Founded in 2010, Bukalapak is a leading technology organisation dedicated to providing a fair economy for all through its creation of a sustainable ecosystem in Indonesia.
Headquartered in Indonesia, a key challenge Bukalapak is to navigate the complex security landscape, offering both online and offline commerce platforms in the hopes of providing everyone with the options and opportunities to get more out of life.
As Head of Information and Cybersecurity at Bukalapak, Yogesh Madaan is tasked with leading the company through its navigation of not only the regional but global threat landscape.
“By education, I am an engineer,” says Yogesh. “My career started in organisations such as Accenture and IBM where I worked as an engineer and support for Windows Servers”
Following his time at IBM, Madaan spent close to 10 years with Credit Suisse climbing the ladder from Windows System Engineer to Vice President of Tech Ops and Risk Manager. Since then, Yogesh worked for other prestigious names such as UBS and Standard Chartered Bank before taking on the role he holds today at Bukalapak.
“I joined Bukalapak at a time when I was looking for a new challenge, where I could build and develop solutions from scratch. Learning has been a driver for me throughout my career and taking on the role I have today at Bukalapak provides me with this opportunity,” explains Yogesh.
“This has been a very good, refreshing and challenging role, where I have had the chance to build a security strategy and controls from scratch, and is something that we will continuously need to develop. Cybersecurity is an area that will always need improvement and, at Bukalapak, we are dedicated to becoming a better and safer organisation when it comes to our cybersecurity.”
A day in the life for Madaan at Bukalapak
As Head of Information and Cybersecurity, Madaan and his team look after all aspects of security, from vulnerability management to end-user security and data security . “We take care of the end-to-end process, building transparent and proactive reports for the our stakeholders and Board,” says Yogesh.
“The role also involves understanding the industry trends – i.e. where was the last attack, how was it done? Which area was exploited? I regularly attend cybersecurity events to learn and keep on top of new trends and threats in the market, and how to protect against them. Since, we are also responsible for regulatory compliance, we attend regulatory events to understand the upcoming requirements and trends.”
Read the full story HERE.
From an infrastructure perspective, 2U is actually in a really good state because we have a lot of infrastructure as code deployment builds, so have many security guardrails built into those CI/CD pipelines