6 Tips to Jumpstart Your Threat Intelligence Career
By Amanda McKeon on March 31, 2017
According to the Bureau of Labor Statistics, employment of information security analysts is expected to grow 18 percent from 2014 to 2024 — much faster than the average for all occupations. Because the demand for threat intelligence analysts is so high, now is the time for those just starting out in the space to plan their career advancement.
We recently spoke to many experts in the cyber security industry, and they had some great advice on how threat intelligence analysts can make moves in the space.
Think Like Your Adversaries
There is always something new every day. The trick is to think like your adversaries so that you can keep up with the ever-changing threat landscape; understanding information technologies processes, incident response, reverse engineering code, writing of exploits based on found vulnerabilities, and having a credible persona to freely move around the underground without suspicion. My job is to protect my clients. I am not law enforcement so going into the underground with that understanding will help get farther into the inner circles. If you flip on people in this community you will be blacklisted and then have to start from scratch and build a new accepted persona — which can take years.
Never Give Up on the Pursuit of Knowledge
Intelligence analysis to me is a discipline that’s not mastered overnight, and just when you think you’ve got it mastered, you learn something new. Intelligence is a field for those who have an inquisitive mind and aren’t afraid to ask themselves “What if …” hundreds of times a day. Never give up on the pursuit of creating actionable intelligence, because the intelligence you provide people is appreciated more then you may realize or get credit for. Understanding core disciplines, the intelligence lifecycle, and processing intelligence is just as important as the ability to actually use intelligence. Always keep in your mind that intelligence produced but not used is wasted. Always make sure that you have processes and procedures in place to leverage the intelligence produced. Intelligence is of greater value if you can apply that intelligence to a situation, or put in context, and truly understand what it means.
Become a Master in a Singular Domain
Take time to gather information on what is the up-and-coming area within security. Then become a master in a singular domain. This will allow you to see the trees not just the forest.
Director, IS, Cyber Incident Response Team, Accenture
Continuously Build Your Network
Two tips here. First, pick an area and become the master of that area. I started as a “sniffer jockey” — I did network troubleshooting at the packet level and spent all my waking moments learning more about the protocols until I had something to contribute. But more importantly, always be building your network! Find the people who need the things you know and find ways to share with them, but also find the people who know the things you don’t know, and find ways to learn from them. Always teaching. Always learning. Always networking.
Always Be Curious
I think the most important part of being an analyst is being curious. A day’s news may be boring, but the industry is fascinating, and it’s important to try to get something out of every project. I’ve had a lot of roles across my time in the government, academe, and the private sector and the boring roles tend to be where you learn the most if you have the curiosity to make the best of it. When I interview individuals to join our team, I always look for indications of curiosity, and I ask them about previous roles to get a sense of what they made of them.
Don’t Forget the Passion
There’s not a perfect path to anything. At our level it is no longer a science, but an art. You can have all the certifications and degrees you want, and they’ll open some doors, but to be inspired you have to have passion. Belief in your mission — and the leaders that you follow. Oh, and a healthy dose of Occam’s Razor. Most likely the malicious actors aren’t nation state actors, and if you haven’t found their persistence, they probably never got it.
Clearly a common theme of these industry experts’ insights is the need to stay knowledgeable of current threats and vulnerabilities. This is easier said than done, of course, because there is endless amounts of information available, and it’s nearly impossible to organize all of this information manually.
To help with this mission, more than 26,000 cyber security professionals use our Cyber Daily email to stay on top of trending technical indicators such as the top targeted industries, most active threat actors, exploited vulnerabilities, and more. Discover how this daily dose of threat intelligence can help advance your career.