Summary
Overview
Work History
Education
Skills
Timeline
Generic
Andrie Prabudhi

Andrie Prabudhi

IT Business Information Security Officer
Jakarta,JK

Summary

IT BISO at PT Bank Jago Tbk, adept at enhancing security postures and ensuring compliance with Regulatory and International standards.

Overview

18
18
years of professional experience

Work History

BISO (Business Information Security Office)

PT Bank Jago Tbk
09.2022 - Current
  • Implement the CISO’s strategic directives at both operational and strategic levels to strengthen the overall security posture.
  • Serve as the Audit Liaison for external auditors, regulators, and internal audit teams, acting as a bridge between cybersecurity and business to ensure alignment with organizational goals.
  • Lead the design and delivery of security awareness training programs, such as phishing campaigns and e-learning.
  • Act as the main PIC for ISO 27001:2022, managing the scope related to the cybersecurity domain, to ensure compliance and alignment with ISO objectives.
  • Administrator of Google Workspace (GWS), responsible for user account management, group and distribution list administration, and implementing security controls such as data loss prevention (DLP), single sign-on (SSO) integration with external parties, context-aware access (CAA) for BYOD devices, web filtering, data classification, and data sharing policies.
  • Implemented security hardening on Windows, utilized Group Policy Objects (GPO) to automate security baselines on Windows, while implementing manual configurations on the IBM AS/400 machine to strengthen system security and mitigate risks.
  • Serve as SWIFTNet Security Officer (LSO/RSO), administering Online Operations Manager (O2M) by enforcing four-eyes approvals, and maintaining RBAC delegations.
  • Part of the DevSecOps team with strong knowledge of IT security tools and agile processes, including Identity and Access Management (IAM), antivirus solutions, firewalls, vulnerability assessment (VA), penetration testing, SIEM, WAF, and Data Loss Prevention (DLP), with hands-on experience using Jira to manage and track tasks effectively.
  • Created and implemented the KKS (Ketahanan dan Keamanan Siber) framework from scratch by fulfilling all Bank Indonesia (BI) requirements, including developing risk maturity assessments, drafting SOPs, and security policies, conducting security awareness programs, and establishing a cross-functional CSIRT team.
  • Provide IT security support by responding to user-reported issues, coordinating between end users and the security team, and ensuring timely resolution of problems.


IT Senior Security Specialist

PT. Home Credit Indonesia
12.2018 - 09.2022
  • Develop, refine, and implement information security policies and guidelines to ensure full compliance with local and group regulatory requirements.
  • Collaborate across departments to assess and advise on IT risk exposure, actively challenging first-line teams to strengthen their security posture.
  • Lead due diligence efforts on external partners to ensure alignment with internal policies and enterprise risk management standards.
  • Managed the project that led to the organization’s first ISO 27001:2013 certification, ensuring all requirements were met, and teams were aligned.
  • As a key member of the IT Security Operations team in a multi-company organization, my responsibilities include participating in strategic meetings with managers across different countries to shape the cybersecurity roadmap. The role also involves executing day-to-day security operations, such as conducting vulnerability scans, tracking and driving the remediation of penetration test findings, and ensuring the continuous availability and optimal performance of critical security systems, including firewalls, SIEM, WAF, and antivirus solutions.

IT Operation Manager

PT. Mitra Transaksi Indonesia
09.2016 - 03.2018
  • Lead a team of IT network, voice, security, operations, and IT server specialists to effectively manage a complex and integrated infrastructure.
  • Ensure business continuity and resilience by managing critical projects, such as Data Center (DC) to Disaster Recovery Center (DRC) switchovers, and strengthening the environment with ongoing improvements.
  • Serve as the main point of contact for PCI-DSS certification initiatives, ensuring the organization successfully implements and maintains the necessary procedures for full compliance.
  • Creating and managing the IT Operations Department budget, strategically aligning both CAPEX and OPEX to support business goals within financial constraints.
  • Coordinate with vendors to expedite the resolution of complex IT infrastructure issues, while reducing and transferring risk through maintenance agreements and SLAs, by preparing RFPs and TORs, and reviewing MSAs, NDAs, and other relevant project documentation.
  • Change & Compliance Management: Supervise and approve all change requests, conducting daily reviews of system logs to ensure security and compliance.
  • Incident Response: Act as the primary point of contact for all IT security incidents, leading the response and resolution efforts.
  • As the Security Operations Center (SOC) Team Lead, I am responsible for managing all security events and incidents, from initial detection through to final resolution. Lead the team's review of firewall rules and system logs, conduct periodic vulnerability assessments, penetration tests, and manage key security tools, such as antivirus, WAF, and firewalls.
  • Foster a culture of continuous learning within the team by providing coaching, mentoring, and opportunities to ensure our team remains current with industry standards.

Network Engineer

PT. Mastersystem Infotama
10.2010 - 09.2016
  • Lead and manage the network implementation team, guiding junior members through project delivery and technical challenges.
  • Act as a trusted advisor to clients, analyzing their network environment, and providing expert recommendations to optimize performance.
  • As team lead, I ensure all projects are delivered on time, and I manage ongoing maintenance to uphold contractual SLAs.
  • Align network solutions with client IT roadmaps, researching new and end-of-life equipment to recommend the best technology.
  • Develop and present comprehensive project documentation, including high-level designs, low-level details, migration plans, and user guides.
  • Possess deep technical expertise in core routing and switching technologies, including routing protocols, QoS, VLAN, firewall, WLAN, security posturing, and digital management systems.

Information Systems Management Officer

PT. Kiani Lestari
12.2007 - 10.2010
  • Conducted daily monitoring of all office systems to ensure optimal performance.
  • Assisted with accounting and audit processes.
  • Troubleshot internet connectivity issues promptly.
  • Provided technical support to end users.
  • Managed and maintained office application software.
  • Ensured reliable server connections and network stability.
  • Prepared and generated weekly and monthly operational reports.

Education

Bachelor of Science - Information Management

Universitas Gunadarma
Depok, Indonesia
04.2001 -

Skills

Friendly, positive attitude

Timeline

BISO (Business Information Security Office)

PT Bank Jago Tbk
09.2022 - Current

IT Senior Security Specialist

PT. Home Credit Indonesia
12.2018 - 09.2022

IT Operation Manager

PT. Mitra Transaksi Indonesia
09.2016 - 03.2018

Network Engineer

PT. Mastersystem Infotama
10.2010 - 09.2016

Information Systems Management Officer

PT. Kiani Lestari
12.2007 - 10.2010

Bachelor of Science - Information Management

Universitas Gunadarma
04.2001 -

Similar Profiles

CREATE PROFILE
Andrie PrabudhiIT Business Information Security Officer