Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic
KEVIN GABRIEL SITORUS

KEVIN GABRIEL SITORUS

CYBER SECURITY SPECIALIST
Jakarta

Summary

Passionate and self-driven cybersecurity professional with hands-on experience in penetration testing, vulnerability assessment, and responsible disclosure. Adept at identifying security flaws across web applications and infrastructure, with a strong track record of contributing to Vulnerability Disclosure Programs (VDPs) for educational institutions, private companies, and government organizations. Recognized through multiple acknowledgments including Hall of Fame listings and certificates of appreciation. Demonstrates strong analytical thinking, problem-solving skills, and ethical responsibility in securing digital ecosystems. Eager to grow continuously, adapt to new challenges, and contribute meaningfully to the evolving cybersecurity landscape. Results-driven IT professional with notable success in planning, analysis and implementation of security initiatives. Strengths in providing comprehensive network design and security frameworks. Certified in [Area of certification].

Overview

2
2
years of professional experience
2022
2022
years of post-secondary education
5
5
Certifications
2
2
Languages

Work History

Information Security Analyst (Freelance)

PT Siloam International Hospitals Tbk
05.2024 - Current
  • Conducted proactive vulnerability assessments on Siloam Hospital Group’s digital assets in coordination with their security team.
  • Identified and reported web-based security flaws responsibly through their internal or designated disclosure channels.
  • Collaborated with the cybersecurity team to validate findings and support remediation efforts.
  • Focused on common vulnerabilities such as IDOR, access control issues, and input sanitization flaws.
  • Provided detailed proof-of-concepts (PoC) and technical recommendations for each reported vulnerability.
  • Contributed to improving the organization’s overall security resilience by helping reduce real-world exploit risks.

Information Security Analyst

PT. Systech Global Informasi
02.2023 - Current
  • Conduct end-to-end penetration testing across web, mobile, API, and infrastructure to identify and exploit vulnerabilities.
  • Deliver clear technical documentation and executive-level reports, including scoping, walkthroughs, and remediation support for clients.
  • Participate in red teaming operations and threat modeling to simulate real-world attack scenarios and assess organizational resilience.
  • Collaborate with internal teams, share findings, and improve security testing methodologies through continuous learning and tool development.
  • Stay up to date with the latest CVEs, tools, and security trends while actively pursuing certifications and contributing to knowledge sharing initiatives.

Independent Security Researcher

Self-Employed
12.2022 - Current
  • Actively participated in various voluntary Vulnerability Disclosure Programs (VDPs) across public and private sectors.
  • Reported critical and high-impact vulnerabilities to CSIRT teams of universities, government bodies, and private companies.
  • Specialized in identifying security flaws in web applications, APIs, and infrastructure components.
  • Maintained responsible disclosure practices with clear documentation and proof-of-concept (PoC) reports.
  • Earned recognition such as Hall of Fame listings and appreciation certificates for impactful submissions.
  • Engaged as a bug hunter on local platforms like Redstorm, and international platforms such as HackerOne, Bugcrowd, and YesWeHack, showcasing a strong commitment to ethical hacking and cybersecurity advocacy.

Information Security Consultant

PT. Kolerasi Persada Indonesia
07.2023 - 08.2024
  • Proficient in delivering insightful reports to enhance IT security strategies
  • Skilled in executing simulated cyber-attacks to strengthen organizational defenses
  • Demonstrated success in uncovering and mitigating critical security vulnerabilities
  • Possess deep understanding of network protocols and ethical hacking techniques
  • Successfully optimized security measures, resulting in a decrease in security incidents
  • Forward-thinking in adapting to and mitigating emerging cybersecurity challenges

Application Security Engineer (L1 Support)

PT. Bank Rakyat Indonesia
07.2023 - 08.2024
  • Expertly support Dynamic Application Security Testing (DAST) processes upon request, ensuring comprehensive vulnerability scans
  • Develop standardized templates for web applications, services, and API initiatives to streamline security protocols
  • Produce detailed scanning reports for stakeholders, formatted in PDF and integrated with Atlassian Jira for efficient issue tracking
  • Craft and implement security patches for integration with Web Application Firewalls (WAF) to bolster defense mechanisms
  • Diligently filter and accurately tag false positive findings to maintain integrity of security data
  • Conduct meticulous manual security testing to resolve any complications arising during DAST procedures
  • Proactively manage the DAST request workflow within the Jira Kanban board, ensuring timely and organized task completion
  • Coordinate strategic meetings with the Business Risk Intelligence (BRI) team to address and mitigate risks identified in Application Security Testing

Education

HIGH SCHOOL DIPLOMA - Science Diploma

SMA Negeri 17

UNDERGRADUATE - undefined

Open Of University

Skills

Vulnerability Assessment & Penetration Testing

Security Report Writing & Responsible Disclosure

Knowledge of OWASP Top 10 & Common Exploits

undefined

Certification

ELearnSecurity Junior Penetration Tester by INE Security

Timeline

Information Security Analyst (Freelance)

PT Siloam International Hospitals Tbk
05.2024 - Current

ELearnSecurity Junior Penetration Tester by INE Security

07-2023

Information Security Consultant

PT. Kolerasi Persada Indonesia
07.2023 - 08.2024

Application Security Engineer (L1 Support)

PT. Bank Rakyat Indonesia
07.2023 - 08.2024

Certified Application Security Practitioner by TheSecOps Group

06-2023

Information Security Analyst

PT. Systech Global Informasi
02.2023 - Current

KMMI (CyberOps Associate) - Universitas Indonesia by Cisco Networking Academy

01-2023

Independent Security Researcher

Self-Employed
12.2022 - Current

IT Support Google by Coursera

11-2022

UNDERGRADUATE - undefined

Open Of University

HIGH SCHOOL DIPLOMA - Science Diploma

SMA Negeri 17

Similar Profiles

  • J.J. Roland Patty

    J.J. Roland PattyJ.J. Roland Patty

    Regional Human Capital Business Partner-East Area at PT. Siloam International Hospitals, TbkRegional Human Capital Business Partner-East Area at PT. Siloam International Hospitals, Tbk

  • Hotma Uli Siahaan

    Hotma Uli SiahaanHotma Uli Siahaan

    Business Development Specialist at PT Siloam International HospitalsBusiness Development Specialist at PT Siloam International Hospitals

  • Shinobu Kamo

    Shinobu KamoShinobu Kamo

    Japanese market Executive at PT. Siloam International Hospitals (Lippo group)Japanese market Executive at PT. Siloam International Hospitals (Lippo group)

  • Luthfiah Luthfiah

    Luthfiah LuthfiahLuthfiah Luthfiah

    Collection Manager at PT. Infobip Technology IndonesiaCollection Manager at PT. Infobip Technology Indonesia

  • Okky Purnama

    Okky PurnamaOkky Purnama

    Sales Officer at CV. Putra Mandiri TeknikSales Officer at CV. Putra Mandiri Teknik

CREATE PROFILE
KEVIN GABRIEL SITORUSCYBER SECURITY SPECIALIST