Threat Intelligence Analyst Resume Example
A specialized threat intelligence analyst resume template highlighting threat research, adversary tracking, and intelligence reporting skills for cybersecurity professionals in 2026.
Last Updated: 2026-03-10 | Reading Time: 8-10 minutes
Quick Stats
Threat Intelligence Analyst Resume Example
Samantha Liu
samantha.liu@email.com | (571) 555-4720 | Reston, VA
linkedin.com/in/samanthaliu-threatintel
Professional Summary
Threat Intelligence Analyst with 5 years of experience in strategic, operational, and tactical cyber threat intelligence. Tracked 30+ advanced persistent threat groups and produced 150+ intelligence reports that directly informed defensive operations for organizations managing $500B+ in assets. GCTI and CTIA certified with expertise in OSINT, dark web monitoring, and malware campaign analysis.
Experience
- •Track and profile 30+ APT groups targeting financial services and critical infrastructure, producing biweekly strategic intelligence briefings consumed by 200+ enterprise clients
- •Authored 80+ finished intelligence reports on emerging threats including ransomware campaigns, supply chain attacks, and zero-day exploitation, with a 94% actionability rating from consumers
- •Developed automated IOC enrichment pipeline integrating 15 intelligence feeds, reducing analyst research time by 60% and increasing IOC production by 3x
- •Briefed C-suite executives and government stakeholders on threat landscape shifts, directly influencing $8M in defensive technology investments
- •Monitored dark web forums, Telegram channels, and paste sites to identify threats against 50+ client organizations, providing early warning on 12 planned ransomware attacks
- •Produced 70+ tactical intelligence products including IOC packages, YARA rules, and detection signatures consumed by SOC teams across 200+ client environments
- •Conducted malware campaign analysis on 25+ threat actor toolsets, mapping TTPs to MITRE ATT&CK framework and contributing to 8 published threat reports
Education
Technical Skills
Threat Intelligence Lifecycle • OSINT Collection & Analysis • Dark Web Monitoring • Malware Campaign Analysis • MITRE ATT&CK Mapping • IOC Management • YARA Rule Development • Intelligence Report Writing • Threat Actor Profiling • Python Scripting • Data Visualization
Certifications
- GCTI (GIAC Cyber Threat Intelligence)
- CTIA (Certified Threat Intelligence Analyst)
Why This Resume Works:
- Quantified achievements with specific metrics
- Keywords match common job descriptions
- Clean, ATS-compatible formatting
- Strong action verbs throughout
How to Write a Threat Intelligence Analyst Resume
Professional Summary
Highlight the number of threat groups tracked, intelligence products delivered, and the impact on client decision-making. Specify the intelligence types you produce (strategic, operational, tactical).
Work Experience
Quantify reports produced, threat groups tracked, IOCs generated, and business impact of your intelligence. Include examples of how your analysis directly influenced defensive actions.
Skills Section
List collection methods (OSINT, HUMINT, dark web), analysis frameworks (Diamond Model, Kill Chain, ATT&CK), and technical skills (YARA, Python, threat intel platforms).
Action Verbs for Threat Intelligence Analysts
Threat Intelligence Analyst Resume Keywords
These keywords appear most frequently in Threat Intelligence Analyst job descriptions. Include relevant ones in your resume:
Technical Keywords
Cyber Threat IntelligenceOSINTDark Web AnalysisIOC ManagementYARA RulesMITRE ATT&CKDiamond ModelKill ChainThreat Actor ProfilingMalware Campaign AnalysisTTP MappingIndustry Keywords
APT TrackingIntelligence LifecycleStrategic IntelligenceTactical IntelligenceFinished IntelligenceIntelligence RequirementsThreat LandscapeTools & Technologies
Recorded FutureMISPMaltegoVirusTotal EnterpriseShodanCensysThreatConnectAnomaliYARAPythonSplunkJupyter NotebooksCommon Mistakes to Avoid
Not differentiating between strategic, operational, and tactical intelligence
Specify the type of intelligence you produce. Strategic briefings for executives differ greatly from tactical IOC packages for SOC teams.
Listing only technical skills without analytical writing
Intelligence roles require strong writing. Mention reports authored, their ratings, and the audience they served.
Not quantifying intelligence output
Include metrics: "80+ intelligence reports," "30+ APT groups tracked," "3x increase in IOC production"
Focusing only on collection without analysis
Show the full intelligence cycle: requirements, collection, processing, analysis, dissemination, and feedback. Analysis and impact matter most.
Omitting impact on defensive operations
Connect your intelligence to action: "Early warning prevented 12 ransomware attacks" shows real-world impact.
Threat Intelligence Analyst Resume FAQs
What is the best certification for threat intelligence analysts?
GCTI from SANS is the most respected technical certification. CTIA from EC-Council is also recognized. For strategic intelligence, a background in intelligence analysis (military or government) is highly valued.
Do I need a technical background for threat intelligence?
Not necessarily. Many analysts come from political science, intelligence studies, or military intelligence backgrounds. However, basic technical skills (networking, malware concepts, scripting) are increasingly expected.
How do I break into threat intelligence?
Start in a SOC role or security research. Build OSINT skills, learn MITRE ATT&CK, practice writing intelligence reports, and participate in CTI communities like CTI League or intelligence sharing groups.
Should I include my security clearance on my resume?
Yes, if applicable. Many CTI roles in defense and government sectors require clearances. List the level (Secret, Top Secret, TS/SCI) without disclosing classified details.
How important is MITRE ATT&CK knowledge?
Essential. ATT&CK is the industry standard for mapping adversary TTPs. Demonstrate you can map threat actor behavior to ATT&CK techniques and produce actionable detection guidance.
What does a typical threat intelligence report look like?
Reports vary by audience. Strategic reports cover threat landscape trends for executives. Tactical reports include IOCs, YARA rules, and detection signatures for security teams. Show you can produce both.
Ready to Optimize Your Threat Intelligence Analyst Resume?
Our AI-powered resume analyzer will score your resume against ATS systems, find missing keywords for Threat Intelligence Analyst roles, and give you specific improvement suggestions.
Related Resume Examples
Software Engineer Resume Example
Professional Software Engineer resume example with ATS-optimized template. Learn what recruiters look for and get hired faster at top tech companies.
Data Scientist Resume Example
Professional Data Scientist resume example with ATS-optimized template. Learn how to showcase your ML skills and statistical expertise.
Frontend Developer Resume Example
Professional Frontend Developer resume example with ATS-optimized template. Learn how to showcase your UI/UX development skills and land roles at top companies.
Last updated: 2026-03-10 | Written by JobJourney Career Experts