in real time.17. Implement Threat Modeling for identify, prioritize, and mitigate potential security threats and vulnerabilities in a system, application, or infrastructure. Show less

• 

  Elitery

  Jul 2024 - now

  Cyber Security Engineer