• United States




How to hire the right analysts for your intelligence program

Apr 12, 20185 mins
Data and Information SecurityIT SkillsNetwork Security

As someone who’s been deeply involved in virtually every aspect of hiring and job-seeking in security and intelligence, I can attest firsthand that while the process is rarely easy, it’s worth the effort.

In “How to create a gold standard intelligence program,” I explained that gold-standard intelligence programs rely on the right talent. Although hiring can be challenging regardless of position or industry, this process can be downright onerous when it comes to building out your intelligence team.

Not only are the best analysts perpetually in high demand, their advanced and often obscure skill-sets are rare. But in order to produce intelligence of value—namely that which is finished, gleaned from beyond the open web, addresses enterprise-wide risk, and provides a decision advantage over threats and adversaries—the right talent is essential.

Based on my own experience, the following pieces of advice can help you hire the right analysts for your intelligence program:

Seek skill-sets that align with your program’s objectives

Not only are clearly defined objectives integral to the success of an intelligence program, they should be a key consideration during the hiring process. If one objective of your program is to reduce fraud losses, for example, you should naturally look to hire analysts who possess the skill-sets needed to help your program reduce fraud losses.

But what are these skill-sets? Fraud, like many threats, is multifaceted and dynamic. Some types of fraud involve malware; others rely solely on social engineering. Some fraudsters are members of the English-language underground; others originate from Eastern European cybercriminal communities. So, before you can hire analysts to help combat fraud, you need to first understand the nature of fraud your company is facing:

  • Who are the adversaries, where do they congregate, and what are their motives?
  • What tactics, techniques, and procedures (TTPs) have enabled these adversaries to carry out fraud against the company?
  • How effective are existing anti-fraud controls?

Questions like these can help you determine the types of skill-sets needed to support your intelligence objectives—fraud-related or not. If your company is frequently targeted by Russian-speaking cybercriminals, for example, your intelligence program would likely benefit from analysts who are fluent in Russian, knowledgeable of the Russian underground, and familiar with the TTPs common among these types of adversaries.

Don’t forget about soft skills

Achieving an intelligence objective is in many ways tantamount to completing an intricate and exhaustive puzzle. Soft skills are just as important as subject matter expertise. Analysts capable of conducting the advanced research and analysis required to support intelligence objectives will add little value to a program if they’re not also capable communicators and team players.

After all, the most effective intelligence teams frequently interface and collaborate with decision-makers and stakeholders from other departments and business functions. If an analyst can’t convey their findings in a manner that resonates well with their intended audience, their findings could be misinterpreted, actioned incorrectly, or not actioned at all.

Soft skills such as creativity, compassion, and empathy are also crucial. Analysts who monitor deep and dark web communities need more than just the right technical certifications and appropriate foreign language competencies. They need to be able to understand these communities’ highly nuanced cultural and social intricacies, accurately judge human emotion, and think on their feet.

But unlike technical certifications or language competencies, soft skills are rarely conveyed on a resume or job application. As such, evaluating an analyst candidate’s soft skills is typically only possible during an interview. Asking questions like the following can help:

  • How do you work with others on your team? Outside of your team?
  • How would you explain an advanced technical concept to someone who has a non-technical background?
  • Would you consider yourself creative? Why or why not?
  • Tell me about a time when you solved a complex problem.
  • What is your greatest weakness?

Reference checks can also help shed light on a candidate’s soft skills. Previous managers and coworkers who have worked directly with the candidate can be great resources for this type of insight.

Consider candidates from non-traditional backgrounds

Many of the best intelligence analysts have prior careers in education, government, linguistics, engineering, communications, finance, or law enforcement, among many other non-traditional backgrounds. In additional to supporting the development of various soft skills, these types of backgrounds can enhance an intelligence program with new perspectives, problem-solving strategies, and analytical techniques.

It’s also crucial to recognize that a talent shortage does indeed exist in the realm of security and intelligence. By limiting your search to candidates who possess an entire laundry-list of technical certifications, have years of experience in your exact industry, and live in your specific location, you’ll likely overlook candidates from other industries with other skill-sets in other locations who, as remote workers, could still be invaluable to your program. Keeping an open mind during the hiring process is a must.

As someone who’s been deeply involved in virtually every aspect of hiring and job-seeking in security and intelligence, I can attest firsthand that while the process is rarely easy, it’s worth the effort. Like I mentioned earlier, gold-standard intelligence programs rely on the right talent.


Chris Camacho partners with Flashpoint's executive team to develop, communicate, and execute strategic initiatives pertaining to Business Risk Intelligence (BRI).

With more than 15 years of cyber security leadership experience, he has spearheaded initiatives across Operational Strategy, Incident Response, Threat Management, and Security Operations to ensure cyber risk postures align with business goals.

Camacho has a B.S. in Decision Sciences & Management of Information Systems from George Mason University.

The opinions expressed in this blog are those of Chris Camacho and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.