What should I include on a threat intelligence analyst resume?

A strong threat intelligence analyst resume should include a targeted summary, relevant skills section with industry keywords, quantified experience bullets showing measurable impact, and education or certifications. Focus on results and metrics rather than just listing responsibilities.

How do I make my threat intelligence analyst resume ATS-friendly?

Use a clean, single-column format with standard section headers (Experience, Education, Skills). Include keywords from the job description naturally throughout your resume. Avoid tables, graphics, and unusual fonts. Use a standard file format like PDF and ensure your contact information is in plain text.

What are the most important skills for a threat intelligence analyst resume?

The most important skills vary by specific role and employer. Review the job description carefully and match your skills section to the required qualifications. Include both technical/hard skills and relevant soft skills. Use the exact terminology from the job posting to pass ATS keyword filters.

Threat Intelligence Analyst Resume Example (2026)

Elias Thornton

Arlington, VA | [email protected] | (555) 482-9137 | linkedin.com/in/eliasthornton

Summary

Threat intelligence analyst with 5 years of experience tracking APT groups and producing strategic and tactical intelligence for enterprise SOC teams. Authored 120+ intelligence reports that directly informed detection rules, reducing mean time to detect by 40%. Skilled in OSINT, malware analysis, and threat modeling using Diamond Model and MITRE ATT&CK.

Technical Skills

Intelligence: OSINT, HUMINT analysis, Diamond Model, Kill Chain, MITRE ATT&CK, STIX/TAXII
Tools: Recorded Future, VirusTotal, MISP, Maltego, Shodan, Splunk, ThreatConnect
Technical: Malware Analysis, YARA rules, Python, Wireshark, Sandbox Analysis
Reporting: Intelligence Briefings, IOC Management, Threat Modeling, Risk Assessments

Experience

Threat Intelligence Analyst - Ironclad Cyber Defense Jun 2023 – Present

Tracked 8 APT groups targeting financial sector clients, producing 65 tactical intelligence reports that led to 40 new detection rules

Reduced mean time to detect targeted attacks by 40% by integrating threat intelligence feeds into Splunk correlation searches

Analyzed 200+ malware samples using sandbox environments and YARA rules, contributing 350 IOCs to the enterprise threat feed

Delivered 12 strategic threat briefings to C-suite executives, directly influencing $1.2M in security investment decisions

Junior Threat Analyst - NovaCyber Solutions Aug 2020 – May 2023

Monitored 15 dark web forums and 8 Telegram channels for threat actor activity, identifying 25 credential leak incidents affecting clients

Built an automated IOC enrichment pipeline in Python that processed 500 indicators daily, reducing analyst triage time by 60%

Created MITRE ATT&CK mappings for 30 threat campaigns, enabling the SOC to prioritize detection coverage for 12 high-risk techniques

Authored 55 intelligence reports with an average stakeholder satisfaction score of 4.7 out of 5 across 200 recipients

Education

B.S. Computer Science - Virginia Tech 2020

Why This Resume Works

Intelligence production is quantified

120+ reports, 350 IOCs, and 40 detection rules show prolific and actionable output.

Business influence demonstrated

$1.2M in security investment influenced by briefings shows strategic value beyond technical analysis.

APT tracking experience named

Tracking 8 APT groups by sector proves focused adversary research capability.

Section-by-Section Breakdown

Summary

State the number of intelligence reports produced and their measurable SOC impact. Name your frameworks.

Skills

Separate intelligence methodologies from technical tools. Include a Reporting category.

Experience

Quantify reports authored, IOCs produced, detection rules created, and briefings delivered.

Education

CS or cybersecurity degrees work. GCTI, CTIA, or SANS certifications are highly valued.

Key Skills for Threat Intelligence Analyst Resumes

Based on analysis of thousands of job postings, these are the most frequently required skills:

Threat Intelligence MITRE ATT&CK OSINT Malware Analysis YARA Python Splunk STIX/TAXII Diamond Model IOC Management Dark Web Monitoring Threat Modeling Recorded Future MISP Intelligence Reporting

Common Mistakes on Threat Intelligence Analyst Resumes

⚠Saying 'researched threats' without specifics - Name the APT groups, sectors targeted, and number of campaigns analyzed.
⚠No connection between intelligence and detection - Show how your reports became detection rules, response playbooks, or investment decisions.
⚠Missing IOC and report volume metrics - Threat intelligence is a production role. Quantify your output volume and quality.
⚠Ignoring stakeholder communication - Briefings, satisfaction scores, and executive presentations show communication skills.
⚠Not referencing intelligence frameworks - Diamond Model, Kill Chain, and MITRE ATT&CK alignment shows structured analytical methodology.

Threat Intelligence Analyst
Resume Example

Elias Thornton

Why This Resume Works

Section-by-Section Breakdown

Summary

Skills

Experience

Education

Key Skills for Threat Intelligence Analyst Resumes

Common Mistakes on Threat Intelligence Analyst Resumes

Related Guides

Ready to build yours?

More Resume Examples