Threat Analysis (OPM 141)

Responsible for collecting, processing, analyzing, and disseminating cybersecurity threat assessments. Develops cybersecurity indicators to maintain awareness of the status of the highly dynamic operating environment.

Jump to:

Overview
Courses
Similar Roles

Threat Analysts study adversarial tactics and conduct threat emulation to anticipate and disrupt cyber threats. They provide intelligence fusion and deliver insights that proactively defend operational environments.

What You'll Do

Strategic Intelligence Collection

Collect critical cybersecurity intelligence, strategically plan collection activities, and identify intelligence gaps for proactive defense.

Advanced Threat Analysis

Analyze complex threat data sets, emulate adversarial tactics, and anticipate emerging cybersecurity threats to safeguard operations.

Effective Threat Communication

Prepare detailed cybersecurity briefings, communicate threat assessments clearly, and report actionable intelligence to stakeholders.

Related Training Courses

Explore the courses below that are aligned with this job role.

Essentials

SANS Essentials Courses are designed for individuals with an understanding of IT or cyber security concepts.

SEC504: Hacker Tools, Techniques, and Incident Handling

SEC504Offensive Operations

GIAC Certified Incident Handler Certification (GCIH)
6 Days (Instructor-Led)
38 CPEs / 38 Hours (Self-Paced)
Labs: 30 Hours of hands-on instruction

View course details Register

SEC504J: Hacker Tools, Techniques, and Incident Handling (Japanese)

SEC504JOffensive Operations

GIAC Certified Incident Handler Certification (GCIH)
6 Days (Instructor-Led)
38 CPEs / 38 Hours (Self-Paced)
Labs: 30 Hours of hands-on instruction

View course details Register

Intermediate

Intermediate courses are designed for cybersecurity professionals with practical, hands-on experience.

SEC497: Practical Open-Source Intelligence (OSINT)

SEC497Cyber Defense

GIAC Open Source Intelligence (GOSI)
6 Days (Instructor-Led)
36 CPEs / 36 Hours (Self-Paced)
Labs: 29 Hours of hands-on instruction

View course details Register

FOR578: Cyber Threat Intelligence

FOR578Digital Forensics and Incident Response

GIAC Cyber Threat Intelligence (GCTI)
6 Days (Instructor-Led)
36 CPEs / 36 Hours (Self-Paced)
Labs: 20 Hours of hands-on instruction

View course details Register

Advanced

Advanced courses are designed for highly experienced cybersecurity professionals seeking expert-level mastery.

SEC587: Advanced Open-Source Intelligence (OSINT) Gathering and Analysis

SEC587Cyber Defense

6 Days (Instructor-Led)
36 CPEs / 36 Hours (Self-Paced)
Labs: 28 Hours of hands-on instruction

View course details Register

Similar Roles

Insider Threat Analysis

NICE: Protection and Defense

Responsible for identifying and assessing the capabilities and activities of cybersecurity insider threats; produces findings to help initialize and support law enforcement and counterintelligence activities and investigations.

Explore learning path

Digital Forensics (OPM 212)

NICE: Protection and Defense

Responsible for analyzing digital evidence from computer security incidents to derive useful information in support of system and network vulnerability mitigation.

Explore learning path

Cyber Resiliency

NICE: Protection and Defense

This Competency Area describes a learner’s capability related to architecting, designing, developing, implementing, and maintaining the trustworthiness of systems that use or are enabled by cyber resources in order to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises.

Explore learning path

Vulnerability Analysis (OPM 541)

NICE: Protection and Defense

Responsible for assessing systems and networks to identify deviations from acceptable configurations, enclave policy, or local policy. Measure effectiveness of defense-in-depth architecture against known vulnerabilities.

Explore learning path

Infrastructure Support (OPM 521)

NICE: Protection and Defense

Responsible for testing, implementing, deploying, maintaining, and administering infrastructure hardware and software for cybersecurity.

Explore learning path

Defensive Cybersecurity (OPM 511)

NICE: Protection and Defense

Responsible for analyzing data collected from various cybersecurity defense tools to mitigate risks.

Explore learning path

Incident Response (OPM 531)

NICE: Protection and Defense

Responsible for investigating, analyzing, and responding to network cybersecurity incidents.

Explore learning path

Need more guidance about cyber roles?

There are numerous different roles in cybersecurity and where you fit depends on your interest level. SANS New to Cyber offers courses, certifications, and free resources for anyone interested in getting started in cybersecurity.

Explore New to Cyber

SEC504: Hacker Tools, Techniques, and Incident Handling

Threat Analysis (OPM 141)

What You'll Do

Strategic Intelligence Collection

Advanced Threat Analysis

Effective Threat Communication

Related Training Courses

Essentials

SEC504: Hacker Tools, Techniques, and Incident Handling

Quick view

SEC504J: Hacker Tools, Techniques, and Incident Handling (Japanese)

Quick view

Intermediate

SEC497: Practical Open-Source Intelligence (OSINT)

Quick view

FOR578: Cyber Threat Intelligence

Quick view

Advanced

SEC587: Advanced Open-Source Intelligence (OSINT) Gathering and Analysis

Quick view

Similar Roles

Insider Threat Analysis

Digital Forensics (OPM 212)

Cyber Resiliency

Vulnerability Analysis (OPM 541)

Infrastructure Support (OPM 521)

Defensive Cybersecurity (OPM 511)

Incident Response (OPM 531)

Need more guidance about cyber roles?