Answer the call.
Defend forward.
A life lived without service to a greater cause is meaningless. Lose yourself in service, and you will find your true self.
The spirit of the CSFI CTI Internship
Step onto the frontline of cyber threat intelligence.
You will join the CSFI Cyber Threat Intelligence Division and help meet cyber threats head on, wherever they emerge. The division answers Requests for Information quickly and develops customized solutions, assessing foreign and domestic threats and spreading awareness across the intelligence community.
Real tradecraft
OSINT research, structured intelligence reporting, and threat actor profiling on live questions, not busywork.
Guided by mentors
You are placed into a section and learn research methodology and analytic technique from experienced section leaders.
A stepping stone
Graduates move into cybersecurity and intelligence careers, and into CSFI volunteer leadership roles.
Eight sections. One mission.
Interns rank their preferred sections during the application. Each focuses on a distinct corner of the threat landscape, from nation state operations to ransomware and emerging threats.
China
Step into China's cyber landscape. Explore technology trends, state sponsored cyber operations, and global implications.
DPRK & East Asia
Decode cyber threats from the Korean Peninsula and beyond: North Korean campaigns, East Asian security dynamics, and regional defense.
Russia & Eurasia
Dive into Russia and the former Soviet states: nation state attacks, regional cybercrime, and how cyber tools shape politics.
Iran & MENASWA
Explore cyber threats across Iran and MENASWA: nation state operations, influence campaigns, and regional policy.
Emerging Threats
Investigate activity that defies attribution. Track nascent threat clusters and assess impact as unknown actors evolve.
Cyber Law & Policy
Explore international cyber law, regulation, and policy frameworks. For interns drawn to governance and ethics.
Ransomware
Examine ransomware actors, attacks, and mitigation. For interns passionate about stopping cyber extortion.
CVEs
Uncover weaknesses in software and hardware: zero day exploits, patch management, and vulnerability disclosure.
Service that the nation can recognize.
This is more than a line on a resume. Outstanding service through CSFI can be recognized at the national level, and every intern earns a credential that travels with their career.
Daria-Romana Pop Award
A highly competitive honor for the most outstanding interns of each cycle.
Dr. Edmond Locard Award
A distinguished award recognizing exceptional contribution to cyber threat intelligence.
Certificate of Achievement
A formal credential awarded to every intern who completes the program.
Title and references
The official CSFI CTI Intern title for your profile, plus letters of recommendation on request.
CSFI participates in the President's Volunteer Service Award program, administered through the Corporation for National & Community Service.
Eligibility at a glance.
The program considers all qualified applicants. International candidates should convert their GPA to a 4.0 scale before applying.
At least 18 years old and proficient in written and spoken English.
A U.S. citizen, or a citizen of a country approved under export control guidelines.
Enrolled at an accredited institution (undergraduate, graduate, or PhD), at least part time.
Minimum cumulative GPA of 3.0 on a 4.0 scale, in good academic standing.
At least 30 academic credits completed (sophomore standing or higher).
An unofficial transcript confirming student status, attached to your application.
What our interns say.
Students from around the world have come through the program. Here is what a few of them took away.
One of the most fulfilling experiences of my professional journey. As a student from an allied nation, the opportunity to join a U.S. based program of this caliber is truly exceptional. Over twelve weeks I built Threat Actor Profile reports on major Russian threat actors.
I learned far more than I expected, not just technically, but in how to think like an analyst, approach problems with curiosity, and stay patient through challenges. I stepped into real CTI tasks rather than observing from the sidelines.
An incredible cycle in Alpha Section. I gained hands on experience drafting CTI reports, using OSINT to research, verify, and transform information into intelligence that highlights strategic shifts in cyber attacks and hybrid warfare.
I immersed myself in CTI, profiling threat actors and applying MITRE ATT&CK, D3FEND, the Cyber Kill Chain, and the Diamond Model. The experience gave me the skills, insight, and confidence to contribute to the cybersecurity community.
Each week I collaborated on detailed CTI reports tracing the evolution of cyberattacks. The experience sharpened my leadership and teamwork, and I am continuing with CSFI as an Assistant Section Lead.
So rewarding. The critical skills I learned prepared me to become a successful CTI analyst. The leadership built a crawl to walk program so you fully understand the field. If you want to become a CTI analyst, this internship is a must.
This program improved my skill sets across the board. Real world examples, great peers, professional CTI terminology, and stronger technical writing all strengthened my research skills.
Three cycles a year. Rolling review.
Applications are reviewed on a rolling basis and positions are filled first come, first served. Have your documents ready, then begin the application in a single session.
What you will need
Summer
Fall
Spring
A tip before you start: do not use your school email address, since many universities block incoming mail from outside senders.
Lose yourself in the mission.
If you are passionate about the mission and want to stand at the forefront of the next generation of cyber intelligence, you are in the right place.
DisclaimerThe Cyber Security Forum Initiative (CSFI) is a privately owned and operated, independent, non-profit entity incorporated in Omaha, Nebraska. Although CSFI strongly supports the defense of the United States and U.S. allies through cyber security oriented educational and training programs in the United States, in other NATO countries, and in countries identified as major non-NATO allies, CSFI is neither a part of, nor represents in any capacity, any U.S. Government agency, including any agency of the U.S. Intelligence Community, nor any other governmental entity in the U.S. or any other country. The term U.S. allies is defined as other NATO countries and major non-NATO allies, identified in 22 C.F.R. section 120.32. CSFI does not use automated decision making, including profiling, in the evaluation of applications.