top of page

Cyber Threat Intelligence Analyst


Cyber Threat Intelligence Analysts analyse information pertaining to the cyber threat landscape.

Role Profile

Cyber Threat Intelligence Analysts conduct the collection and analysis of information pertaining to the cyber threat landscape of a business. A Cyber Threat Intelligence Analyst supports the security position of the company by developing a thorough understanding of the threat landscape through the delivery of timely and actionable intelligence. Cyber Threat Intelligence Analysts detect, analyse, record and disseminate analysis of cybersecurity attacks and conduct daily monitoring of the threat landscape to detect and provide early warning of emerging threats and events that may impact the business. Cyber Threat Intelligence Analysts may work with social media monitoring tools, and industry and commercial intelligence feeds, as well as relying on their own open-source intelligence techniques.

Standard Responsibilities

The main responsibilities for an Intelligence Analyst include:

  • Detecting cyber incidents impacting the business and third parties in the sector, vendors or other critical infrastructure entities.
    Analyse collated data using Structured Analytical Techniques and specialist software.

  • Disseminate your analysis in formal products to managers and other agencies as presentations and desk-level briefings.

  • Monitor the behaviour of individuals or groups involved in cyber-enabled crimes.

  • Review the effectiveness of your analysis to direct future activity.

  • Act as an expert witness in court.

  • Develop relationships with customers to understand their intelligence requirements. 

Required Skills

A Cyber Threat Intelligence Analyst requires the following skills:

  • Analytical thinking skills

  • Advanced IT skills.

  • Thinking and reasoning skills

  • Ability to be thorough

  • A key eye for detail

  • Ability to use your own initiative

  • Excellent written and verbal communication skills

  • Presentation skills

  • Discreet, as you will need to observe strict non-disclosure rules about your work.

  • Familiarity with the intelligence cycle.

  • Knowledge of key cyber concepts.

  • Experience with social media monitoring tools and methodology.

  • Experience with Open Source Intelligence (OSINT) products and sources.

  • Knowledge of OSINT investigation techniques.

  • Experience in Threat Intelligence, Incident Response, or cybersecurity technology.

  • Background in technical cyber analytics such as networks, malware analysis, incident response and/or honeypots.

  • Understanding of threat intelligence frameworks, such as MITRE ATTACK, the cyber kill chain, the diamond model

  • Have the ability to reverse engineer malware by performing static and dynamic analysis.

  • Strong working knowledge of offensive security including attack methods and techniques.

  • Knowledge of protocols, tools and methods to acquire and manage technical threat intelligence data.

  • Fundamental knowledge of computer networking.

  • Ability to write scripts in Python, JavaScript, or another programming language.

  • Qualifications are desirable including GREM, GCFA, GCFE, GCTI, GNFA, CREST and CompTIA.


Education Requirements

Generally,  Cyber Threat Intelligence Analysts will need a degree to meet the minimum education requirements. This degree can usually be within any subject, however, Intelligence, Security and cyber-related degrees are preferred. Most Cyber-Threat Intelligence Analysts will also ask for experience in Cyber Security or a Cyber Security qualification.

Salary Expectations

The salary of a Cyber Threat Intelligence Analyst is varied. 

Below you can see a range of current standard starting salaries for a Cyber Threat Intelligence Analyst:

  • Civil Service: £30,000 - £35,000

  • Private Sector: £22,000 - £60,000

Personal Development

Intelligence professionals are offered Continued Professional Development (CPD) opportunities through several channels.

Some of these offerings include:

  • Intelligence courses, including National Intelligence Analyst Training (NIAT) and the Intelligence Proffesionatioant Programme (IPP). These courses cover Structured Analytical Techniques, report writing, Intelligence theory, etc.

  • Cybersecurity-related courses such as CompTIA, CREST, or SANS.

  • Briefings, both internal and from partner organisations.

  • Presentations

  • Conferences

  • Shadowing colleagues

  • Secondments to other teams and organisations.

  • e-learning training, such as Intelligence with Steve.

  • One-to-one mentoring, from more experienced team colleagues or line managers.

bottom of page