•Email security for 150+ early-stage startups. Got SPF, DKIM, and DMARC to 98%+ alignment across 1,300+ domains, which dropped spoofing incidents 60% by blocking impersonation at the perimeter instead of catching it in inboxes.
Infrastructure Monitoring Dashboard
•Built an end-to-end monitoring dashboard with Claude Code that shows the health of every domain and inbox we run (1,300+ and 2,700+ respectively). Replaced the manual health-check pass we used to do every Monday morning.
Phishing & BEC Investigation
•Worked 250+ phishing, BEC, and malicious-attachment cases. Header analysis, sandbox detonation, IOC pivots across sender IPs, domains, and attachment hashes. False positives down 25%, per-incident analysis time down 35%, remediation success above 90%.
SOC Automation
•Automated phishing triage, IOC enrichment, and email-block pipelines in n8n. Mean response time on incidents went from 4 hours to under 75 minutes. The biggest single win was getting enrichment off the analyst critical path.
Domain Abuse Monitoring
•Caught and shut down 30+ lookalike-domain and impersonation campaigns by watching cert-transparency logs and pivoting on OSINT. Phishing surface area shrank ~40%. Findings went to leadership weekly so portfolio-wide risk decisions had something to point at.
Worked with
Brands I’ve worked with
Email infrastructure, DFIR, and detection work shipped across 150+ startups and enterprises in AI, HealthTech, and SaaS.