Alexandru D.
Senior Security Researcher
Experience
Email Security Threat and Data Researcher
Proofpoint
My role involved leveraging large datasets, behavioral signals and content analysis to design, test, and deploy advanced detection systems that improved the organization’s ability to identify and block malicious emails in real time. Have good experience digging through data using Python, Jupyter Notebooks, PySpark, AWS
Key Responsibilities
- Conducted in-depth research on phishing trends, attacker behavior and evasion techniques to inform model design and detection strategies
- Worked closely with Data Science and Engineering teams to build and refine ML-based classifiers for phishing and spam detection using NLP
- I enriched detection signals with real-world attacker data, domains, and IOCs to improve phishing detection accuracy.
Took ownership of researching and implementing approximately 60% of all static detection rules within a team of four security researchers, collaborating closely with Data Science teams to propose enhancements and new features for machine learning algorithms.
Senior Security Researcher
Secureworks (Sophos)
- Performed malware analysis and engineered EDR countermeasures, including YARA signatures and memory-based techniques, to mitigate advanced threats.
- Developed detections across multiple telemetry sources such as process execution, network traffic, authentication events, and script activity, enabling rapid identification of malicious behaviors and persistence mechanisms.
- Leveraged AI techniques to research and automate the development of detection rules and used Jupyter notebooks to query large datasets, identify patterns, generate statistical insights, and correlate anomalies across tenants to drive countermeasure creation.
- Conducted threat hunting across endpoint and network environments, supported incident response teams, contributed to CERT initiatives, and collaborated with data science efforts to investigate persistence techniques, ransomware detection, and command-and-control identification.
Senior Security Analyst
Adobe
- Led incident response and triage for enterprise-level security events, analyzing cloud provider logs, OS configurations, and network flows to detect risks.
- Investigated suspicious activity in SIEM platforms, authored detection rules, and performed forensic analysis of memory, logs, and malware samples.
- Conducted APT hunting, evaluated and deployed security tools, and partnered with engineering teams to onboard and monitor specialized environments.
Team Leader & Virus Researcher
Avira
- Started as a virus researcher and then directed a malware support team while providing Level 3 technical expertise, leading quality assurance efforts, and overseeing the virus definition update process.
- Conducted malware research and reverse engineering, producing threat descriptions, analyzing rootkits, and testing obfuscation and encryption techniques.
- Delivered technical content, collaborated across departments, and utilized tools such as IDA Pro, OllyDBG, Wireshark, Fiddler, and Volatility to analyze malware behavior and network traffic.
Summary
Cybersecurity Professional with 19 years of experience in threat detection, incident response, malware analysis and phishing research. Skilled in leveraging AI/ML for anomaly detection, conducting threat hunting and leveraging threat intelligence to strengthen defenses. Proficient in Python, Jupyter Notebooks, AWS, SIEM, EDR, YARA, and Splunk, with experience collaborating with data science/engineering teams to refine detection models and automate security workflows. Developed a growing passion for email security.
Languages
Education
Polytechnic University of Bucharest
MSc in Intelligent Systems · Intelligent Systems · Bucharest, Romania
Polytechnic University of Bucharest
BEng in Computer Engineering, Automatic Control · Computer Engineering, Automatic Control · Bucharest, Romania
Certifications & licenses
GPYC – GIAC Python Coder
GPEN – GIAC Penetration Tester
GREM – GIAC Reverse Engineering Malware
Similar Freelancers
Discover other experts with similar qualifications and experience
- English
- Deutsch
2025 © FRATCH.IO GmbH. All rights reserved.