Fikri Attamami Laguliga

Sr Information Technology Security Specialist @ PT. XL Axiata Tbk | Information Security, Security Systems

Jakarta Metropolitan Area

About

As an Information Technology Security Specialist at XL Axiata, I serve as a Security Defense expert focused on strengthening the organization’s cybersecurity posture. I am responsible for reviewing and fine-tuning security perimeter policies, conducting vulnerability and compliance assessments across critical assets such as operating systems, databases, and services, and responding effectively to cybersecurity incidents. A key highlight of my role is leading the design and implementation of Zero Trust Network Access (ZTNA) as part of our broader SASE strategy. This initiative ensures secure, identity-based access for both private and internet-facing resources, reducing the attack surface and enabling secure remote work across the organization. I have also successfully deployed API Security solutions to mitigate data leaks and prevent layer 7 attacks, while enhancing Extended Detection and Response (XDR) capabilities to improve visibility and threat correlation across cloud and on-prem environments. My scope includes cloud-based HIPS migration, firewall rule governance, asset exposure mapping, and automation of detection and response use cases. With a passion for building modern, scalable, and adaptive security architectures, I’m committed to advancing proactive defense strategies that align with evolving cyber threats and business needs.

Experience

  • Sr Information Technology Security Specialist at PT. XL Axiata Tbk
    May 2021 - Present · 5 yrs 3 mos

    Acting as a subject matter expert in cybersecurity to review, optimize, and tune perimeter security policies. 1.Leading vulnerability and compliance assessments on critical assets such as operating systems, databases, and services, ensuring remediation aligns with SLAs. 2.Driving the incident response process to handle cybersecurity events swiftly and effectively. Spearheading the implementation and cloud migration of Host Intrusion Prevention Systems (HIPS), as well as deploying API security solutions to protect against Layer 7 attacks and data leakage. 3.Developing and enhancing cybersecurity use cases, including automation for detection and response to increase incident response efficiency. 4.Advancing the organization's XDR capabilities by integrating visibility across various security devices, including cloud environments. 5.Managing firewall rule governance to ensure robust and well-audited access control. 6.Mapping IT assets based on cyber exposure and implementing targeted endpoint security controls. 7.Continuously tuning perimeter defenses including Endpoint Security, Network IPS, Container Security, WAF, and others. 8.Designing and implementing Zero Trust Network Access (ZTNA) and SASE solutions for secure private and internet access. 9.centralize asset visibility, automate data correlation across disconnected security dashboards, and eliminate critical coverage gaps

  • Mitra Integrasi Informatika, PT (1 yr 8 mos)
    • IT Security System Management
      Jul 2020 - May 2021 · 11 mos

      Assigned to the Telkomsel Project on the Trendmicro platform which is responsible for: 1.Maintain agent running in the server 2.Review intrusion prevention system event and log inspection event 3.Manage vulnerability patch for server 4.Maintain communication with Security Operation Center about daily threat 5.Deploy trendmicro agent to server production 6.Maintain server performance when agent is running

    • Information Technology Security Engineer
      Oct 2019 - Jul 2020 · 10 mos

      1. learn about IT security (blue team and red team) 2.Support the penetration testing process

  • Intern Data Governance and Security at Telekomunikasi Indonesia
    Jan 2019 - Jul 2019 · 7 mos

    1. develop the program to make more easier to governance the inventory from telkomsel https://github.com/eriklaguliga/digitouchpoint_beta 2. Study about DAMA framework

  • Researcher at Forensic And Security Laboratory
    Apr 2018 - Jul 2019 · 1 yr 4 mos

    Research about network security, linux fundamental, and pentester