YUDA PRAWIRA
A dedicated and driven professional with extensive experience gained within key software engineering and
development positions. Senior level programmer, experienced Full-stack Developer with a wide range of
backend technologies for many different industries primarily in Python Programming and Django. A Skilled
DevOps Engineer with extensive experience with Cyber Security expertise. supporting, securing, automating,
and optimizing mission critical deployments in AWS, CI/CD, and DevOps processes.
TECHNICAL SKILLS
•
Programming languages: Python, PHP, Perl, C, Lua, UNIX/Linux shell and standard toolkit, Assembly,
SQL, C, and many others.
•
Web front end: HTML5, CSS3, JavaScript, jQuery, Vue.js, Bootstrap 4.
•
Database: MySQL, PostgreSQL, MongoDB, SQLite
•
Operating systems and environments: Unix, Linux & Windows.
•
Other: Unit testing, TDD, SVN, Git, Docker, AWS services (EC2, S3, Route53, SQS, IAM, CloudWatch,
CloudFormation).
•
Functions: Document design, schema design, programming, standards development, presentation, R &
D, Lead technical Team, systems design (structured, object-oriented, flow-based), database design,
design walk-through and review, code walk-through and review, program testing, product testing,
documentation.
PROFESSIONAL EXPERIENCES
YOUR BRAND, Georgia, GA
2018 – Current
Full Stack Software Developer
•
Designed the architecture and implemented a user-friendly layout interface.
•
Developing the front-end and backend application using Django, creating API endpoint using REST
Framework.
•
Developing a single page application with JavaScript and Vue.js library.
•
Optimizing server and application code to be able to handle multiple connection at once.
•
Deploy, configure, maintain developed apps to Amazon AWS EC2, CloudWatch, RDS.
•
Writing Multi-threaded backend application.
•
Configure Mail Server for SMTP and POP3 using Dovecot and Postfix and enhance email deliveries
STOCKTWITS TOP, Georgia, GA
2017 – 2018
Full Stack Software Developer
•
Integrating Firehose Data Stream from stocktwits.com with real-time Quantitative Trading Algorithm.
•
Implement and enhance trading strategies into automated trading advisor by democratizing the
trading ideas on US Stock Market Exchange including: NYSE, NASDAQ, OTC market.
•
Setting and Tuning MariaDB database server for mission critical data computation to achieve realtime trading signal and advice.
•
optimizing the code, and simplify complex trade calculation for better speed of real-time data
calculation.
•
Implementing trading algorithm into backend application to handle multiple trading strategies and
display as Trading Advisor.
NATIONAL COUNTER TERRORISM AGENCY (BNPT), Jakarta, JKT
2014 – 2017
Cyber Security Advisor
•
3 Years consulting position working in core Cyber Security in the CCT core team.
•
Wrote and maintain cybersecurity strategies, technical reference, principles, patterns and roadmap;
provide guiding support on the selection and operation of cybersecurity tools to analyze, identify,
prevent and respond to security alerts, threats and attacks.
•
Designed and Implementing methodologies, standard operation, and life-cycle first generation of
Cyber Counter Terrorism (CCT) Group.
•
Developed the infrastructure and software using Python, Unix shell, and Lua for the Cyber Security
Command Center.
•
Developed custom router firmware based on Open WRT and Custom Network Firewall for Cyber
Security Command Center.
•
Design entire software infrastructure including Backend and Front-end.
•
Design the architecture, security protocol, and security software for Cyber Security Command Center.
•
Developing a secured users authentication system which isn't based on SSL (i.e. uses the https
protocol). The system is safe against XSS and network sniffing attempts to steal the user password,
safe against session steal, safe against replay attacks supports IP roaming, and some more
features...)
CR0SECURITY, Jakarta, JKT
2014 – 2015
Chief Technology Officer
•
Design business model, wrote available services and presentation to engage client and held meeting.
•
Wrote various Cyber Security software for security testing and audits purpose using Python, Perl, and
Lua.
•
Pre-engagement Interactions with client and listening to their network and software scope to be
tested.
•
Implementing main methodologies PTES execution standard such as: Intelligence gathering, Threat
Modelling, Vulnerability Analysis, Exploitation, Post Exploitation, and Reporting.
PINHARD SECURITY, Jakarta, JKT
2013 – 2014
Cyber Security Analyst
•
Auditing client network infrastructure, and software infrastructure.
•
Auditing client end-user apps including Mobile, Web based, Backend, and Desktop.
•
Implementing PTES Standard, running White Box, Grey Box, Black Box methodologies security
audits.
•
Writing extensive and detailed reviews of Penetration Testing Report. Including: Technical Report and
Executive summary.
MEDIA WEBSITE PLUS, Jakarta, JKT
2009 – 2013
Senior Web Programmer
•
Writing PHP, MySQL, JavaScript, and jQuery Based custom web application software.
•
Providing development services for web & mobile apps.
•
Design, Deploy, and maintain of multiple client databases.
•
Design overall architecture for custom web 2.0 design.
•
Wrote SaaS application such as: Crowdsourced Social Media Exchange, Crowdsourced Realty
website, Twitter account centralization with Twitter API, Game League with Leaderboard System.
•
Design SEO friendly web template, and implement white-hat SEO for increasing Web SERP on
Google Search Engine.
•
Webmaster of multiple client website to enhance SEO score and visibility.
TEACHING / PRESENTATION
•
BPPT, Cr0security Certified Security Testing full week of training about Cyber Security, Pentest, and
how to secure network infrastructure and system and web services. 2016.
•
Kuningan University National Conference, Prepare yourself for Digital Cyber Security, 2012.
•
STMIK Rosma, Defending your network and application from the Bad Guy, 2013.
•
Jogjakarta IT Security Conference, Writing your own shellcode, 2014.
PUBLICATION
•
Linux Buffer Overflow, 2010.
•
Windows Buffer Overflow, 2012.
•
How to Write Shellcode, 2010.
EDUCATION
BSc in Computer Science, Bina Nusantara University
OPEN SOURCE PROJECTS
•
Darkjumper
an Open Source project that will test website security. It will assess web app security in every website
that host at the same server by reversing its Ip Address. Then try to find the vulnerability (SQL
Injection, Local File Inclusion, Remote File Inclusion, Remote Code Execution) of each website on the
same host. Written in python. https://sourceforge.net/projects/darkjumper/
•
Devilzc0decracker
Devilzc0decracker is Md5 & Sha1 algorithm cracker, generator encrypter and multiple function .
Written by perl. http://sourceforge.net/projects/devilzc0decrack/
•
PyProxy
PyProxy is an automated proxy collector, A high-level cross-protocol python library.
https://sourceforge.net/projects/pyproxy/
•
StackFlower
An app security stress test. Stack Brute-force utility against buffer overflow programs with ASLR.
Provides polymorphic shellcode for /bin/sh.
http://packetstormsecurity.org/files/92338/Stack-Brute-Forcing-Utility-2.html
KEYWORDS
Python
CSS5
Redis
PostgreSQL
Bash
HTML5
Vue.js
Python
Php
JavaScript
jQuery
Django
MySQL
SQLite
App engine
Selenium
Git
Git
Celery
EC2
Linux
AWS
MongoDB
CentOS
Nginx
Docker
Ruby
Bootstrap
Apache
Cyber Security
Financial
RedHat
