Open to opportunities

Andriyan Kurniawan

@andriyankurniawan

Message

Cyber Security Analyst specializing in SIEM/EDR monitoring, incident response, and threat detection.

Indonesia

Message

What I'm looking for

I’m looking for a team where I can strengthen security operations through SIEM/EDR monitoring, incident investigation, and clear reporting—while continuing to grow in threat detection and incident response practices.

I’m a detail-oriented and proactive Cyber Security Analyst with over 3 years of hands-on experience in security operations, incident response, and threat monitoring. I use SIEM platforms such as Splunk and Elastic to detect and analyze suspicious activities.

I’ve worked across SOC roles—performing 24/7 monitoring, Level 1 incident investigation (triage) and escalations, and producing Daily/Biweekly/Monthly SOC activity reports. I’m familiar with log analysis, malware detection, networking protocols, and security compliance standards.

In my most recent role, I led a team of four Infosec Analysts and coordinated with stakeholders to align cybersecurity deliverables across Asia and Africa. I successfully increased the questionnaire completion rate from 9% to 99% in about a year and supported projects that were facing challenges to keep them running smoothly.

I’ve also helped move client engagements from Proof of Concept (POC) into purchasing SOC services, and supported CrowdStrike projects for a financial company client. I’m CEH and CompTIA Security+ certified (with training in progress) and passionate about contributing to secure IT environments.

Experience

Work history, roles, and key accomplishments

Security Operation Centre Tech

PT JTI

Jul 2025 - Apr 2026 (9 months)

1. Security Monitoring: Performed continuous SIEM monitoring using Trellix (McAfee ESM
2. Conducted Endpoint Detection and Response (EDR) monitoring using Cybereason to identify suspicious activities, malware, and endpoint threats.
3. Executed application and infrastructure security testing using RidgeBot automated security testing tools platform.

Information Security Analyst

PT ISS Indonesia

Apr 2024 - Apr 2025 (1 year)

Led a team of four infosec analysts and coordinated follow-ups across Asia and Africa stakeholders to complete PMI cybersecurity questionnaires. Increased the questionnaire completion rate from 9% to 99% in ~1 year and supported challenged projects to keep them running smoothly.

SIEM Incident Response Log Analysis Threat Intelligence Cybersecurity Questionnaire Coordination Jira Team Leadership Stakeholder Management Security Compliance

SOC Engineer

PT Sekur Inti Permata (SecurXcess)

Mar 2023 - Mar 2024 (1 year)

Provided 24/7 SOC support by monitoring network and systems, analyzing server/host/network logs in Elastic, and producing daily SOC activity reports. Supported SOC Proof of Concept to service purchasing and helped implement CrowdStrike for a financial client.

Crowdstrike Darktrace NDR 24 7 SOC Monitoring Log Analysis VMWare

Security Engineer (OMS)

Korelasi Persada Indonesia

May 2022 - Jul 2022 (2 months)

Monitored daily health checks across a managed security stack (SIEM, firewalls, IPS, NAC, PAM, VPN, antivirus, DLP, DNS, and insider threat tools) and performed Windows/RHEL hardening. Conducted vulnerability assessments using Tenable Nessus and created weekly/monthly reporting for client delivery.

CiscoSourceFire IPS Nessus

Cyber Security Analyst (SOC L1)

Korelasi Persada Indonesia

Feb 2021 - Apr 2022 (1 year 2 months)

Supported 24/7 SOC operations by monitoring networks and systems using Splunk/Elastic SIEM and CrowdStrike EDR. Performed L1 incident triage and escalations and produced daily, biweekly, and monthly reports for a financial client project.

Splunk Crowdstrike Log Analysis TheHive Ticketing Jira