Available for projects

Rifqi Rofian
Tanamas

Role — Lead Technical, SOC & Cybersecurity

Focus — Incident Response · SIEM Engineering · Security Automation

Location — Tangerang, Indonesia

I build and lead Security Operations programs that actually reduce risk — tuning detections, automating analyst toil, and coordinating response across government and financial sectors. 3+ years blue-team experience across SOC L1/L2, SIEM (Splunk, QRadar, Wazuh), and endpoint security at enterprise scale.

View projects Get in touch LinkedIn
SOC Lead Splunk QRadar Wazuh CrowdStrike SentinelOne Python CyberArk
Rifqi Rofian Tanamas
$ cat identity.yaml
name: Rifqi Rofian Tanamas
title: Lead Technical — Cybersecurity
years_exp: 3+
sectors: [government, financial]
certs: [CySA+, ISO 27001, CyberArk L1, IBM CyberSec]
$ ./status.sh
[+] Leading 7-person SOC L1 team
[+] Automating triage w/ Python (70% fewer false ops)
[+] Tuning Splunk use cases (90% fewer false positives)
01

About

Cybersecurity professional with 3+ years of progressive experience in SOC operations, incident response, and security automation. Proven in leading cross-functional teams, developing Splunk use cases, optimizing threat detection, and ensuring SLA adherence in enterprise security environments. Experienced in delivering IT security projects across government and financial sectors — including AV deployment, SIEM integration, and threat monitoring. Strong foundation in CSIRT principles, audit response, and aligning technical outcomes with business requirements.

CSIRT SIEM Engineering Incident Response Security Automation Endpoint Security Identity & Access
Metric
0
Years in cybersecurity
Metric
0
Endpoints protected in a single AV rollout
Metric
0%
False-positive reduction via Splunk tuning
02

Experience

Lead Technical — Cybersecurity

Focus Solusi Infotama · Jakarta, Indonesia
Jul 2024 — Present
  • Led a 7-person L1 SOC team — direction, mentoring, and conflict resolution.
  • Built Python automation that cut analyst error and lifted blocking accuracy by 70%.
  • Engineered Splunk dashboards & use cases, reducing false positives by 90%.
  • Handled complex incidents as L2 analyst and provided escalation support.
  • Led Bitdefender rollout to 2,850 endpoints with a 4-person team.
  • Bridged client and vendor, aligning technical deliverables with project goals.
Splunk CrowdStrike ExtraHop Ixia ThreatArmor Bitdefender Python Jira

IT Security Engineer

PT. CIMB Niaga Finance · Jakarta, Indonesia
Apr 2024 — Present
  • Operated AV platforms: PandaSecurity, SentinelOne, Kaspersky.
  • VPN support, password resets, and privileged access reviews via CyberArk.
  • Daily Active Directory operations and GPO validation.
CyberArk Active Directory SentinelOne VPN

Cybersecurity Engineer

PT Alpha Citra Siber Indonesia · Jakarta, Indonesia
Jun 2023 — Apr 2024
  • Monitored & triaged ~20 incidents/week across 3 client environments (Splunk, QRadar, Wazuh).
  • Enhanced detection logic — lifted alert accuracy, lowered escalations.
  • Partnered with admins and vendors for threat mitigation.
  • Contributed to Splunk documentation and SOC knowledge base.
Wazuh Splunk QRadar Jira SentinelOne

IT Support Technician

Universitas Multimedia Nusantara · Tangerang, Indonesia
Jul 2019 — Jun 2023
  • Desktop support, system maintenance, and AV updates.
  • Diagnosed hardware/software issues and managed user accounts securely.
03

Selected Projects

Endpoint · 2024

Antivirus Deployment — BPS

Project Lead for a Bitdefender rollout across 2,850 endpoints at Badan Pusat Statistik. Managed a cross-functional team, ensured SLA compliance, minimized disruption, and delivered hands-on operator training.

  • 2,850 endpoints onboarded with zero critical downtime
  • 4-person delivery team, vendor-client alignment
  • Playbooks + training for long-term operability
Bitdefender Project Mgmt AV Ops
Detection Eng · 2024

SOC Automation & Dashboarding — DJBC

Technical advisor and implementer for Python-based SOC automation and Splunk dashboards at DJBC. Developed custom use cases and optimized alert logic, cutting false positives by 90%.

  • Python automation for triage & enrichment
  • Splunk dashboards tailored to analyst workflows
  • Custom detection use cases and tuning loops
Splunk Python Detection Engineering
Multi-Client SOC · 2023 — 2024

Multi-Client SIEM Operations — ACSI

SOC L1 Analyst for real-time monitoring and triage of 20+ weekly incidents across 3 managed clients. Documented alert standards to support CSIRT operations and onboarding.

Clients
3
Weekly Incidents
20+
SIEMs
3
Splunk QRadar Wazuh CSIRT
04

Skills & Tooling

Core
SIEM & Detection90%
SplunkQRadarWazuh
Endpoint Security85%
SentinelOneCrowdStrikeBitdefenderKasperskyTrendMicro
Identity & Access80%
CyberArkActive DirectoryGPO
Incident Response85%
CSIRTThreat IntelIDS/IPS
Automation & Leadership
Automation & Scripting75%
PythonBashGit
Platforms85%
Windows ServerLinuxiOS
Leadership & Project90%
Team LeadMentoringStakeholder MgmtTraining
Comms & Reporting90%
Technical WritingAudit ResponseJira
05

Certifications & Education

Certifications
CompTIA CySA+ · Cybersecurity Analyst
ISO/IEC 27001 Associate · SkillFront
Cybersecurity Engineer · Digitalent
Fundamental Web Security · BelajarSiber
CyberArk Level 1 Trustee
IBM Cybersecurity Fundamentals
Google IT Support Fundamentals
Education
Nusa Mandiri University
Bachelor's — Information Systems
2021 — 2023 · GPA 3.67
Bina Sarana Informatika University
Associate — Information Systems
2018 — 2021 · GPA 3.72
Informal
  • Digitalent — Cybersecurity Technician (2022)
  • BelajarSiber — Fundamental Web Security (2022)
06

Contact

Let's connect

Open to SOC leadership, detection engineering, incident response, and cybersecurity consulting engagements.

I typically respond within 24 hours.

rifqirofian@gmail.com LinkedIn +62 895-6357-57579
$ whois rifqi
name: Rifqi Rofian Tanamas
loc: Tangerang, Indonesia (UTC+7)
avail: open to opportunities
$ connect --secure
[+] TLS handshake complete
[+] channel established