Torchora
Back to Home

Key Responsibilities and Required Skills for Intelligence Analyst

💰 $60,000 - $120,000

IntelligenceSecurityAnalysisCybersecurity

🎯 Role Definition

An Intelligence Analyst collects, processes, analyzes, and disseminates actionable intelligence to support operational decision-making, threat mitigation, and strategic planning. This role leverages multiple collection disciplines (OSINT, SIGINT, HUMINT, GEOINT), advanced analytical tradecraft, and subject-matter expertise to produce timely, accurate, and defensible assessments for government, defense, law enforcement, or corporate security stakeholders. The Intelligence Analyst converts raw data into intelligence products, manages analytic requirements, and coordinates with cross-functional teams and external partners while maintaining data integrity and classification protocols.

📈 Career Progression

Typical Career Path

Entry Point From:

  • Junior Intelligence Analyst / Research Analyst
  • All-Source Analyst Intern or Cooperative Education (Co-op) position
  • Military Intelligence Specialist (E-3 to E-5) or Reservist with relevant MOS

Advancement To:

  • Senior All-Source Intelligence Analyst
  • Targeting/Threat Intelligence Team Lead
  • Intelligence Operations Manager / Unit Supervisor
  • Senior Cyber Threat Analyst or Strategic Intelligence Officer

Lateral Moves:

  • Open-Source Intelligence (OSINT) Specialist
  • Geospatial Intelligence (GEOINT) Analyst
  • Cyber Threat Intelligence / Incident Response Analyst

Core Responsibilities

Primary Functions

  • Conduct comprehensive intelligence collection and multi-source fusion by integrating OSINT, SIGINT, HUMINT, GEOINT, and structured data sources to produce holistic assessments that directly inform operational planning and executive decision-making.
  • Develop, draft, and validate finished intelligence products — including daily briefs, analytic reports, threat warnings, and strategic assessments — that clearly state findings, confidence levels, analytic assumptions, and recommended courses of action.
  • Design and manage collection plans and analytic requirements, prioritizing information needs, defining collection gaps, and coordinating with collection teams to ensure timely resolution of high-priority intelligence questions.
  • Perform advanced link and pattern analysis using tools such as i2 Analyst's Notebook, Palantir, Maltego, and structured query languages to identify networks, relationships, and emergent threat actors.
  • Monitor and analyze cyber threat activity, campaigns, indicators of compromise (IOCs), and tactics, techniques, and procedures (TTPs) to produce cyber threat intelligence that supports incident response and risk mitigation.
  • Translate raw signals and telemetry (logs, packet captures, malware artifacts) into narrative intelligence products and technical appendices that are usable by both technical and non-technical audiences.
  • Conduct targeting and vulnerability analysis to prioritize adversary capabilities, critical nodes, and high-value assets for kinetic or non-kinetic operations and mitigation plans.
  • Lead and participate in multi-disciplinary analytic tradecraft reviews, red-team assessments, and structured analytic techniques (e.g., ACH, Key Assumptions Check, alternative analysis) to reduce bias and increase analytic rigor.
  • Maintain, curate, and annotate intelligence databases, reporting portals, and classified repositories ensuring metadata, provenance, and citation standards are followed to preserve evidentiary and audit trails.
  • Produce timely tactical warnings and situational awareness updates during crises or fast-moving events, supporting commanders and decision-makers with short-turnaround, high-confidence briefs.
  • Perform adversary profiling and intent/capability assessments by synthesizing historical behavior, open-source reporting, signals, and human intelligence to anticipate likely actions and warn stakeholders.
  • Evaluate source reliability and information credibility for each reporting stream, documenting confidence levels and analytic caveats in accordance with organizational classification and publication standards.
  • Provide subject matter expertise and briefings to cross-functional teams, legal counsel, senior leadership, and external partners, tailoring language and deliverables to the audience’s decision-making needs.
  • Coordinate intelligence sharing and liaison activities with partner agencies, coalition partners, law enforcement, and private-sector stakeholders while maintaining applicable intelligence-sharing agreements and safeguarding classified information.
  • Support targeting and collection operations by drafting requirements, source tasking documents, and collection management products that align with policy, ROE, and privacy regulations.
  • Conduct geospatial analysis and map-based intelligence to identify patterns of life, movement corridors, and terrain impacts to operations using GIS tools such as ArcGIS or QGIS.
  • Validate and quality-assure analytic outputs by applying peer review, red-team critique, and automated checks; remediate analytic gaps and refine models based on feedback and after-action reviews.
  • Track and measure intelligence metrics and KPIs (e.g., timeliness, relevance, accuracy) to inform continuous improvement of analytic processes and workflow automation opportunities.
  • Assist in preparing intelligence inputs for mission planning, risk assessments, and pre-deployment briefs, ensuring that operational units receive actionable, prioritized intelligence.
  • Conduct financial, supply-chain, and open-source investigations to map illicit networks, funding streams, and logistic support structures tied to adversaries or insider threats.
  • Support legal and compliance reviews for intelligence collection, ensuring adherence to privacy law, data protection standards, and internal policies governing data access and retention.
  • Mentor and train junior analysts on analytic tradecraft, collection management, reporting standards, and tools, promoting professional development and team capability growth.

