Posted: 4 Min ReadExpert Perspectives

6 Skills That Will Turn You into a Great Threat Intel Analyst

If you’re thinking about pursuing a career in cyber threat intelligence, the stars are in alignment. Threat intelligence has never been more in demand. But what distinguishes the good candidates from the great ones?

With companies struggling to hire candidates with the right skills and experience, talented analysts are more in demand than ever before.

But what skills will you need to make the cut? While there’s no single, best answer – and few people possess the full combination of technical skills and intelligence analysis experience an organization might want in their “dream candidate” - don’t let that leave you discouraged. While the imbalance between supply and demand is especially acute, anyone can acquire the necessary skills over time by dint of perseverance and hard work. If any of you are aspiring analysts, we’ve compiled a checklist to help you navigate that journey.

Formal Degree in a Related Field

Some of the best intel analysts have taken unconventional paths to their current work, but all eventually either acquired a degree in a field like computer science or information assurance; several IT certifications; or both. This formal education gives a threat analyst the foundational knowledge, and skills necessary to perform their job in the field of information technology and cyber security.

What if you would like to become a threat intelligence analyst, but already have an undergraduate degree in another field? An alternative, which has worked for many individuals similarly situated, is to complete an online master’s degree program in information assurance. More than 50 U.S. universities offer such programs, which can be found in sources like Best College Review and U.S. News & World Report 

IT Certifications 

First item on your agenda: Make sure you have an IT certification. That’s going to be particularly important if you don’t have an undergraduate degree in computer science, computer engineering, or an IT-related field. It’s also key if you lack experience and background in intelligence analysis and have no prior technical experience. Certifications provide some technical skills and fundamentals. What’s more, they signal to prospective employers that you take the initiative and are willing to learn.

Which certifications you need will depend on your technical background and the specialty career path you choose to pursue. 

Try not to obtain more than four to six certifications. Two reasons for that.

  1. Each certification requires a certain number of continuing education units (CEU) to keep them current and renewed. Continuing education is both time-consuming and costly to attend. Also, the sundry conferences, meeting, and training sessions that go along with each certificate may be far from where you live.
  2. Too many IT certifications on your résumé may raise a red flag for employers. Some may conclude that while you may be qualified on paper, you don’t have the real-world experience to perform the job.   

Visual Link Analysis Tools

Visual link analysis tools allow analysts to see multilevel links among different threat actors, entities, and IT infrastructure. Link analysis tools assist the analyst in visualizing and contextualizing the connections between different elements involved. Several link analysis tools are available for use for data visualization, such as i2 Analyst’s Notebook, Maltego, Sentinel Visualizer, and others. Every such tool has a distinct learning curve, but they have enough similarities that you may find it easy to learn another after having learned one.  If you haven’t used a visual link analysis tool before, we suggest learning one of the free open source platforms, Social Network Visualizer or Gephi.

Open Source Intelligence (OSINT) 

You must be familiar with Open Source Intelligence (OSINT) and stay abreast of the latest developments and trends. Open Source Intelligence consists of an array of information found in the public domain, including social media, social networks, online forums, websites, blogs, videos, and news sources.    

Communication Skills 

Learn to communicate in simple, declarative English. A successful threat intelligence analyst must be able share their ideas and findings in well-written reports. Most organizations will have at least one editor on staff to assist in the production of report. But you can help speed the editorial process along by writing clear, concise prose. There are many resources available to improve your writing skills, but we recommend The Elements of Style by William Strunk, Jr., and E.B. White.  This guide to great writing was named by Time Magazine as one of the 100 best and most influential books written in English since 1923. And for good reason.

Public speaking skills are also vital as you will need to communicate with colleagues and management, and give presentations to prospective and current customers. A good way to improve your skills is to join a Toastmasters Club, a global nonprofit educational organization that helps members improve their communications, public speaking, and leadership skills.

Subject Matter Expert (SME) and Foreign Language Skills 

Your journey toward becoming a first-class threat analyst will almost certainly require you to become a subject matter expert (SME) in a specific geographic region of the world.  The expertise which comes with being a regional SME will improve the quality of your threat reports. At a minimum, you must stay current on geopolitical issues pertaining to your region of expertise. 

The ability to read a foreign language relevant to your area of expertise (e.g., Russian, Standard Chinese, Korean, Arabic, or Farsi) will help you understand publications in their original language.  Foreign language expertise provides you with a deeper insight into regional attitudes about geopolitical issues, to complement Western news sources.

If you found this information useful, you may also like:

Project Desert Host” report   

DeepSight Adversary Intelligence

Great Threat Intelligence: Do’s and Don’ts



About the Author

Symantec DeepSight Adversary Intelligence Team

Managed Adversary and Threat Intelligence (MATI)

Symantec’s managed adversary and threat intelligence (MATI) team of intelligence analysts & researchers are dedicated to understanding the adversary ecosystem and providing insightful customer reports detailing their plans, tactics, tools, and campaigns.

Want to comment on this post?

We encourage you to share your thoughts on your favorite social platform.