I started working in Deloitte right after my graduation on May 26th 2024 (PS: Archived interview details in del*_int*.txt). After a month and half of training, I started on operations.
There are two main categories of daily work. Triaging mails reported by users and handling incident tickets. The job is to analyse and detect any malicious IOCs affecting the firm.
If malicious, remediation is done. In many cases the ticket will be escalated to Tier 2 for further investigation. The main purpose of Tier 1 is to filter the tickets to escalate.
On September 10th, before within 2 months of joining, I saw an opportunity to automate the process of investigating the maliciousness of IOCs in OSINT sites. So, I wrote a script for myself.
It was written in Batch and it takes IOCs and opens the results in a browser along with printing the urls out on the terminal. But I needed permission to run scripts on my device.
So, when I asked my manager for permission, he said this script will be useful for the whole team and to make it more user friendly.
Over the next few months, I worked on improving the script. I converted it to powershell. The script saved a lot of time and provided wider perspective to the analysts.
My work on the OIS (OpenSource IOC Scanner) earned me the prestigious "Innovator Award FY25" during an All-hands meet event on May 26th 2025, exactly an year after my graduation.