Hildan Kusto Utomo | Application Security Engineer Portfolio

about me

I am a final-year Computer Science student focused on Application Security and secure software engineering, with hands-on full-stack development experience using TypeScript, React, Supabase, REST APIs, and Linux environments.

My main interests are web security testing, API security, vulnerability analysis, and secure application development. I enjoy working on products from both sides: building features as an engineer and reviewing how design and implementation decisions affect security.

I am currently exploring Security Information and Event Management (SIEM) for my undergraduate research, with a focus on log collection, event analysis, and basic correlation rules.

security experience

Capture the Flag Participation

Participated in multiple cybersecurity competitions focused on vulnerability discovery, security analysis, and web exploitation.

Web Exploitation

OSINT

Cryptography

Reverse Engineering

Questcon CTF 2024
DEADFACE CTF 2024
TCP1P International CTF 2024

Webinar Speaker

Build Fast Stay Secure: Security Mindset in the Era of Vibe Coding

Online Webinar

Delivered a cybersecurity talk about security risks in AI-generated code and introduced the R.A.I.L G.U.A.R.D framework to help developers apply secure coding principles in AI-assisted development workflows.

work experience

Full Stack Developer Intern

CV. Indonesia Mitra Media

Kebumen, Central Java

Aug 2025 - Jan 2026

Built reusable frontend architecture using React, TanStack, and Supabase, then contributed to full-stack feature delivery, bug fixing, API integration work, and manual QA support with senior developers.

React

TanStack

Supabase

REST API

Manual QA

Cyber Security Trainee

SMTP 2025 by The Ministry of Science and ICT of the Republic of Korea

Remote

Jul 2025 - Sep 2025

Completed hands-on cybersecurity training covering web security, network security, malware analysis fundamentals, cryptography, Linux and Windows security, and OSINT investigation workflows.

Web Security

Network Security

Malware Analysis

Cryptography

Linux

Windows

OSINT

Backend Developer & System Administrator

Smart Environment Control for Melon Farming - Kebakalan Village Government

Community Service Project

Aug 2024 - Apr 2025

Collaborated with village stakeholders to define requirements for an IoT-based monitoring system, built the Laravel dashboard for environmental data, and managed Linux server deployment, Apache configuration, and troubleshooting to improve reliability.

Laravel

MySQL

Linux

Apache

IoT

Backend & Mobile Developer, Cloud Engineer

Guide Wellbeing System App

Remote - Capstone Project

Sep 2024 - Jan 2025

Contributed backend services using Golang and TypeScript, supported the Kotlin mobile application, and implemented Firestore-based cloud workflows for the Bangkit Academy capstone project.

Golang

TypeScript

Kotlin

Firestore

Cloud Computing

skills

Security

OWASP Top 10

Web Security Testing

API Security

Vulnerability Assessment

Threat Modeling

Burp Suite

Development

TypeScript

React

PHP

Laravel

RESTful API

PostgreSQL

Infrastructure & Tools

Linux Administration

Docker

Git

Soft Skills

Time Management

Technical Communication

Public Speaking

Team Collaboration

selected projects

TypeScript

Hono

Supabase

React

Dify.ai

ReVA AI - Reimbursement & Expense Validation AI Agent

Role: Full-Stack Engineer

AI-assisted reimbursement validation system built for Neotechpark 2025 Hackathon to help finance teams review receipts, invoices, and tickets against reimbursement policies with clearer decision support.

Typescript

Hono.js

SvelteKit

Tailwind CSS

ShadcnUI

MySQL

Work Order Management System

Web-based work order management application designed to streamline task creation, assignment, tracking, and completion across operational workflows.

GitHub

Golang

Cobra

fuzzzz

CLI-based fuzzing tool built as a learning project to explore endpoint discovery, custom wordlists, and practical web security testing workflows.

GitHub

More Projects

TypeScript

Express

Golang

Fiber

Firestore

Guide Wellbeing System - Core & Quotes Backend Service

Role: Backend & Cloud Engineer

Backend services for the Guide Wellbeing System capstone project, supporting application logic and quote delivery for a mood-tracking and recommendation platform.

GitHub

Bun

Typescript

Express

Firestore

GWS Quotes Service API

Lightweight REST API service for the Guide Wellbeing mobile app that serves randomized motivational quotes from Firestore through a separate backend service.

GitHub

Kotlin

Material UI

GWS Mobile App

Mobile application for mood tracking and personalized recommendations based on user mood data.

GitHub

PHP

Laravel

MySQL

Bootstrap

Amazon Location Service

Trader Governance Information System

A web application for operators to record and manage merchants in one place

GitHub

training & certification

SMT Program 2025: Cyber Security

Jul 2025 - Sep 2025

The Ministry of Science and ICT of the Republic of Korea

Bangkit Academy 2024 Batch 2: Cloud Computing

Sep 2024 - Jan 2025

Yayasan Dicoding Indonesia

AWS Knowledge: Cloud Essentials

May 2024

Amazon Web Services

Microsoft Security, Compliance, and Identity Fundamentals

Apr 2024

TalentaAI

Cyber Security Course for Beginners

Sep 2023

Cyber Warfare Labs

honors & awards

KodokoalaMedia Bug Bounty

2019

Kodokoala Media

Hall of Fame recognition for responsibly reporting a web security vulnerability related to XSS and SQL Injection.

languages

Indonesian

Native

English

A2-B1

Korean

Beginner

education

Universitas Putra Bangsa - Bachelor of Computer Science

2022 – 2026

Kebumen, Central Java, Indonesia

Current GPA: 3.27/4.00

Relevant Courses:

Data and Information Security

Cloud Computing

System Analysis and Design

Web Programming

contact

Interested in working together?

I am open to discussions around Application Security, secure software engineering, and junior engineering opportunities.

Reach Me LinkedIn GitHub Medium