Secondary Functions

  • Monitor social media platforms and emerging online ecosystems for indicators of influence operations, disinformation campaigns, and recruitment activity; prepare rapid-turn social media reports for stakeholders.
  • Support analytic tool development and automation efforts by providing requirements, validating models, and testing data pipelines to improve scalability and repeatability of analytic products.
  • Provide subject-matter input into policy papers, threat assessments for board-level briefings, and enterprise risk registers to align intelligence insights with organizational risk management.
  • Participate in tabletop exercises, war-games, and incident response drills to stress-test analytic workflows, communication channels, and escalation procedures.
  • Support FOIA/FOUO and declassification review processes by preparing redaction recommendations and ensuring documents comply with classification guidance prior to release.
  • Maintain and update personal and team certifications, training logs, and clearance documentation; support background investigations and periodic reinvestigations as required.
  • Contribute to the development and maintenance of standard operating procedures (SOPs), analytic templates, and reporting playbooks to improve consistency across the analytic cadre.
  • Assist in vendor evaluations and procurement by defining analytic tool requirements, conducting capability assessments, and piloting new intelligence platforms.

Required Skills & Competencies

Hard Skills (Technical)

  • Open-Source Intelligence (OSINT) collection and advanced exploitation of social media, public records, commercial databases, and dark web sources to uncover actionable information and attribution.
  • Familiarity with SIGINT/HUMINT/GEOINT concepts and the ability to integrate multi-discipline reporting into coherent all-source assessments.
  • Proficiency with analytic and visualization tools such as Palantir, i2 Analyst's Notebook, Maltego, Analyst Workspace, ArcGIS/QGIS, or equivalent platforms.
  • Experience performing link analysis, network mapping, and entity resolution using structured and unstructured data sets.
  • Strong data manipulation and scripting skills (Python, R, SQL) to automate data ingestion, prepare datasets, and produce reproducible analyses.
  • Knowledge of cyber threat intelligence frameworks (e.g., MITRE ATT&CK, STIX/TAXII) and experience mapping adversary behaviors to established models.
  • Ability to analyze telemetry and security logs, and translate technical indicators into operationally relevant intelligence for non-technical stakeholders.
  • Experience with intelligence reporting standards, citation practices, and structured products (INTREP, SITREP, PIRs, assessments).
  • Geospatial analysis proficiency, including geocoding, heatmaps, route analysis, and map production for operational briefs.
  • Familiarity with classified systems, handling procedures, and compartmented access controls; understanding of security clearance requirements and protocols.
  • Knowledge of legal, policy, and privacy constraints related to intelligence collection, data handling, and information sharing (e.g., privacy laws, ECPA, FOIA).
  • Experience with machine learning/analytics toolchains or working with data scientists to operationalize predictive models and anomaly detection where applicable.

Soft Skills

  • Exceptional analytical reasoning and critical thinking with demonstrated ability to synthesize disparate information quickly and accurately.
  • Clear, concise, and persuasive written communication; ability to produce polished reports, executive summaries, and briefing slides under tight deadlines.
  • Strong verbal presentation skills and comfort briefing senior leaders, partners, and cross-functional teams.
  • Sound judgment and decision-making under pressure; ability to prioritize conflicting requirements and manage ambiguity.
  • High attention to detail and commitment to accuracy, sourcing, and appropriate caveats in all analytic products.
  • Collaborative team-player who can build relationships across internal stakeholders and external agencies to enable timely intelligence sharing.
  • Intellectual curiosity and continuous learning mindset to stay current on emerging threats, technologies, languages, and regional expertise.
  • Cultural awareness and sensitivity when handling reporting that affects diverse populations or cross-border operations.
  • Time-management and project coordination skills, including experience leading small analytic projects or working groups to completion.
  • Coaching and mentoring ability to develop junior analysts and raise overall analytic capability across the team.

Education & Experience

Educational Background

Minimum Education:

  • Bachelor’s degree in Intelligence Studies, Political Science, International Relations, Computer Science, Criminal Justice, Homeland Security, Geography, Data Science, or related field.

Preferred Education:

  • Master’s degree in Intelligence Analysis, Security Studies, Data Analytics, Cybersecurity, Applied GIS, or a related advanced degree.
  • Additional training or certifications in analytic tradecraft, cyber threat intelligence, or GIS is advantageous.

Relevant Fields of Study:

  • Intelligence Analysis / Security Studies
  • International Relations / Political Science
  • Computer Science / Data Science / Cybersecurity
  • Geography / Geospatial Sciences
  • Criminology / Law Enforcement Studies

Experience Requirements

Typical Experience Range: 2–7 years of relevant intelligence or analytic experience for mid-level roles; 0–2 years for entry-level; 7+ years for senior roles.

Preferred:

  • 3–5 years of all-source or discipline-specific intelligence experience in government, defense, law enforcement, or the private sector.
  • Prior operational or deployed experience, or experience working directly with mission partners and field operators.
  • Active or past security clearance (TS/SCI preferred for many government and defense roles).
  • Demonstrated use of analytic tools (Palantir, i2, ArcGIS) and scripting for data manipulation (Python/SQL).
  • Relevant certifications such as GIAC Cyber Threat Intelligence (GCTI), SANS analytic courses, Certified Information Systems Security Professional (CISSP) for cyber-focused roles, or other recognized intelligence tradecraft credentials.
Explore More Careers