About

I’ve been building software since 2008, starting with desktop and web applications before expanding into mobile development in 2013.

My interest in application security dates back to 2012, when I began identifying vulnerabilities in web applications alongside my software engineering work. Since 2024, I have become increasingly active in vulnerability research and security assessments, with a particular focus on web and API security.

Over the years, I’ve built production applications, led engineering teams, and contributed to open-source projects. These experiences have strengthened my appreciation for technical ownership, collaboration, and building systems that are both reliable and secure.

I also write technical content for developers and security practitioners. My work has been published by Baeldung, Linux Handbook, and Cybersecurity Writeups. I have also contributed as a reviewer for the CircleCI Blog, helping improve technical content for software engineers and DevOps practitioners.

Work with me

نَصْرٌ مِّنَ ٱللَّهِ وَفَتْحٌ قَرِيبٌ ۗ وَبَشِّرِ ٱلْمُؤْمِنِينَ

Help from Allah and an imminent victory. And give good news to the believers.

Qur’an 61:13 (Ash-Shaff)

Career Journey

  1. Technical Code Reviewer

    May 2025 — Present

    CircleCI

    San Francisco | Remote | Freelance

    Reviewed technical tutorials for the CircleCI blog by testing code samples, verifying successful builds, ensuring content clarity, and maintaining consistency with editorial standards. Collaborated with authors to resolve issues and published verified repositories.

    • Markedown
    • CI/CD
    • Git

    Technical Author

    Feb 2025 — Present

    San Francisco | Remote | Freelance

    I create content at CircleCI about CI/CD automation, security testing, and performance tuning — from adding vulnerability scans to pipelines to speeding up Kotlin coroutines and automating API security tests in Java.

    • Java
    • Kotlin
    • CI/CD
    • Security
    • Git

  2. Technical Author

    Oct 2023 — Nov 2024

    Baeldung

    Romania | Remote | Freelance

    I write and share tutorials on Java, Kotlin, and the JVM, building sample projects, adding tests, and collaborating with editors until publication.

    • Java
    • Kotlin
    • Jira
    • Unit Testing
    • Code Conventions
    • Benchmarking

  3. Head of Product & Engineering

    Aug 2023 — Feb 2025

    Kredibel

    Jakarta - Indonesia | Remote | Fulltime

    • R&D for new feature ideas based on company and user needs.
    • R&D for new tech/library implementation needed.
    • Solving problems regarding application releases: Google Play Store and Apple Store.
    • Still working as a software engineer. 😁

    Sr. Software Engineer | Mobile

    Sep 2020 — Feb 2025

    Jakarta - Indonesia | Remote | Fulltime

    • Develop mobile apps from scratch (Android & iOS).
    • Develop Kredibel Vision SDK (Android).
    • Manage Kredibel Remote Maven Repository.
    • R&D for new tech/library implementation needed.
    • R&D for some ML libraries for mobile platforms such as Google ML Kit, Firebase ML Kit, Huawei ML Kit, etc.
    • Create prototypes for demo to clients/users if needed.
    • Java
    • Kotlin
    • Android Studio
    • RxJava
    • Retrofit
    • Firebase
    • GitLab
    • ML Kit
    • Xcode
    • Swift
    • SwiftUI
    • Alamofire
    • SwiftyJSON
    • CoreData
    • Maven Repository
    • Repsy.io
    • Microsoft Azure DevOps
    • Google Artifact Registry

  4. Team Lead

    Aug 2015 — Mar 2020

    Sebangsa Network

    Yogyakarta - Indonesia | OnSite | Fulltime

    • Responsible for teamwork, from development, testing, bugfixing, staging to release/production.
    • Review, motivate, guide, and help the team solve problems if they have difficulties.
    • Schedule new technology research as needed and determine whether to implement it or not.
    • Android Studio
    • Java
    • RxJava
    • Retrofit
    • OkHttp
    • JSON
    • Gson
    • Firebase
    • Dagger
    • MVP
    • GitLab
    • Subversion
    • Google Play Console

    Sr. Android Developer

    Aug 2015 — Aug 2017

    Yogyakarta - Indonesia | OnSite | Fulltime

    • Mentoring junior.
    • R&D for new tech/library implementation needed.
    • Contribute to Sebangsa, Arena, and “Q” projects.
    • Android Studio
    • Java
    • Retrofit
    • OkHttp
    • JSON
    • Gson
    • GCM
    • MVP
    • GitLab
    • Subversion

    Android Developer

    Jan 2013 — Aug 2015

    Yogyakarta - Indonesia | OnSite | Fulltime

    Develop Sebangsa apps from scratch. Responsible for coding, testing, bug fixing, staging, and release/production.

