Description
Gather, analyze, and disseminate intelligence from open, proprietary, and technical sources to anticipate, detect, and help prevent cyber and related threats. Turn raw data into actionable insights that guide risk decisions, detection engineering, and incident response.
- • Monitor open, dark web, and vendor sources for emerging threats.
- • Correlate external intelligence with internal telemetry (SIEM, EDR, network, email).
- • Produce actionable intelligence reports, alerts, and briefings.
- • Track threat actors, campaigns, TTPs, and IOCs; map to MITRE ATT&CK.
- • Prioritize threats by relevance, capability, intent, and exposure.
- • Maintain and tune threat intelligence platforms and integrations (STIX/TAXII, APIs).
- • Enrich investigations with context, indicators, and attribution assessments.
- • Translate intelligence into detections, signatures, and analytics.
- • Build and manage indicator watchlists, blocklists, and lifecycles.
- • Validate, corroborate, and score source reliability and confidence.
- • Identify intelligence gaps and define collection requirements.
- • Perform link, temporal, and infrastructure analysis to reveal patterns.
- • Develop and maintain adversary profiles and playbooks.
- • Collaborate with SOC, incident response, vulnerability, and risk teams.
- • Warn on high-risk vulnerabilities and exploits; recommend mitigations.
- • Create dashboards, threat maps, and knowledge bases.
- • Brief executives and technical teams on analytic findings.
- • Provide real-time threat support during incidents and crises.
- • Automate collection, enrichment, and sharing via scripts or SOAR.
- • Share and receive intelligence with ISACs, peers, and government partners.
- • Protect sensitive intelligence with proper handling and dissemination controls.
Related specializations
Interview options
Interview options
Interviewee gender
Interviewee accent
Interview time
Related Pathways
Public Service & Safety
View
Source
Tasks & skills:
O*NET occupational data (work activities, skills, knowledge).
Learn more
Sources & Standards:
This site includes information from O*NET by the U.S. Department of Labor, Employment and Training Administration (USDOL/ETA), used under the CC BY 4.0 license. Career Clutch has modified some of this information for student readability. USDOL/ETA has not approved, endorsed, or tested these modifications. O*NET® is a trademark of USDOL/ETA.
Last reviewed: Jan 2026