Principal Research Analyst (m/f/x)

Founded in 2020, QuoIntelligence is Europe´s fastest growing startup in the field of Cyber Threat Intelligence. Headquartered in Germany, and incorporated in the United States, Italy and Spain, we provide companies and institutions with game-changing expertise in the fight against cybercrime. 

Our Intelligence Operation Team analyzes the current and future cyber threat landscape to disseminate timely and accurate tactical/operational/strategic intelligence to external customers and industry peers. The team is distributed across Germany, Italy, Spain, and the US and its members come from both the private cyber security and defense sectors.

We are looking to expand the team’s capabilities by recruiting a Principal Research Analyst remotely based anywhere in Italy.

Intelligence Operation Analysts deliver high value threat information that is tailored to customer needs and is to be shared with risk management specialists, security professionals and policy makers globally. 

Key areas of responsibility:

• Detect, investigate, track, and report threat activity matching Clients’ Intelligence Requirements.

• Work with other experienced Cyber/Geopolitical Intelligence analysts to develop tactical/operational/strategic Intelligence products matching high writing style and analytical standards.

• Identify, prioritize, and deploy various early detection mechanisms for new activity on malware families and threat actor groups of interest and continually improve threat hunting processes and documentation.

• Lead the development of the team’s Intelligence Collection Plan (ICP).

• Lead management of critical incidents and crisis situations.

• Work with Customer Success to drive the answering of clients’ Request for Information (RFI).

• Train and mentor Junior researchers in the team.

• Identify new datasets to ingest that enrich QuoIntelligence datalake, and work with the Exploitation&Collection team to ingest such data at scale.

• Propose new analytics which can be developed to improve and/or automate portions of the intelligence cycle.

• Work with executives, technical SMEs, and customers (ad hoc) to enhance cybersecurity programs, incident response, and other activities.

• Stay on top of developments within the threat landscape.

• Define and review strategic and operational procedures to ensure customer´s desired security levels.

• Cultivate relationships in the cyber community for sharing and collaboration and present in cybersecurity conferences representing QuoIntelligence.

Essential requirements:

• Bachelor’s degree in Computer Science, Computer Engineering, Information Security, Security Studies, Intelligence, or a related field. Alternatively, 4 additional years of experience in a similar role.
• 10 years of experience in Information Security and/or Threat Intelligence with prior experience in research or analysis.
• Demonstrable experience (public blog, conference presentations, Github projects) conducting technical threat analysis and research and tracking APT and e-crime actors using techniques such as the Diamond Model of Intrusion Analysis or Kill Chain, and knowledge of common TTPs used by cyber threat actors following MITRE ATT&CK Matrix.
• Preferred experience with Structured Analytical Techniques, the intelligence cycle, and intelligence writing techniques and methodologies.
• Experience helping to develop and maintain intelligence requirements.
• Knowledge of Windows and/or Linux malware analysis (behavior and static).
• Extensive experience in hunting malicious infrastructures given networking indicators with tools such as Shodan, Censys, FOFA, VirusTotal etc.
• Experience debriefing and presenting to different audiences, including clients, industry conferences, and other security experts.
• Technical experience with Digital Forensic & Incident Response (DFIR)
• Extensive Knowledge of YARA, SIGMA and Snort for Detection Engineering.
• Knowledge of common post-exploitation tools.
• Fluent in English, additional fluency in Italian, Spanish, German, and/or French will be considered as an asset.
• Excellent interpersonal and teamwork skills; ability to work with globally distributed team members.

How is it to work here?

• Fast growing startup in an ever-expanding market.
• A lean organization with an open feedback culture.
• Multicultural and multilingual organization.
• Creative environment where team members are encouraged to contribute to processes, decisions, planning and culture. 

What's the pay like?

Since December 2022, we operate a transparent compensation framework.

The beginning of this compensation band starts at 76,500 € TTC for 2024:

• Base: 63,478 € gross annual salary
• Bonus: 15% of annual gross base salary
• Benefits: 3,500€ for Year1 as outlined below.

What's in it for you?

• Work from anywhere in Italy!
• Great opportunity to build a career as the company doubles in size in the next 12 months.
• Be comfortable: 1,000 EUR gross home office budget.
• Be learning: 2,000 EUR / year personal development budget.
• Be well: 500 EUR gross / year wellness allowance
• Be with your team: team get-together budgets.
• Yearly global meetups in great locations. In 2022 we spent a week in Rome. This year we spent the last week of September in Rimini! 

What's the recruitment process like?

• You apply and fill a couple of screening questions.
• We review all applications.
• We will send an online assessment via Vervoe 
• You would interview with our People Team via MS Teams.
• We schedule the top 4-5 candidates with our Head of Intelligence Operations as well as our VP of Engineering. The shortlisted candidate might as well meet the Research team. 
• We make an offer and conduct background checks via Veremark.

QuoIntelligence is an equal opportunity employer. We strongly believe that diversity is essential for good intelligence work and are committed to creating an inclusive environment for all employees.