Cyber Threat Analyst/Threat Intelligence Analyst

MitMMitM Member Posts: 617 ■■■■□□□□□□
I was debating on posting this in the job section, but I decided here instead. Sorry in advance if it's a dumb question


I know titles in the security field mean different things depending on the company, but I was wondering what skills are needed to be a Cyber Threat Analyst or Threat Intelligence Analyst. What certifications/courses are helpful in pursuing that route?

Honestly, I always thought this was the same as a Security Analyst/ Info Security Analyst until recently, I came across people working at the same company where some were Info Sec Analyst and others were Threat or Threat Intelligence Analysts

Comments

  • soccarplayer29soccarplayer29 CISSP, CISA, PMP Member Posts: 230 ■■■□□□□□□□
    Preface: we've concluded that titles are usually a bad indicator of actual duties.

    Sounds like a "purple team" type role to me. The defensive blue team logging, log analysis, alerting, incidents, intrusion detection & analysis, etc. mixed with understanding the offensive attack vectors of enumeration, pivoting, privilege escalation, etc.

    Edited:
    Helpful certifications:
    • CySA+, CCNA CyberOps, CASP, GIAC 401/504, eLS PND/PWD
    • CEH, OSCP, OSCE, EnCase, SANS, eLS CCPT/THP
    Some duties with "Security Analyst" are just security policies, sys admin, compliance analyst, etc. And likely some "Cyber Threat Analyst" duties are really just SOC log analysis.
    Certs: CISSP, CISA, PMP
  • MitMMitM Member Posts: 617 ■■■■□□□□□□
    Thanks for the reply. Are those eLS courses worth it? I see they are over $1000 each
  • HeisenbugHeisenbug Registered Users Posts: 7 ■■□□□□□□□□
    Agreed with soccarplayer29, it would be a senior cyber sec role in terms of expertise and not so much team management. Skillsets i would reckon would be extensive linux experience, data and network forensics, log analysis, reverse engineering 32/64, proactive and reactive defense, incident handling etc etc. It's a real smorgasbord of cyber security, you couldn't nail it down in one course.

    You've got good certs already, i wouldn't bother with learning any course material with CCNA cyber ops, you've got it covered with CySA already, it'd be a waste of your time, grab the cert if you have the spare cash available, cisco just looks nice on CV's and it usually always catches the eyes of HR personnel. Second that with CEH, it's a buzzword that made it's way into the consciousness of the uninitiated but the course material is nothing but colorful powerpoint slides and pdf's with outdated knowledge, it's a waste of time looking at it but again the cert looks nice, grab it if you have the money.

    For course material, safaribooksonline is good value for money for the material you have access to, i use it when i need to and cancel it when i don't but i found myself watch alot of content from Packt, when i'm done i'd bounce to Pentester Academy and try some of their stuff. The sub is 100 dollars 1st month, then 40 dollars for each subsequent month but they've got a bulls**t limit on how many vids you can watch each month (100 vids)
    SANS is just way way too expensive for me to even consider paying for privately, the prices are insane unless you have corporate sponsorship.
    Thanks for the reply. Are those eLS courses worth it? I see they are over $1000 each

    I would like to know this as well, i got a pushed a notification on LinkedIn on someone that passed it but he's got a well-paid position already at CME group, money isn't a problem for him.
  • soccarplayer29soccarplayer29 CISSP, CISA, PMP Member Posts: 230 ■■■□□□□□□□
    Having never completed any of the eLS courses/certifications I can't provide a fully informed response.

    I've started the eLS eJPT and it seems solid. The eLS courses are cheap in comparison to SANS but expensive compared to almost everything else other than bootcamps. The eLS courses include labs and are more practical/hand-ons than most training courses which is the real differentiator in my mind. eLS posts on techexams are generally glowing reviews. The exceptions to the positive reviews is that eLS release new content and then attempts to upcharge users who may have just purchased the course rather than a complimentary upgrade.

    Another thing to learn/utilize in this sort of role: Splunk, ELK, etc.
    Certs: CISSP, CISA, PMP
  • MitMMitM Member Posts: 617 ■■■■□□□□□□
    thank you both. I'd like to attends a SANS class, but not out of my pocket :)
Sign In or Register to comment.