diff --git a/src/registrar/admin.py b/src/registrar/admin.py
index 5ccba7cad..dc7e45895 100644
--- a/src/registrar/admin.py
+++ b/src/registrar/admin.py
@@ -134,10 +134,51 @@ class MyUserAdmin(BaseUserAdmin):
         ("Important dates", {"fields": ("last_login", "date_joined")}),
     )
 
+    analyst_fieldsets = (
+        (
+            None,
+            {"fields": ("password", "status")},
+        ),
+        ("Personal Info", {"fields": ("first_name", "last_name", "email")}),
+        (
+            "Permissions",
+            {
+                "fields": (
+                    "is_active",
+                    "is_staff",
+                    "is_superuser",
+                )
+            },
+        ),
+        ("Important dates", {"fields": ("last_login", "date_joined")}),
+    )
+
+    analyst_readonly_fields = [
+        "password",
+        "Personal Info",
+        "first_name",
+        "last_name",
+        "email",
+        "Permissions",
+        "is_active",
+        "is_staff",
+        "is_superuser",
+        "Important dates",
+        "last_login",
+        "date_joined",
+    ]
+
     def get_list_display(self, request):
         if not request.user.is_superuser:
             # Customize the list display for staff users
-            return ("email", "first_name", "last_name", "is_staff", "is_superuser")
+            return (
+                "email",
+                "first_name",
+                "last_name",
+                "is_staff",
+                "is_superuser",
+                "status",
+            )
 
         # Use the default list display for non-staff users
         return super().get_list_display(request)
@@ -146,11 +187,18 @@ class MyUserAdmin(BaseUserAdmin):
         if not request.user.is_superuser:
             # If the user doesn't have permission to change the model,
             # show a read-only fieldset
-            return ((None, {"fields": []}),)
+            return self.analyst_fieldsets
 
         # If the user has permission to change the model, show all fields
         return super().get_fieldsets(request, obj)
 
+    def get_readonly_fields(self, request, obj=None):
+        if request.user.is_superuser:
+            return ()  # No read-only fields for superusers
+        elif request.user.is_staff:
+            return self.analyst_readonly_fields  # Read-only fields for staff
+        return ()  # No read-only fields for other users
+
 
 class HostIPInline(admin.StackedInline):
 
diff --git a/src/registrar/fixtures.py b/src/registrar/fixtures.py
index 76b01abf7..63ef1dea9 100644
--- a/src/registrar/fixtures.py
+++ b/src/registrar/fixtures.py
@@ -138,7 +138,7 @@ class UserFixture:
             "permissions": ["change_domainapplication"],
         },
         {"app_label": "registrar", "model": "domain", "permissions": ["view_domain"]},
-        {"app_label": "registrar", "model": "user", "permissions": ["view_user"]},
+        {"app_label": "registrar", "model": "user", "permissions": ["change_user"]},
     ]
 
     @classmethod