Turn raw signals into decisions the rest of security can act on.
Threat Intel Analysts curate intelligence that's directly actionable — for the SOC, for IR, for executives. Strong roles balance technical IOC work with structured analytic techniques and a clear point of view for the board.
Tools in scope
Government / military-adjacent
Structured analytic techniques (ACH, key assumptions) tested explicitly.
Commercial CTI vendor
Writing sample required — produce a 1-page strategic brief on a named actor.
// Sample question
How would you decide whether a newly disclosed ransomware crew is relevant to your organisation?
Map their TTPs to MITRE ATT&CK, then compare against your environment's exposed surfaces (initial access vectors used, sectors targeted, regions targeted, dwell-time profile). If alignment is high, push prioritised detections to the SOC and brief leadership on the risk delta and recommended controls, not just the actor name.
AI-graded, role-specific, feedback on every answer. Free to start.