STATUS: ONLINE · AVAILABLE FOR PROJECTS

> whoami Rifqi Rofian
Tanamas

role: Lead Technical — SOC & Cybersecurity
focus: Incident Response · SIEM Engineering · Security Automation
loc: Tangerang, Indonesia

I build and lead Security Operations programs that actually reduce risk — tuning detections, automating analyst toil, and coordinating response across government and financial sectors. 3+ years blue-team experience across SOC L1/L2, SIEM (Splunk, QRadar, Wazuh), and endpoint security at enterprise scale.

view projects get in touch linkedin
SOC Lead Splunk QRadar Wazuh CrowdStrike SentinelOne Python CyberArk
rifqi@soc bash ~/portfolio
rifqi@soc:~$ cat identity.yaml
name: Rifqi Rofian Tanamas
title: Lead Technical — Cybersecurity
years_exp: 3+
sectors: [government, financial]
certs: [CySA+, ISO/IEC 27001, CyberArk L1, IBM CyberSec]
rifqi@soc:~$ ./now.sh
[+] Leading 7-person SOC L1 team
[+] Automating triage w/ Python (↓70% false ops)
[+] Tuning Splunk use cases (↓90% false positives)
rifqi@soc:~$
// 01

# about

Rifqi Rofian Tanamas
> cat /etc/profile

Blue-team engineer & SOC lead

Tangerang · Indonesia · UTC+7

Cybersecurity professional with 3+ years of progressive experience in SOC operations, incident response, and security automation. Proven in leading cross-functional teams, developing Splunk use cases, optimizing threat detection, and ensuring SLA adherence in enterprise security environments. Experienced in delivering IT security projects across government and financial sectors — including AV deployment, SIEM integration, and threat monitoring. Strong foundation in CSIRT principles, audit response, and aligning technical outcomes with business requirements.

CSIRT SIEM Engineering Incident Response Security Automation Endpoint Security Identity & Access
// metric
0
Years in cybersecurity (+IT support background)
// metric
0
Endpoints protected in a single AV rollout
// metric
0%
False-positive reduction via Splunk tuning
// 02

# experience

role#01

Lead Technical — Cybersecurity

Focus Solusi Infotama · Jakarta, Indonesia
Jul 2024 — Present
  • Led a 7-person L1 SOC team — direction, mentoring, and conflict resolution.
  • Built Python automation that cut analyst error and lifted blocking accuracy by 70%.
  • Engineered Splunk dashboards & use cases, reducing false positives by 90%.
  • Handled complex incidents as L2 analyst and provided escalation support.
  • Led Bitdefender rollout to 2,850 endpoints with a 4-person team.
  • Bridged client and vendor, aligning technical deliverables with project goals.
Splunk CrowdStrike ExtraHop Ixia ThreatArmor Bitdefender Python Jira
role#02

IT Security Engineer

PT. CIMB Niaga Finance · Jakarta, Indonesia
Apr 2024 — Present
  • Operated AV platforms: PandaSecurity, SentinelOne, Kaspersky.
  • VPN support, password resets, and privileged access reviews via CyberArk.
  • Daily Active Directory operations and GPO validation.
CyberArk Active Directory SentinelOne VPN
role#03

Cybersecurity Engineer

PT Alpha Citra Siber Indonesia · Jakarta, Indonesia
Jun 2023 — Apr 2024
  • Monitored & triaged ~20 incidents/week across 3 client environments (Splunk, QRadar, Wazuh).
  • Enhanced detection logic — lifted alert accuracy, lowered escalations.
  • Partnered with admins and vendors for threat mitigation.
  • Contributed to Splunk documentation and SOC knowledge base.
Wazuh Splunk QRadar Jira SentinelOne
role#04

IT Support Technician

Universitas Multimedia Nusantara · Tangerang, Indonesia
Jul 2019 — Jun 2023
  • Desktop support, system maintenance, and AV updates.
  • Diagnosed hardware/software issues and managed user accounts securely.
// 03

# selected projects

PROJECT_01 · ENDPOINT
2024

Antivirus Deployment — BPS

Project Lead for a Bitdefender rollout across 2,850 endpoints at Badan Pusat Statistik. Managed a cross-functional team, ensured SLA compliance, minimized disruption, and delivered hands-on operator training.

  • 2,850 endpoints onboarded with zero critical downtime
  • 4-person delivery team, vendor-client alignment
  • Playbooks + training for long-term operability
Bitdefender Project Mgmt AV Ops
PROJECT_02 · DETECTION ENG
2024

SOC Automation & Dashboarding — DJBC

Technical advisor and implementer for Python-based SOC automation and Splunk dashboards at DJBC. Developed custom use cases and optimized alert logic, cutting false positives by 90%.

  • Python automation for triage & enrichment
  • Splunk dashboards tailored to analyst workflows
  • Custom detection use cases and tuning loops
Splunk Python Detection Engineering
PROJECT_03 · MULTI-CLIENT SOC
2023 — 2024

Multi-Client SIEM Operations — ACSI

SOC L1 Analyst for real-time monitoring and triage of 20+ weekly incidents across 3 managed clients. Documented alert standards to support CSIRT operations and onboarding.

clients
3
weekly incidents
20+
siems
3
Splunk QRadar Wazuh CSIRT
// 04

# skills & tooling

./skills --category=core
SIEM & Detection90%
SplunkQRadarWazuh
Endpoint Security85%
SentinelOneCrowdStrikeBitdefenderKasperskyTrendMicro
Identity & Access80%
CyberArkActive DirectoryGPO
Incident Response85%
CSIRTThreat IntelIDS/IPS
./skills --category=automation-and-soft
Automation & Scripting75%
PythonBashGit
Platforms85%
Windows ServerLinuxiOS
Leadership & Project90%
Team LeadMentoringStakeholder MgmtTraining
Comms & Reporting90%
Technical WritingAudit ResponseJira
// 05

# certifications & education

> ls certifications/
CompTIA CySA+ · Cybersecurity Analyst
ISO/IEC 27001 Associate · SkillFront
Cybersecurity Engineer · Digitalent
Fundamental Web Security · BelajarSiber
CyberArk Level 1 Trustee
IBM Cybersecurity Fundamentals
Google IT Support Fundamentals
> ls education/
Nusa Mandiri University
Bachelor's — Information Systems
2021 — 2023 · GPA 3.67
Bina Sarana Informatika University
Associate — Information Systems
2018 — 2021 · GPA 3.72
> ls education/informal/
  • Digitalent — Cybersecurity Technician (2022)
  • BelajarSiber — Fundamental Web Security (2022)
// 06

# contact

> establishing secure channel…

Let's build a safer stack.

Open to SOC leadership, detection engineering, incident response, and cybersecurity consulting engagements. I respond within 24 hours.

rifqirofian@gmail.com linkedin.com/in/rifqirofian +62 895-6357-57579
contact.log
rifqi@soc:~$ whois rifqi
name: Rifqi Rofian Tanamas
loc: Tangerang, Indonesia (UTC+7)
avail: open to opportunities
rifqi@soc:~$ connect --secure
[+] TLS handshake complete
[+] channel established