SUMMARY
The Cyber Threat Research Intern will play a key role in supporting threat research operations by maintaining and enriching threat data, assisting with Threat Intelligence Platform related workflows, contributing to threat detection and profiling efforts, work alongside senior researchers to identify and analyze artifacts of malicious activity, validate detection coverage, and enhance detection logic. Leveraging Arete’s extensive visibility into threat actor activity, the intern will gain hands-on experience in cyber threat research, detection engineering, and operational intelligence processes.
ROLES & RESPONSIBILITIES
Performs structured data ingestion within Arete’s Threat Intelligence Platform (TIP), ensuring accuracy and consistency of threat data. This will improve threat visibility and correlations
Maintains and updates investigation requests, ensuring proper tagging, classification, and documentation
Malware profiling through correlation of artifacts from DFIR breach response engagements
Identifies data to help enhance Malware and Threat Actor profiles
Develops threat detection and profiling countermeasures
Learns and supports the creation of YARA and SentinelOne S1QL rules with guidance from TRT researchers
Submits malicious files to our automated malware analysis system to make sure we properly profile threats from our DFIR and MDR investigations
Collaborates with TRT analysts and other duties as assigned
SKILLS AND KNOWLEDGE
Basic understanding of cybersecurity concepts (malware, ransomware, indicators of compromise, threat hunting, digital forensics, incident response)
Familiarity with Threat Intelligence concepts such as IOCs (IPs, domains, hashes), TTPs, and MITRE ATT&CK
Ability to perform structured data ingestion and maintain data quality within a Threat Intelligence Platform (TIP)
Ability to identify and research indicators of malicious activity
Familiarity with the Yara syntax to develop threat detection and profiling rules
Motivated self-starter with an interest in threat research, malware analysis, cyber threat detection, and DFIR workflows
Ability to document findings clearly in ticketing systems, reports, and other internal systems
Ability to clearly communicate findings
Learning opportunities
Through the above activities, the intern will be exposed to and gain experience in the following areas:
Knowledge of active ransomware families, threat actors, and affected sectors
Threat profiling and malware correlation
Basics of malware analysis, Malware sandbox technology, Yara rule creation, Git, Threat intelligence platform, and EDR technology
Development of publications
JOB REQUIREMENTS
·Bachelors or Master’s Degree in Engineering, Information Security, Computer Science, Digital Forensics, or Cyber Security
·Candidate must have college or related experience in cyber threat research, detection engineering, incident response or digital forensics with a passion for cybersecurity
·Possess or pursuing one or more of the following Certifications is a plus:
oSecurity+, Network+, SANS GREM, GCIH, GCFE, GCFA
·Ability to work 40 hours weekly and during non-standard business hours as required
DISCLAIMER
The above statements are intended to describe the general nature and level of work being performed. They are not intended to be an exhaustive list of all responsibilities, duties, and skills required by personnel so classified.
WORK ENVIRONMENT
While performing the responsibilities of this position, the work environment characteristics listed below are representative of the environment the employee will encounter: Usual office working conditions. Reasonable accommodation may be made to enable people with disabilities to perform the essential functions of this job.
TERMS OF EMPLOYMENT
Salary and benefits shall be paid consistent with Arete's salary and benefit policy.
DECLARATION
The Arete Incident Response Human Resources Department retains the sole right and discretion to make changes to this job description.
EQUAL EMPLOYMENT OPPORTUNITY
We’re proud to be an equal opportunity employer- and celebrate our employees’ differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.
Arete Incident Response is an outstanding (and growing) company with a very dedicated, fun team. We offer competitive salaries, fully paid benefits including Medical/Dental, Life/Disability Insurance, 401(k) and the opportunity to work with some of the latest and greatest in the fast-growing cyber security industry.
When you join Arete…
You’ll be doing work that matters alongside other talented people, transforming the way people, businesses, and things connect with each other. Of course, we will offer you great pay and benefits, but we’re about more than that. Arete is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Arete, where experience matters.
Equal Employment Opportunity
We’re proud to be an equal opportunity employer- and celebrate our employees’ differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.
Skills Required
- Bachelor's or Master's Degree in Engineering, Information Security, Computer Science, Digital Forensics, or Cyber Security
- College or related experience in cyber threat research, detection engineering, incident response, or digital forensics
- Ability to work 40 hours weekly and during non-standard business hours as required
- Familiarity with Threat Intelligence concepts (IOCs, TTPs, MITRE ATT&CK)
- Ability to perform structured data ingestion and maintain data quality within a Threat Intelligence Platform (TIP)
- Familiarity with YARA syntax to develop threat detection and profiling rules
- Ability to identify and research indicators of malicious activity and malware profiling
- Ability to document findings clearly in ticketing systems, reports, and communicate results
- Motivated self-starter with interest in threat research, malware analysis, detection engineering, and DFIR workflows
- Possess or pursuing certifications (Security+, Network+, SANS GREM, GCIH, GCFE, GCFA)
What We Do
Arete is a global cyber risk company whose mission is to transform the way organizations prepare for, respond to, and prevent cybercrime. We are leaders in the cyber incident response business, having worked on thousands of matters since our inception in 2016. When clients engage Arete, they gain access to the world’s leading cybersecurity professionals — anywhere in the world — within hours, not days. We also work with organizations after a cyberattack to harden their systems and controls to help prevent future disruption. We often partner with insurance carriers and their legal counsel in response to cyber insurance claims and are proud to work closely with these firms who are on the frontlines of keeping businesses and local governments up and running after cyberattacks. We are a highly data-driven organization that uses the data we collect and the information we curate not only to improve outcomes for our clients but also inform new models and approaches for cyber risk mitigation and underwriting. We believe in the concept of “collective defense” of our economy, infrastructure, and livelihoods against cybercrime and actively work with law enforcement, government entities, and industry consortia to share our findings and best practices. At Arete, we share a common passion, with uncompromising integrity in all that we do, to help our clients impacted by emerging issues in cybercrime. Through our rapid response and technical expertise, we have significantly reduced the financial impact and business interruption attributed to cyberattacks.