    • Android Studio
    • Java
    • Retrofit
    • OkHttp
    • JSON
    • Gson
    • GCM
    • MVP
    • GitLab
    • Subversion

  5. Web Programmer

    Mar 2010 — Dec 2012

    Puskom UNY

    Yogyakarta - Indonesia | OnSite | Fulltime

    • Student Registration.
    • Financial Monitoring.
    • Speedy internet services.
    • SitungRek (for rector candidate vote count).
    • Number of websites for some seminar, scientific event, or workshop.
    • Assisting IT training mentors for lecturers and staff.
    • Help support IT for every campus event.
    • Delphi 7
    • PHP
    • CodeIgniter
    • CSS
    • HTML
    • jQuery
    • MySQL
    • PostgreSQL
    • WebService
    • SOAP

  6. Desktop App Developer

    Jun 2008 — Nov 2010

    CV. Solusi Netindo

    Yogyakarta - Indonesia | OnSite | Parttime

    Develop apps for Windows platform such as Management Information Systems, Inventory System, Airline Ticketing Systems and Ship Port Information System.

    • SQL
    • Microsoft SQL Server
    • Delphi
    • Firebird
    • InterBase SQL
    • VCL

  7. Layout Editor

    2003 — 2004

    CV. Mutiara Tiga Prima

    Yogyakarta - Indonesia | OnSite | Parttime

    • Layout editing using Corel Draw 11.
    • Print to Plate.
    • Print Mirror.
    • Print to tracing paper (kalkir).
    • Deliver printed script to Machine Operator.
    • Help finishing if needed.
    • Corel Draw 11
View Full Résumé

Featured Works
  • Spotify Profile

    Kredibel Vision SDK

    Vision SDK is a library that provides computer vision services such as Liveness Detection and Identity OCR with Kredibel VisionAI technology.

    • Java
    • Kotlin
    • Kredibel API
    • Machine Learning (ML)
    • Modularization
    • Maven
    • Repsy.io
  • Halcyon Theme

    Sebangsa App

    Sebangsa.com is a community social marketplace platform. In March 2016, Sebangsa, a social media platform for Indonesian communities, was selected as one of the National OTTs.

    • Java
    • RxJava
    • MVP
    • GCM
    • Firebase
    • Google Analytics
  • Kredibel – Cek Penipu Online

    Kredibel Android

    Kredibel is a startup tackling fraud and trust issues, helping people avoid scams and businesses build trust, comply with regulations, and reduce fraud.

    • Java
    • Kotlin
    • RxJava
    • Retrofit
View more

Security Writeups
View More

Publications
View More

Speaking & Teaching

  1. Guest Lecture

    Apr 2021 — Jun 2021

    FMIPA - Universitas Negeri Yogyakarta

    Yogyakarta - Indonesia | Seasonal

    Workshop on mobile application development, in order to improve learning and conformity with the industrial world and the meaning of “Kampus Merdeka”.

    • Android Studio
    • Java
    • Kotlin
    • SQLite

  2. Instructor

    Oct 2016

    SMK Ibu Pawiyatan Tamansiswa

    Kelas 9 Belajar Bareng Sebangsa

    Yogyakarta - Indonesia | Seasonal

    Talk about : Membuat Aplikasi Mobile Android Keren.

    • Android Studio
    • Java

  3. Mentors

    Jun 2015 — Dec 2015

    Pondok Programmer

    Yogyakarta - Indonesia | OnSite

    Teaching and making a syllabus, include material and sample project. Monitoring the increased ability and and giving consultation of students.

    • Java
    • Eclipse IDE
    • Android SDK
    • XML
    • Layouting
    • Motion animation
    • Basic Game Development

  4. Math Teacher

    2003 — 2007

    Self-employed

    Yogyakarta - Indonesia | Freelance

    Teaching Mathematics privately for Elementary and Junior High School students.

