Taufiq Hidayat
South Jakarta
Summary
Dynamic Information Security Manager at AXA Mandiri Financial Services with expertise in risk management and incident response. Proven track record in developing robust security strategies and managing compliance audits, ensuring technical controls are effectively implemented. Adept at fostering collaboration across departments to enhance organizational security posture and mitigate risks.
Overview
16
16
years of professional experience
1
1
Certification
Work History
Information Security Manager
AXA Mandiri Financial Services
11.2022 - Current
- Serve as a focal point of contact for the information security team and the customer or organization
- Manage security team members and all other information security personnel
- Creating and managing security strategies
- Oversee information security audits, whether by performed by organization or third-party personnel
- Manage information security and risk management awareness training programs for all employees and contractors
- Communicate and implement a risk-based process for vendor risk management, including the assessment and treatment for risks that may result from partners, consultants, and other service providers.
- Work directly with the business units to facilitate IT risk assessment, and work with stakeholders throughout the enterprise on identifying acceptable levels of residual risk.
- Communicate information security goals and new programs effectively with other department managers within the organization
- Manage security issues and incidents, and participate in problem and change management forums
- Recommend and coordinate the implementation of technical controls to support and enforce defined security policies
Infrastructure Security Specialist
AXA Services Indonesia
04.2016 - 11.2022
- Responsible to review, define, control, and monitor the IT Security measures for Infrastructure and Application
- Responsible to ensure compliance of design and implementation of the IT Infrastructure and application design toward the IT Security Policy
- Define and monitor operational/project performance of IT Security implemented and operated for all AXA Indonesia business entities (either it is done internally by AXA and/or External Party)
- Responsible to support any audit and compliance review performed internally by AXA and/or external auditor
- Act as a Subject Matter Expert (SME) for Information Security related issues
Infrastructure Security Consultant
Accenture Indonesia
03.2015 - 03.2016
- Work with a team delivering consulting services to high growth organizations; be responsible to lead analyst teams
- Create and cultivate relationships with clients based on capability and credibility
- Demonstrate advanced understanding of business processes, risk management, IT controls and related standards
- Assist with performing capability assessments, developing good practice recommendations and pragmatic remediation strategies
- Identify/evaluate business and technology risks
- Design and implement appropriate controls, technologies and processes to adequately mitigate risks and provide demonstrable value to the client
- Conduct research to maintain and expand knowledge on the latest security technologies and standards, as well as the threat and vulnerability landscape
- Work with security vendors to understand their solution offerings and advise clients on appropriate technologies
- Participate in the development and delivery of training programs to clients
- Review security-related events, assessing risk and validity, as well as reporting
Senior Security Engineer
Dimension Data Indonesia
11.2012 - 02.2015
- Support on client projects such as installation, configuration and troubleshooting network security solution
- Implement the enterprise network security solution ; Enterprise Firewall and Intrusion Prevention System
- Implement system protection using 2 factor authentication system (RSA Authentication Manager)
- Leader for Security Maintenance Team with main responsibility to handling incident, complaint, problem and service request for IT Security based on SLA agreed with customer
- Support and analyze traffic logs related to network breach incident (Checkpoint and Fortigate Firewall logs and Checkpoint IPS)
- Support and analyze email and proxy traffic logs related to email spam incident (Cisco Ironport & Bluecoat Proxy)
Security Analyst
Infracom Technology
06.2009 - 10.2012
- Support on client projects such as installation, configuration and maintain events management and compliance application
- Implement the security information event manager system that used to correlate security and application logs during investigations (Symantec Security Information Manager)
- Support and analyze events and alerts generated by security management application (Symantec Security Information Manager) to produce incident report
- Create custom collectors of security information and event management application (Symantec Security Information Manager)
- Implement the security compliance system that used to automatically assesses technical controls and evaluate controls against multiple regulations and security standards (Symantec Control Compliance Suite)
- Create custom standard of security compliance application
- Involved as security analyst in Vulnerability Assessment Project
- Conduct Proof Of Concept (PoC) and do presentation of PoC result to the customer
- Provide consultation about maintaining event log management and compliance application
Education
Telecommunication Engineering - Department of Electrical Engineering
Bandung Institute of Technology
01.2009
Skills
- Risk management
- Incident response
- Technical controls
- IT security management
- Network security
- Information security management system
Certification
- CISSP – Certified Information Systems Security Professional
- CISM - Certified Information Security Manager
Training
- Symantec Security Information Manager (SSIM) and Control Compliance Suite (CCS), 01/01/09, Jakarta
- BCNE (Brocade Certified Network Engineer) FastTrack Training - Fast Track to BCNE Qualification, 01/01/10, Jakarta
- Splunk Deployment Architect, 01/01/10, Singapore
- Symantec PGP, 01/01/11, Jakarta
- Riverbed Bootcamp, 01/01/12, Jakarta
- Splunk Architect Preparation, 01/01/13, Jakarta
- FireEye APT Technical Training, 01/01/14, Jakarta
- ITIL Foundation Course, 01/01/15, Malaysia
- CISSP Training and Exam Preparation, 05/01/19
- CCSP Training and Exam Preparation, 12/01/22
- CISM Training and Exam Preparation, 07/01/23
Languages
- Indonesia, Mother tongue
- English, Fluent
Personal Information
- Date of Birth: 11/18/86
- Gender: Male
Timeline
Information Security Manager
AXA Mandiri Financial Services
11.2022 - Current
Infrastructure Security Specialist
AXA Services Indonesia
04.2016 - 11.2022
Infrastructure Security Consultant
Accenture Indonesia
03.2015 - 03.2016
Senior Security Engineer
Dimension Data Indonesia
11.2012 - 02.2015
Security Analyst
Infracom Technology
06.2009 - 10.2012
Telecommunication Engineering - Department of Electrical Engineering
Bandung Institute of Technology
Similar Profiles
Alifiando Destara YusufAlifiando Destara Yusuf
Data Scientist at AXA Mandiri Financial ServicesData Scientist at AXA Mandiri Financial Services
MIRNA DAMAYANTIMIRNA DAMAYANTI
Chief of Operations (COO) at PT AXA MANDIRI FINANCIAL SERVICESChief of Operations (COO) at PT AXA MANDIRI FINANCIAL SERVICES
Siti NurpadilahSiti Nurpadilah
IT Application Support Specialist at AXA Mandiri Financial ServicesIT Application Support Specialist at AXA Mandiri Financial Services