Member-only story

The CTI Team: Roles and Responsibilities You Need

Adam Goss
OSINT Team
Published in
17 min readFeb 10, 2025

Cyber threat intelligence can be a game-changer for most organizations. It enables them to proactively manage the risks they face when conducting business in the cyber domain. But what does this look like? What key roles and responsibilities does a CTI team have?

This guide answers these questions by explaining how a CTI team fits into the larger business and the key roles within a CTI team that are required to fulfill its mission. This includes general roles, like CTI manager and analyst, and specialized roles, such as CTI engineer, threat hunter, and dark web researcher.

Each role is pivotal in ensuring the CTI team can collect, analyze, and share threat intelligence that informs key business decisions. That’s why this guide also showcases how these roles work together by breaking the CTI process into the OODA loop, CTI lifecycle, and F3EAD loop.

Let’s get started exploring what you need to build a great CTI team!

The complete version of this article can be viewed for free on: https://kravensecurity.com/cti-team

Understanding the Role of a CTI Team

Before we discuss the roles and responsibilities of a cyber threat intelligence (CTI) team, we need to take a step back and examine how they fit into the broader…

--

--

Published in OSINT Team

We teach OSINT from multiple perspectives. InfoSec experts, journalists, law enforcement and other intelligence specialists read us to grow their skills faster.

Written by Adam Goss

Helping demystify cyber threat intelligence for businesses and individuals | CTI | Threat Hunting | Custom Tooling

No responses yet

What are your thoughts?