Threat Intelligence
Role overview
The role of Threat Intelligence is to add value through the process of taking known information about situations and entities of strategic, operational, or tactical importance and characterising the known and the future actions in those situations.
Role level
Typical role expectations
- Working with stakeholders to better understand and refine information requirements
- Identifying, collating and analysing information from multiple sources, including internal systems, open and commercial sources, and from other government departments.
- The production of intelligence products, under limited supervision.
- Supporting more experienced analysts with the production of more complex products, including regular products.
- Taking part in the peer review of intelligence products.
- The dissemination of reports and the collection of feedback from stakeholders across the organisation, as well as external.
- Providing briefings to relevant internal and external stakeholders.
- Taking part in information sharing forums and maintaining other intelligence relationships, both internal and external, to enhance understanding of Departmental threats.
Typical role expectations
- Working with stakeholders to better understand and refine information requirements.
- Identifying, collating and analysing information from multiple sources, including internal systems, open and commercial sources, and from other government departments.
- The production of a wide and diverse range of intelligence products, both individually and in conjunction with both internal and external counterparts.
- The dissemination of reports and the collection of feedback from stakeholders across the organisation, as well as external.
- Taking part in the peer review of intelligence products.
- Providing briefings to relevant internal and external stakeholders.
- Taking part in information sharing forums and maintaining other intelligence relationships, both internal and external, to enhance understanding of Departmental threats.
- Management of assigned internal and external relationships with both stakeholders and counterparts.
- Responsibility for leading initiatives that improve our ability to produce and deliver timely, authoritative, and impactful intelligence
- Some line management responsibilities, as well as mentoring responsibilities for more junior or embedded staff.
Typical role expectations
- Providing and inspiring effective leadership within team activities, while driving communication, collaboration, and innovation. Leading activities that establish a positive team culture that aligns with departmental values and good civil service behaviours.
- Ensuring that staff work effectively with stakeholders to better understand and refine intelligence requirements, to include direct engagement with senior stakeholders.
- Ensuring that peer review of intelligence products is carried out effectively.
- Ensuring that the dissemination of intelligence products is carried out smoothly and efficiently, in addition to the successful collection of feedback.
- Providing briefings to relevant senior internal and external stakeholders, when necessary.
- Promoting participation in information sharing forums and maintaining other intelligence relationships, both internal and external, to enhance understanding of Departmental threats.
- The management of assigned internal and external relationships with both stakeholders and counterparts.
- Driving improvements in overall quality and impact of team intelligence products.
- Ultimate line management responsibility for all team staff, as well as mentoring responsibilities for more junior or embedded staff.
Skills
| Skill | Associate | Lead | Principal |
|---|---|---|---|
| Legal and regulatory environment and compliance | Awareness | Working | Practitioner |
| Threat intelligence and threat assessment | Working | Working | Expert |
| Threat Understanding | Working | Practitioner | Expert |
Core learning
Associate
FOR578: Cyber Threat Intelligence
NPSA – Insider Risk Mitigation Framework
FOR589: Cybercrime Intelligence
Lead
FOR578: Cyber Threat Intelligence
NPSA – Reducing Insider Risk guidance and tools
FOR589: Cybercrime Intelligence
Principal
QACSRM (Certified Security Risk Manager)
FOR578: Cyber Threat Intelligence
FOR589: Cybercrime Intelligence