Phishing attacks are a combination of social engineering and technical methods that are used to obtain sensitive information from a user's data, such as login credentials or credit card numbers. Phishing occurs when an attacker disguises themself as a trusted entity in electronic communication. These attacks are aimed at exploiting weaknesses found in end users, such as humans not being properly trained to detect an attack. Phishing is a frequent problem for organizations. Synchrony is a Fortune 500 company that wants to develop better, faster, and more granular actions for when phishing attacks happen. This is because their current workflow orchestration is not efficient. Attacks that are spread across multiple messages and platforms are challenging for humans to rapidly manage across specialized tools and teams. We were given the challenge to construct an adaptive, self-improving model to orchestrate phishing countermeasures using a cloud service mesh model framework that is a suite of OpenAPI specifications to orchestrate a diversity of phishing actions and associated telemetry. Our goal for this project is to improve the efficiency of phishing detection at Synchrony. We research more efficient ways to communicate across phishing detection, mitigation and forensics teams in order to reduce the adverse effects of phishing on the company.