Information Systems student at Ma Chung University specializing in Cybersecurity. Currently serving as a GRC & IT Assurance Intern at PT ITSEC Asia Tbk — safeguarding enterprises through governance, risk management, and compliance excellence.
I am a dedicated Information Systems student at Ma Chung University, specializing in Cybersecurity, with a deep commitment to protecting critical data, infrastructure, and digital ecosystems.
Currently, I serve as a Governance, Risk, and Compliance (GRC) & IT Assurance Intern at PT ITSEC Asia Tbk, one of Indonesia's leading cybersecurity firms. In this role, I execute hands-on IT security audits, compliance assessments, and risk evaluations — mapping organizational controls against major frameworks including ISO 27001, NIST CSF 2.0 and COBIT 2019.
My expertise spans IT Governance, Enterprise Risk Architecture, Advanced Threat Analysis, and Data Automation — driven by a passion for translating complex security challenges into strategic, actionable governance solutions. I believe cybersecurity is not just about technology; it’s about building a culture of resilience and trust.
Beyond traditional cybersecurity, I am actively expanding my technical horizon into Artificial Intelligence. I am currently deep-diving into Large Language Models (LLMs), exploring Cloud AI APIs, deploying Local LLMs for privacy-first architecture, and experimenting with Model Context Protocol (MCP) Servers to securely bridge AI capabilities with enterprise workflows.
Coursera Professional Certificate — 2025
Comprehensive certification covering security foundations, SIEM tools, network security, incident response, and risk management aligned with industry standards.
SAP Record of Achievement — 2025
Specialized training in SAP Governance, Risk, and Compliance principles applied within modern S/4HANA cloud environments for enterprise risk oversight.
PT ITSEC Asia Tbk · Jakarta, Indonesia
Execute hands-on IT security, auditing, and compliance assessments within professional enterprise security environments. Analyze technical workflows and map organizational controls against major frameworks including ISO 27001 and NIST CSF 2.0. Contribute to governance and risk management initiatives that strengthen enterprise security posture.
BPM FTD · Ma Chung University
Conducted rigorous quality assurance and side-by-side (SxS) compliance checks on 20+ annual organizational reports (LPJ & Proposals), ensuring 100% data accuracy and strict adherence to administrative SOPs. Defined and implemented optimized SOPs that streamlined institutional workflows and reduced administrative errors across the faculty. Led a 9-member commission team in collaboration with deans and program heads.
A multi-generational AI-powered quiz generation platform that transforms documents, text, and files into intelligent, adaptive assessments — evolving from a simple proof-of-concept to a fully offline, privacy-first desktop flagship.
The original prototype built with Vanilla JavaScript and a PHP backend, powered by the Gemini API. This served as the foundational proof-of-concept, demonstrating the core capability of generating structured quizzes from raw text input.
A complete architectural overhaul to a modern React/Vite serverless stack. Features Google Authentication, multi-AI cloud provider support (Gemini, OpenAI, Anthropic, NVIDIA NIM), and advanced export capabilities. Live in production with a growing user base.
Built on a Native Electron architecture, V3 represents the ultimate evolution — 100% Offline Local AI (LM Studio / Ollama) with a strict Privacy-First design. Zero database, zero telemetry, zero external calls. Features Bring Your Own Key (BYOK) and 20MB local file parsing — putting full AI power directly in the user's hands with absolute data sovereignty.
Engineered a robust backend ETL pipeline. Developed customized Python scripts and advanced SQL queries to automate the extraction, parsing, and strict auditing of large-scale raw system logs. Implemented automated anomaly detection to identify logical flaws, procedural deviations, and enforce strict data hygiene.
Conducted end-to-end operational risk assessments using the ISO 31000:2018 framework. Developed comprehensive compliance audit checklists mapped to ISO 27001 controls to systematically identify security integration gaps and translate them into actionable governance insights for corporate management.
Researched attacker Tactics, Techniques, and Procedures (TTPs) associated with the Lazarus Group. Analyzed critical failures in technical controls (absence of 2FA, unencrypted sensitive data, flat network architecture) and corporate governance flaws to map comprehensive business and operational impacts.
I am open to professional networking, GRC consulting opportunities, and cybersecurity architecture discussions. Whether you’re looking for a passionate security professional, a compliance analyst, or simply want to exchange ideas — let’s connect and explore how we can build a more secure digital future together.