root@system:~# initiating_handshake...

:: PERIMETER SECURE ::

Ahmad Musyaffa'

SOC Analyst L1 | Cyber Threat Intelligence | AI Security
Developer of A.E.G.I.S

Contact Analyst View Credentials

SCROLL_DOWN

# /identity_verified

user@syaffa-security:~/summary

user@syaffa-security:~$ cat summary.txt

A 2024 graduate currently working as a SOC Analyst with hands-on experience in security monitoring, incident response, and threat analysis across enterprise environments. Beyond day-to-day SOC operations, actively engaged in Cyber Threat Intelligence, Threat Hunting, and the development of AI-powered security automation including independently building an AI Security Platform integrated with Gemini AI and multiple Threat Intelligence platforms. Passionate about bridging traditional security operations with modern AI capabilities to enhance detection, response, and threat advisory workflows.

# /system_logs

Sep 2024 - Present

SOC Analyst L1

PT Aplikanusa Lintasarta

Monitoring, collecting, and escalating security events from LogRhythm SIEM, correlating findings against MITRE ATT&CK framework to accurately classify and prioritize threats.
Executing malicious IP/Domain blocking on Fortigate and PaloAlto firewalls, and performing reputation analysis on IPs and file hashes using VirusTotal, AbuseIPDB, OTX AlienVault, and CrowdStrike as Threat Intelligence platforms.
Managing EDR (ESET) and XDR (Trend Micro, Microsoft Defender) platforms for continuous monitoring, detection, and response across endpoints and enterprise environments; currently transitioning to Cisco XDR.
Conducting threat analysis using Google Threat Intelligence (enterprise) to investigate and contextualize emerging threats.
Performing Threat Hunting based on active Threat Actor intelligence, leveraging the Cyber Kill Chain methodology to map adversary behaviors and uncover hidden indicators of compromise.
Authoring Security Advisory reports covering CVE trend analysis, including executive summaries, impacted systems, IOCs, and actionable mitigation recommendations with threat mapping aligned to MITRE ATT&CK and Cyber Kill Chain.
Producing Security Awareness Bulletins to educate stakeholders on active threats such as phishing campaigns and social engineering tactics.
Independently developing A.E.G.I.S, an AI-powered Security Platform integrated with Gemini AI and multiple Threat Intelligence platforms, with MITRE ATT&CK correlation embedded to streamline advisory analysis and publication workflows.
Building AI-driven automation pipelines to accelerate security report generation and reduce manual effort across SOC operations.
Managing security incidents end-to-end via ServiceNow ticketing system, ensuring compliance with SLA standards across all severity levels (Low to Critical).
Operating on a 24/7 shift-based schedule, maintaining consistent coverage and rapid response across all time windows.

Aug 2023 - Jan 2024

Developer Server Operation

PT Hadji Kalla (Internship)

Created automation system using GitLab CI/CD.
Integrated Resource Monitoring with Grafana.
Implemented SIEM using Wazuh (Blue Team).
Analyzed resource & security monitoring results.

Jan 2023 - Jun 2023

IT & Social Media

PT Mikrobisnis Digital Sejahtera (Internship)

Created content and graphic designs for promotion.
Designed official website (inamikro.id).
Launch and management of digital assets.

# /defense_capabilities

Security Ops

LogRhythm SIEM Splunk Wazuh Threat Intelligence Incident Response Burp Suite

Network & Cloud

Cisco Networking Mikrotik Fortigate Firewall PaloAlto AWS Google Cloud Docker

Dev & Automation

Python SQL HTML/CSS PHP Laravel GitLab CI/CD Grafana

Core Technology Stack

Python

Bash

Splunk

Docker

AWS

PHP

Laravel

Git

HTML5

CSS3

# /active_operations

FLAGSHIP PROJECT

A.E.G.I.S — AI Security Platform

Founder & Developer

The Automated Enhanced Generation Intelligence System is an elite cybersecurity operations platform designed to streamline incident response, automate log analysis, and provide real-time threat visualization.

STRATEGIC INTEGRATIONS

VirusTotal

Gemini

Shodan

AbuseIPDB

LevelBlue

Abuse.ch

LogRhythm

NIST NVD

CISA

MITRE

FIRST (EPSS)

AI / LLM Threat Intelligence SOC Automation Full-Stack Cloud

Automated Reporting Preview

VIEW PROJECT

SOC Shift Report Automation

SOC Shift Report automation — pulling data from SIEM and generating shift reports automatically.

Python Pandas Win32com Automation

ThreatLens Analyzer Preview

VIEW GALLERY (2)

ThreatLens Analyzer

SIEM log analysis tool to detect malicious IPs, Hashes, and visualize threat vectors.

Threat Intelligence Data Visualization SIEM API Integration

Threatvisory Preview

VIEW GALLERY (2)

Threatvisory

Security intelligence feed with CVE analysis, advisory reports, and threat mitigation guidance.

CVE Research Vulnerability Assessment Advisory Blue Team

ThreatRadar Preview

VIEW GALLERY (2)

ThreatRadar

CVE intelligence dashboard with exploit predictions, vendor posture analysis, and CISA KEV tracking.

CVE Database CISA KEV Exploit Prediction Analytics

# /credentials

Google Cybersecurity Professional

Google x Coursera

2025

Certified Cybersecurity Educator

Red Team Leaders

2025

Certified Network Security Practitioner

TheSecOps Group

2024

SOC Analyst L1 Bootcamp

Lintasarta x SGU

2024

Cisco Ethical Hacking Bootcamp

AI Labs x Indosat

2024

MTCNA

MikroTik

2024

LogRhythm Security Analyst (LRSA)

LogRhythm

2024

Intro to Critical Infrastructure Protection

OPSWAT Academy

2024

Cybersecurity Awareness Professional (CAPC)

Certiprof

2024

Junior Web Developer (BNSP)

LSP Informatika

2022

# /secure_link

Transmission Channels

Open for opportunities, collaborations, and security consultations.

amusyaffa32@gmail.com Linkedin Profile

+62 822 3668 2128

ENCRYPTED MESSAGE