Huri Hidayat

I am an experienced IT Security Consultant with a strong background in cybersecurity strategy, information security governance, and risk-based implementation of ISO/IEC 27001. Over the years, I’ve supported various organizations in enhancing their cybersecurity posture through structured audits, regulatory alignment, and secure architecture design. My work is rooted in both compliance and hands-on technology. I have delivered full-cycle ISO 27001 projects—from establishing the ISMS framework and defining asset risk profiles, to conducting internal audits and ensuring continual improvement post-certification. I’ve assisted businesses across multiple industries, particularly SMEs and financial institutions, in aligning their security operations with international standards while addressing local compliance like PADG and PBI requirements.

Technically, I have a strong command of SIEM and SOC development using open-source tools. I design and implement monitoring environments using Wazuh, Elasticsearch, and Graylog, and integrate threat intelligence feeds for deeper contextual analysis. This allows organizations to detect, triage, and respond to incidents quickly and efficiently. I’ve worked extensively with Linux systems, building custom scripts with Bash, Python, and Ansible to automate incident response, log correlation, and alert validation. I am passionate about security automation and believe that effective protection stems from combining smart policies with proactive tooling. With the growing complexity of threats, I help clients stay ahead by leveraging threat intel platforms like MISP, AbuseIPDB, and AlienVault OTX, enabling smarter and faster detection.

Beyond technical capabilities, I bring a collaborative mindset and clear communication to every project. I ensure that security initiatives are not just technically sound, but also understood and embraced by stakeholders at every level. My approach is practical, scalable, and tailored to the real-world challenges businesses face today.

If you're looking for someone who not only understands compliance but also knows how to operationalize security through automation, visibility, and smart detection, I’d be glad to help. Let’s connect and explore how we can strengthen your organization’s digital resilience together.