Triaged and executed takedowns on client-branded phishing URLS to reduce consumer harm.
Contacted phone number providers to take down numbers being used in phishing attacks.
Worked on classifying threat data for url classification system.
Worked on updating documentation regarding abuse contacts.
Provided customer service to end users and utilized internal documentation to resolve issues.
Triaged calls/tickets to appropriate teams if requests could not be resolved.
Proactively scanned (via Shodan) public infrastructure for out-of-date assets, identifying an unsupported host with deprecated operating systems, and subsequently initiated and assisted in the migration plan, greatly improving security posture.
Acted as a liaison between Helpdesk and the Security Engineering & Operations team.
Investigated end user access issues, managed VPN token distribution, and blocked inappropriate sites.
Authoring blog posts and articles providing analysis on collected phishing kits and IOCs
Analyzing and sharing intel gathered on threat actors and phishing kits with other members of the CTI community.
OSS contributions and development.
Breach reporting/notification to companies exposing sensitive data or assets.
Contributing and maintaining repositories of deobfuscated phishing pages.
Direct collaboration with multiple threat intelligence teams across multiple verticals, to aid in identification and takedown of malicious content.
Frequent collaboration with informal cybersecurity peer groups.