T-Mobile

Digital Forensics Analyst Intern
June 2022 - April 2023

- Developed PowerShell automation scripts to efficiently manage processes involving 83,000+ unauthorized access incidents, 15,000+ phishing/SMShing/spam incidents, and 4,000+ forensic preservations
- Executed SQL queries to generate detailed reports on CIRT, CSOC, and Corporate Investigations restrictions, addressing issues such as SIM swapping and IMEI unblock thresholds alongside general restrictions
- Deployed Cisco Secure Malware Analytics to test potential threats within a secure sandbox environment, assessing the security of various websites and files
- Conducted analysis of after-hours network activity via Splunk, emphasizing connection types, account access points, and potential SIM swap incidents
- Preserved data across a range of platforms, including mailboxes, SharePoint Online sites, OneDrive for Business locations, and UserShare directories, utilizing the Office 365 Security and Compliance Center
- Alerted relevant parties to phone numbers, email addresses, or websites potentially engaged in fraudulent activities
- Employed T-Mobile's proprietary software to collect, preserve, and generate backups of digital evidence
- Maintained chain of custody protocols and documentation for a range of devices, including laptops, desktops, tablets, and other digital media.
- Previewed digital evidence for possible criminal activity, filtering out extraneous system or application files through hash analysis to highlight pertinent data.