Cyber Threat Intelligence Analyst Job Description
Cyber Threat Intelligence Analyst Duties & Responsibilities
To write an effective cyber threat intelligence analyst job description, begin by listing detailed duties, responsibilities and expectations. We have included cyber threat intelligence analyst job description templates that you can modify and use.
Sample responsibilities for this position include:
Cyber Threat Intelligence Analyst Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Cyber Threat Intelligence Analyst
List any licenses or certifications required by the position: CEH, CISSP, SANS, GCTI, GIAC, GSEC, GCIH, CISA, CSSP, CREST
Education for Cyber Threat Intelligence Analyst
Typically a job would require a certain level of education.
Employers hiring for the cyber threat intelligence analyst job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Intelligence, Education, Computer Engineering, Cyber Security, Technical, Engineering, Technology, Information Security, International Relations
Skills for Cyber Threat Intelligence Analyst
Desired skills for cyber threat intelligence analyst include:
Desired experience for cyber threat intelligence analyst includes:
Cyber Threat Intelligence Analyst Examples
Cyber Threat Intelligence Analyst Job Description
- Creating threat assessments to understand relevance to the enterprise along with potential impact
- Acquiring threat intelligence and technical indicators from external sources
- Produce Threat Intelligence Reports, providing detailed analysis on cyber events, including relevant political, economic and geopolitical variables
- Determine root cause of identified anomalous and or malicious activity through analysis and report generation as applicable in accordance with organizational computer network directives
- Collaborate with external entities and authorities to collect and share Indicators of Compromise (IoC) and discovered intelligence
- Develop and distribute situational activity reports on existing and newly discovered vulnerabilities within and without the organization, as applicable
- Provides daily summary reports of network events and activities for situational awareness and metric generation
- Collaborate with Incident Response and Threat Detection personnel for the investigation and remediation of identified threats
- Watching the internet for emerging threats
- Investigating materials on the Internet
- BA/BS degree in Information Technology or Information Security
- Strong proficiency and recent experience (last 3 years) performing NETFLOW and PCAP analysis using common analysis tools (Wireshark
- Strong or Intermediate ability to apply formal intelligence analysis methods
- Intermediate ability to build intrusion related data visualizations and perform analysis
- Chinese Mandarin language
- Experience applying Kill Chain analysis
Cyber Threat Intelligence Analyst Job Description
- Track threat actors and associated tactics, techniques, and procedures (TTPs) by capturing intelligence on threat actor TTPs and developing countermeasures in response to threat actors
- Feed intelligence and indicators of compromise to Security Incident Management during P1 and P2 incidents, and must be willing to work out of hours should a threat be active
- Experience of industrial control and critical national infrastructure environments (ICS/SCADA/CNI) and understand the threats they face a plus
- Understanding of mitigation activities a plus
- Self-driven and fully accountable for independent effort performed as part of a geographically dispersed virtual team supporting high operational tempo
- In conjunction with management, engage with stakeholders and identify critical business needs or intelligence collection priorities
- Identify new open source intelligence (OSINT) products and sources with a focus on gaining meaningful reporting that can help Shire’s predictive intelligence program
- Monitor and leverage proprietary threat feeds to gather intelligence about threat methods and actors to enhance Shire’s threat intelligence products
- Create threat actor overviews by fusing multiple source reporting into a final product
- Coordinate and share information with other teams within the Cyber Security group
- Must be capable of conducting independent research, work with team members and partner agencies
- Interest in learning about Windows, Linux, Database, Application, Web server, firewall, SIEM log analysis
- No remote delivery
- Source intelligence support to develop DoD mitigation strategies against foreign state Cyber operations
- Bachelor's Degree in Cyber Security, Computer Science, Engineering, Cyber Security or related studies
- Working knowledge of desktop word processing and communications software (Microsoft Office, Visio, Project, PowerPoint, Excel)
Cyber Threat Intelligence Analyst Job Description
- Proactively research emerging cyber threats
- Respond to and ensures requests for information are answered in a thorough and expedient manner
