Cyber Security Engineer
Son Sulung Suryahatta Asnan
Cloud Security Consultant at PT ITSEC Asia. Building secure infrastructure and breaking insecure ones. CS graduate from Universitas Indonesia with a passion for offensive security.
Experience
2025 — Present
Cloud Security Consultant
PT ITSEC Asia Tbk
- • Vulnerability assessments & penetration testing on AWS, GCP, Azure
- • Cloud Security Posture Management (CSPM) and security best practices
- • Kubernetes security assessments and container hardening
2024
DevSecOps Engineer
Telkomsel
- • Integrated SAST/DAST into CI/CD pipelines
- • Software Composition Analysis (SCA) for third-party dependencies
- • Runtime Application Security Protection (RASP) monitoring
2024
Software Engineer
EXIS Bimbel & English
- • Full-stack development with Express.js, React.js, PostgreSQL, TypeScript
- • Deployed on Vercel and Dewacloud
Achievements
🥉 3rd
National Cyber Week 2023
🥇 4th
HackToday 2023
🏆
Finalist CTF Gemastik 16
Open Source Contributions
Prowler (CSPM)
Cloud security posture checks — GCP DNS policy, AWS S3 public object detection
Pacu (AWS Exploitation)
AWS exploitation framework — PR #491 resolved
Halberd (Vectra AI)
Active defense tooling — PR #86, #87
Nettacker (OWASP)
Automated penetration testing framework — PR #1101
ALFA (Invictus IR)
Cloud incident response tooling — PR #17
Skills
Security
- • Penetration Testing
- • Cloud Security (AWS/GCP/Azure)
- • Kubernetes Security
- • Web Application Security
- • Digital Forensics
- • Reverse Engineering
DevSecOps
- • SAST / DAST / SCA / RASP
- • CI/CD Pipeline Security
- • Docker & Container Security
- • Infrastructure as Code
Tech Stack
- • Python, Java, TypeScript
- • React, Express.js, PostgreSQL
- • Linux, Git, Docker
Certifications
eJPTv2AWS Cloud PractitionerCAPCSEDP