Cybersecurity Threat Intel/Researcher


Interested in investigating computer crimes and breaches that make the headlines – and many more that don’t? Can you think like an attacker to stay one step ahead of them, or understand the operational security controls needed to detect, remediate, and prevent compromises? Arete Incident Response is seeking a motivated and skilled individual to track cyber threat activity and actors. This role functions in a team, but often will work independently to provide a constant stream of information to meet analyst and customer requirements.


  • Operate in a safe and secure manner to perform Open Source research, including research that involves sophisticated APT actors
  • Build and maintain targets that allow for the efficient and accurate collection of information of threat intelligence value in order to satisfy research requirements
  • Monitor specific cyber threat actors or groups to understand their tactics, techniques and procedures
  • Track cybercrime threats based on technical analysis, forums, social media monitoring, and publicly available sources
  • Collaborate with other cyber threat researchers based on developed SME area
  • Collaborate with digital investigation personnel and incident response specialists to provide targeted Threat Intelligence reports for ongoing or prospective engagements
  • Perform Intelligence activities in multiple languages using secure translation software
  • Use a wide variety of Threat Intelligence tools and websites, including the dark web
  • Collaborate with law enforcement as directed by executive leadership for both engagement support as well as information sharing
  • Provide customized reports and research for information sharing services clients
  • Provide targeted and actionable Threat Intelligence reports for MDR and long-term Cybersecurity services clients
  • Clearly communicate findings in written reports
  • Protect proprietary company and personal information from disclosure
  • Respond to tasking and direction as provided by the team leader


  • 3+ years of work experience in one or more of the following roles: Information Security, Cyber Threat Research, Cyber Crime investigations, Cyber Threat Analysis, Cyber Threat Campaign Tracking
  • Proven Intelligence Analyst skillset
  • Understanding of computer intrusions, malicious code, threat finance, money laundering / fraud / eCrime, and other criminal activity
  • Understanding of online operational security methods and Information Security best practices
  • Understanding of difference between Information and Intelligence
  • Basic level of understanding and experience with programming or scripting languages (C/C++, Java, Python, Go, etc)
  • Ability to express complex technical and non-technical concepts verbally, graphically, and in writing
  • Good knowledge of different operating systems and the command line, minimum of Windows and Unix/Linux
  • Knowledge of computer networking
  • Collection, analytical and research skills
  • Must pass drug screening + background check

Additional Qualifications

  • Degree in Computer Engineering, Computer Science, Information Assurance, or related technical discipline.
  • Understanding of malware or exploitation techniques
  • Experience working with network sniffers and port scanners
  • Ability to think critically and properly qualify analytic assessments
  • Experience conducting analysis of electronic media, packet capture, log data, and network devices in support of intrusion analysis or enterprise level information security operations
  • Ability to multitask while in an extremely chaotic environment that moves at a rapid pace while providing SME level Intelligence analysis and managing internal and external customer expectations
  • Eligibility for Top Secret Security Clearance is a plus