Francesco Pompò

Lead Security Engineer

Location: Turin, Italy
Email: contact@francesco.cc
Website: francesco.cc
Github: github.com/deade1e

About Me

Engineer with extensive experience in the IT security industry, specializing in low-level systems programming, malware analysis, and threat intelligence automation.

Skilled in both offensive and defensive security, with expertise ranging from red teaming tool development to SOC L3 incident response.

Contributor to the Linux kernel, author of a Tor protocol re-implementation, and developer of high-performance tools in Rust.

Work Experience

Lead Security Engineer | 7Layers S.r.l. | Turin, Italy
March 2022 - December 2024

• Developed custom automation tools for threat intelligence workflows, reducing manual processing time to near zero
• Reverse engineered malware samples (ransomware, trojans, APTs) to extract IoCs and identify attack patterns
• Built and maintained automated IoC distribution pipeline serving hundreds of environments with hundreds of thousands of indicators.
• Led two junior developers

Senior Security Analyst | 7Layers S.r.l. | Turin, Italy
November 2020 - March 2022

• Handled L3 security incidents
• Organized training sessions for teams
• Performed malware analysis in low and high-level languages
• Developed workflow automation tools

Senior Security Engineer | Novanext S.r.l. | Turin, Italy
March 2020 - November 2020

• Developed and maintained intelligence collection and distribution system
• Created Early Warning service for customers
• Led two junior developers

Splunk Developer | Consoft S.p.a. | Turin, Italy
September 2019 - March 2020

• Developed Python integrations for Splunk interactions
• Configured dashboards for Splunk Enterprise Security

Red Team Developer | eSurv S.r.l. | Catanzaro, Italy
April 2017 - February 2019

• Developed low-level interception tools in C and Assembly for Windows, Linux, and macOS for Italian prosecutor offices

Junior Security Engineer | TS-Way S.r.l. | Orvieto, Italy
August 2014 - August 2015

• Developed intelligence collection and analysis tools in Node.js and PHP
• Performed malware analysis on samples from customer infrastructures
• Conducted code analysis for customer projects

Junior Penetration Tester | TS-Way S.r.l. | Orvieto, Italy
November 2013 - August 2014

• Performed penetration testing following OWASP guidelines
• Managed vulnerability assessment appliances on customer infrastructures

Education

Diploma di Perito Industriale Capotecnico | I.T.I. L. da Vinci | Trapani, Italy
Issued by Ministero dell’Istruzione, dell’Università e della Ricerca - 2013

Certifications

Cyber Threat Intelligence Analyst (CTIA) | EC-Council
June 2024

Incident Responder | Group-IB
November 2021

Skills

Languages:

• C
• Rust
• Assembly (x86/64, arm64)
• Python
• JavaScript
• SQL
• NoSQL

Systems & Security:

• Malware Reverse Engineering (Windows/Linux)
• Network Protocols (TCP/IP, ARP, DHCP, Tor)
• Low-level OS internals (Linux kernel, EFI)
• Incident Response (L3)
• Threat Intelligence Automation

Languages

• Italian/Arbereshe: Native
• English: Professional proficiency (C1 written, B2 spoken)

Notable Projects

Linux Kernel Patch: efistub/x86 SMBIOS Fallback | October 2025 - November 2025
Fixed EFI subsystem bug in Apple firmware by adding fallback method for SMBIOS information retrieval.
Accepted into linux-next and scheduled for inclusion in Linux 6.19.

Radar - Asynchronous Network Scanner | May 2025 - Present
Rust-based network scanner with userspace implementation of TCP, UDP, ARP, and DHCP protocols using Linux raw sockets for active scanning and passive monitoring.

Lor - Light Onion Router | October 2015 - January 2017
Tor protocol client re-implementation using mbedTLS, demonstrating direct hidden service connection without Tor binary.

Ape Escape Manipulation Toolkit | April 2025 - June 2025
Rust toolset for game archive manipulation.

libfjson | May 2017
Recursive finite-state machine JSON parser in C, operating byte-by-byte with sub-6KB compiled size.