    • Numbers & Operations
    • Fractions & Decimals
    • Basic Algebra
    • Geometry
    • Ratio & Proportion
    • Pythagoras Theorem
    • Problem Solving

  5. Tilawatil Qur’an Teacher

    2008 – 2009

    SMP Muhammadiyah 9 Yogyakarta

    Extracurricular Lessons

    Yogyakarta - Indonesia

    • Teaching Qur'an with Tartil, Mujawwad, and Nagham with 7 maqamat.
    • Intensive lessons for students to prepare for the Musabaqah Tilawatil Qur'an (MTQ) competition.
    • Intensive lessons for students as qori' to prepare for Islamic holidays and other events.
    • Qur'an
    • Tartil
    • Tahsin
    • Tajwid
    • Mujawwad
    • Nagham
    • MTQ

  6. Qur'an Teacher

    2000 – 2004

    Taman Pendidikan Al-Qur’an Fastabiqul Khairat

    Yogyakarta - Indonesia

    Teaching Iqra, Qur’an, Tartil, Tajwid and Kitabah.

    • Qur'an
    • Tartil
    • Tajwid
    • Kitabah
    • Iqra'

Featured Blog Posts
View More

Certifications & Credentials
  • 5 Common Accessibility Pitfalls

    Cisco Ethical Hacker

    Cisco

    Learn the art of offensive security to uncover cyber threats and vulnerabilities before the cybercriminals do.

  • 5 Common Accessibility Pitfalls

    OWASP® Top 10 Security Threats

    The Linux Foundation

    Holders of the SKF100 badge learn the fundamentals of web application security, including the OWASP Top 10 threats, how to identify and fix common vulnerabilities, apply secure coding practices, assess risks, and maintain confidentiality, integrity, and availability.

  • 5 Common Accessibility Pitfalls

    Secure AI/MLDriven Software Development

    The Linux Foundation

    Holders of the LFEL1012 badge are skilled in using AI code assistants securely, applying secure coding, and managing AI risks and low-quality contributions.

  • 5 Common Accessibility Pitfalls

    Creating Effective Documentation for Developers

    The Linux Foundation

    Demonstrates the ability to identify API types, define required reference elements, distinguish conceptual from technical content, and collaborate effectively in creating documentation plans within software development workflows.

  • 5 Common Accessibility Pitfalls

    Android Bug Bounty Hunting: Hunt Like a Rat

    EC-Council

    Mobile Bug Bounty Hunting, Bug Bounty Methodology, How to set up an Android Bug Bounty Lab, intricacies of Bug Bounty & Path Variables

  • 5 Common Accessibility Pitfalls

    SQL Injection Attacks

    EC-Council

    The basics of SQL Injection attacks, Using kali linux database Penetration testing tools & Performing SQL Injection attacks

  • 5 Common Accessibility Pitfalls

    Information Security Management System Awareness ISO/IEC 27001:2022

    PT. Bhinneka Inti Global Data

    Awareness training Information security management systems: ISO/ IEC: 27001: 2022

  • 5 Common Accessibility Pitfalls

    Information Security Management System Awareness ISO/IEC 27001:2013

    PT. Bhinneka Inti Global Data

    Awareness training Information security management systems: ISO/ IEC: 27001: 2013

  • 5 Common Accessibility Pitfalls

    SQL (Advanced)

    HackerRank

    It covers topics like query optimization, data modeling, Indexing, window functions, and pivots in SQL.

  • 5 Common Accessibility Pitfalls

    JavaScript (Intermediate)

    HackerRank

    It covers topics like Design Patterns, Memory management, concurrency model, and event loops, among others.

  • 5 Common Accessibility Pitfalls

    Rest API (Intermediate)

    HackerRank

    It covers topics like getting data from an API and process using parameters or paging.

  • 5 Common Accessibility Pitfalls

    Problem Solving (Basic)

    HackerRank

    It covers basic topics of Data Structures (such as Arrays, Strings) and Algorithms (such as Sorting and Searching).

  • 5 Common Accessibility Pitfalls

    Java (Basic)

    HackerRank

    It will cover basic topics in Java language such as classes, data structures, inheritance, exception handling, etc. You are expected to be proficient in either Java 7 or Java 8.

Work with me

Let's work together on security assessments, research projects, technical content, or other interesting challenges.