- Proactively monitor and analyze external cyber threats and assess risk
- Model and analyze the likelihood that an emerging threat will impact the organization and identify where the weaknesses are
- Support the Security Operations Center incident response and investigations
- Provide actionable and timely threat intelligence to the Security Operations Center
- Develop and share actionable threat intelligence with industry peers
- Communicate research results in both open and closed forums
- Coaches/mentors threat intelligence analysts of less experience
- Produce threat intelligence providing situation awareness of cyber threats impacting global network infrastructure
- Possession of industry standard certification such as CISSP, CISM, GCIH, CEH, GCFA, and GREM
- Bachelor's degree preferably in Computer Science, Information Security, or related discipline
- Minimum of 5 to 7 years' Information Security or Threat Intelligence experience with focus on cyber security, incident response, cross channel fraud or related discipline
- Splunk, maltego, scripting, experience performing Hunting activities
- Experience in the securities or financial services industry a plus
- Communicates complex ideas
Cyber Threat Intelligence Analyst Job Description
- Research, collect, distill, and disseminate tactical, strategic and operational intelligence to key stakeholders
- Coordinates with Management and decision makers to deliver timely and actionable hands on intelligence delivered in a clear, concise manner
- Leverage and expand the capabilities of existing analytical tools and technologies
- Develop and maintain expertise in a wide variety of technology platforms, threat vectors, and threat actors
- Serve as an open source Cyber threat intelligence analyst
- Provide functional analytic support pertaining to a wide-range of Cyber threat actors
- Perform analytic support focused on Cyber doctrine, policies, strategies, capabilities, and intent to conduct Cyberspace operations and Cyber-oriented groups, individuals, organizations, tools, tactics, and procedures
- Respond to internal customer inquiries of cyber-related threats impacting the financial sector
- Provide analytical presentations to management and internal customers
- Provide support for Junior Analysts in conducting analysis
- Academic and educational requirements can be substituted for Military or Governmental Agency Intelligence positions
- Providing updates on the cyber threat landscape, including cyber espionage, ecrime and hacktivism
- Collecting, assessing, and cataloging threat indicators and responsibility for adding context to threat indicators to convey urgency, severity, and credibility
- Cultivating and assessing new sources of threat information and intelligence
- Dynamic analysis of malicious code, either manually or through a malware sandbox
- Analyze DNS, network, honeypot, IDS/IPS, logs and other common industry hunting tools and feeds
Cyber Threat Intelligence Analyst Job Description
- Perform intelligence collection and analysis to support requests for information and generation of intelligence information for specific threat intelligence products
- Produce written and verbal threat intelligence products and communications for delivery to and action by multiple stakeholders
- Participate in executing projects to continuously improve threat intelligence sources, tools, processes, and deliverables
- Help define and execute projects to continuously improve threat intelligence sources, tools, processes, and deliverables
- Execute strategic and tactical operations focused on developing, applying, and communicating a deep understanding of cyber campaign and nation state threats to protect the enterprise
- Provide security and threat intelligence thought leadership to stakeholder organizations
- Provide security and threat intelligence mentoring to other teammates
- Stay up to date with technology trends, malware and cyber attacks related to an assigned tactical topic
- Perform open source intelligence (OSINT) collection and analysis, identifying indications of cyber threats, malicious code, malicious websites, and vulnerabilities
- Work with third parties developing shared intelligence
- Exposure to Security Analytics, Network and End-Point Threat Detection Products
- Disk/network/memory investigation tools, log analysis, and developing custom scripts/functionality
- IT and InfoSec background including cryptography and network/systems security
- 2+ years performing information security incident responses are preferable
- Experience working with specialized specific intelligence sources such as human intelligence (HUMINT), signals intelligence (SIGINT), geospatial intelligence (GEOINT), measurement and signal intelligence (MASINT), open source intelligence (OSINT)
- Experience working with intelligence organizations, preferred experience with foreign partners and national level agencies