Threat Researcher (m/f/x) - Remote anywhere in Spain

Founded in 2020, QuoIntelligence is Europe's fastest growing startup in the field of Cyber Threat Intelligence. Headquartered in Germany, and incorporated in Italy and Spain, we provide companies and institutions with game-changing expertise in the fight against cybercrime. 

• Detect, investigate, track, and report on regional and industry focused malicious cyber activities, being able to track and report on shifts in TTPs over time, as well as their immediate impact on our customers.  
• Respond in a timely manner to requests for intelligence (RFIs) from customers, ranging from threat landscapes, risk assessments, OSINT investigations, campaign analysis, or technical analysis, and support in the development of those RFIs to junior analysts.  
• Create reports in English based on research discoveries publishing those findings in QuoIntelligence blog or ad hoc conferences. 
• Support the fulfillment of client’s intelligence requirements. 
• Identify new datasets to ingest and propose new analytics which can be developed to improve and/or automate portions of the intelligence cycle. 
• Work with the Intelligence Operations team to identify, prioritize, and deploy various detection mechanisms for malware families and threat actor groups of interest.  
• Use both internal and external data to find the best and most comprehensive answer to threat research questions. This may include using already developed external data pipelines or developing new collection methods according to research needs. 
• Use both quantitative and qualitative methods of analysis to best answer high-priority research questions around threats. 
• Support in the automation of tasks of the Intelligence Operations team in ad-hoc cases.  

• Bachelor’s degree in Computer Science, Computer Engineering, Information Security, Security Studies, Intelligence, or a related field. Alternatively, 4 additional years of experience in a similar role. 
• 3 years of experience in Information Security, particularly Threat Intelligence, Incident Response, Security Operations, Vulnerability Management. Demonstrable experience conducting technical threat analysis and research. 
• Demonstrable research and analytic competencies such as blog post, conferences, or research projects. Prior experience in research or analysis is preferred, particularly as it relates to malicious cyber activity. Experience with structured analytical techniques, the intelligence cycle, and intelligence writing techniques and methodologies. 
• Good scripting skills (python, shell, powershell, etc.) 
• Good knowledge of the EU threat landscape and cyber threat activity, including actors, TTPs, and targets. 
• Experience clustering and tracking multiple threat actors using techniques such as the Diamond Model of Intrusion Analysis 
• Knowledge of indicators of specific threat actors, their cross-platform tactics, and how they evolve or change over time. 
• Good knowledge of the different types of malwares and how they operate. Ability to perform simple assessments of malicious files being comfortable with basic static and dynamic analysis. 
• Ability to create detection rules, and good knowledge of Indicators of compromise (IOCs) 
• Excellent critical thinking and interpersonal and teamwork skills; ability to work with globally distributed team members and autonomy carrying out research. 
• Fluency in English.  
• Current holder of an EU Passport or authorized to work in Italy/Spain.  

What's the pay like?

Since December 2022, we operate a transparent compensation framework.

For this job and country, the base salary is 45.418,18€. 

What's in it for you?

• Work from anywhere in Spain!
• 26 days of paid time off. 
• Yearly global meetups in great locations. In 2024, we spent a week in Šibenik, Croatia!

What's the recruitment process like?

• You apply and fill a couple of screening questions.
• We review all applications.
• We invite you to an interview with our People Team via MS Teams
• You work on an online assessment via Vervoe 
• We schedule the top 4-5 candidates with our Head of Intelligence Operations as well as our CEO. The shortlisted candidate might as well meet the Research team. 
• We make an offer and conduct background checks via Veremark.

QuoIntelligence is an equal opportunity employer. We strongly believe that diversity is essential for good intelligence work and are committed to creating an inclusive environment for all employees.