About Me

Introduction

I am Muhammad Hikmah Husnuzon, a passionate Cyber Security professional with a strong academic background and over three years of experience in Vulnerability Assessment and Penetration Testing (VAPT) across industries such as banking, payment gateways, F&B, tourism, and operational technology. I also specialize in SIEM development, SOC, Cyber Threat Intelligence (CTI), and OSINT. With excellent communication and leadership skills, I excel in leading projects, collaborating with teams, and engaging with clients to deliver effective cybersecurity solutions.

Work Experience Highlights

• Cyber Security Engineer (Internship) at State Polytechnic of Batam (Apr 2024 – Mar 2025): Involved in SOC development, Digital Forensics and Incident Response (DFIR), Moodle security, OJS security, and penetration testing on internal applications.
• Cyber Security Engineer (Contract) at Confidential (Jul 2024 – Juni 2025): Led DFIR projects for banking institutions, conducted VAPT on infrastructure, mobile applications, and APIs in various sectors (oil & gas, banking, fintech), and led SIEM implementation with Wazuh and Grafana, integrating threat intelligence and SOAR.
• Penetration Tester (Contract) at Merdeka Siber Academy (Oct 2023 – Jul 2024): Specialized in Web and Mobile Applications Penetration Testing, identifying and addressing security vulnerabilities.
• Security Researcher (Bug Hunter) at Hackerone and Bugcrowd (May 2021 - Present): Actively hunts for security vulnerabilities in bug bounty programs, with Hall of Fame recognition from John Deere (2024) and Lenovo (2024).

Education

Bachelor Degree in Cyber Security, Politeknik Negeri Batam (Aug 2021 - Aug 2025 Expected)
GPA: 3.96/4.00

Skills

Software

Metasploit, Wireshark, Nmap, Burpsuite, Nessus, Acunetix, Nuclei, Microsoft Office.

Operating System

Kali Linux, Redhat, Ubuntu, Windows, macOS.

Programming Language

Python, Bash.

Other

Network Security, CVSS, Create VAPT Report, Google Dorking, Vulnerability Assessment, Penetration Testing (API, Desktop, Web, Mobile), System Information Event Management (SIEM), Open Source Intelligence (OSINT), Public Speaking.

Achievements & Projects

• Projects (2022): Design Implement SIEM (Wazuh for monitoring and detecting anomalous activities).
• Projects (2023): VAPT of Web Application (internal Faculty Information System and Confidential).
• Projects (2023): Playing Defense: Building a Qradar-Based SOC to Detect and Respond to Phishing Malware Attacks.
• Projects (2023): Public Speaker at Cybersecurity Awareness Workshop (SMKN 1 Batam, SMKN 1 Tanjungpinang, SMK MHS Batam).
• Projects (2024): VAPT Project Banking and Fintech (mobile and web applications).
• Achievements (2024): Certified Threat Intelligence Analyst (C|TIA), Certified Ethical Hacker v12 (C|EH).
• Achievements (2023): Red Hat Certified System Administrator (RHCSA), Silver Certificate (Cisco NetAcad Riders 2023), IBM Security Operations Center in Practice, IBM Getting Started with Threat Intelligence and Hunting, IBM Enterprise Security in Practice.
• Achievements (2022): Junior Network Administrator (Lembaga Sertifikasi Profesi Informatika, Badan Nasional Sertifikasi Profesi).