Muhamad Faishol Hakim
DFIR Engineer — Digital Forensics & Incident Response
Cybersecurity professional with 3+ years of hands-on experience in blue team operations, specializing in digital forensics and incident response. Proven track record leading complex security investigations across Indonesia's state-owned enterprise sector, with expertise in malware analysis, evidence-based timeline reconstruction, and translating threat intelligence into actionable detection.
Technical Consultant Associate
PT FPT Metrodata Indonesia (Metrodata Group)
- Lead implementation and ongoing maintenance of enterprise security solutions — Tenable, Splunk, and Elastic — ensuring optimal deployment and operational continuity
- Spearheaded 10+ DFIR engagements across SOE sectors including telecommunications, finance, manufacturing, and construction, serving as the primary technical investigator
- Produced comprehensive incident reports encompassing full attack timelines, root cause analysis, and executive-level findings for ransomware, web breach, and cryptomining incidents
- Conducted applied research in blue team tooling, advancing organizational capabilities across digital forensics, incident response, and cyber threat intelligence disciplines
Technical Consultant Associate
PT Mitra Integrasi Informatika (Metrodata Group)
- Delivered end-to-end security product implementation and post-deployment support for enterprise clients, ensuring alignment with client security objectives
- Conducted forensic investigations including evidence acquisition, chain-of-custody management, and structured incident timeline reconstruction for client-facing engagements
Technical Consultant Analyst
PT Mitra Integrasi Informatika (Metrodata Group)
- Conducted in-depth technical research on Splunk and Elastic, translating findings into practical blue team use cases that informed product implementation strategies
- Developed and maintained comprehensive technical documentation to support product deployment, system configuration, and knowledge transfer across stakeholders
Cyber Security Analyst (L1)
PT Visionet Data Internasional
- Performed real-time security event monitoring and triage across SIEM, EDR, and IAM platforms, supporting concurrent client environments with high operational availability
- Designed and delivered security awareness content and technical briefings to cross-functional stakeholders, strengthening the organization's security posture
10+ incident investigations across state-owned enterprises. Client names confidential.
dfir-autopilot
in progressAutomated DFIR triage pipeline — KAPE collection → artifact parsing → Hayabusa & DeepBlueCLI scanning → unified timeline visualization.
vol-autoparser
in progressVolatility3 automation for Linux memory images — auto-detect kernel version, download ISF symbols, run all relevant plugins, and generate a summarized findings report.
Previously on Medium. Migrating here. → all posts
Automating DFIR Triage with KAPE and Timeline Analysis
Building a pipeline from triage collection to interactive timeline.
Volatility Module Auto-Parser for Linux Memory Images
Automating the painful parts of Linux memory forensics.
Building a CTI Enrichment Pipeline: From Reports to Detection
End-to-end IoC extraction, enrichment, and detection deployment.