Cyber Incident Response Analyst

Thomas Cook
21 Sep 2018
29 Sep 2018
Contract Type
Full Time

Over 175 years ago, our founder Thomas Cook began this company with a vision to ‘broaden the mind of others and break down the partition walls of prejudice.'

Once describing himself as ‘the willing and devoted servant of the travelling public,’ Thomas Cook was a true pioneer of the travel industry, opening up a world of new destinations and new travel experiences to everyone. By obtaining the best services and prices for his customers, he laid the foundations of the company that still bears his name today.

Thomas Cook is now one of the world’s leading leisure travel groups, supported by around 22,000 colleagues and operating from 15 countries.

Our vision today remains true to Thomas Cook’s ambitions - to be the world’s most loved holiday company.

Job purpose:

Support the management and ownership of security services and operations within Thomas Cook.

Key accountabilities and decision ownership:

  • Perform cyber security incident response duties and triage security incidents
  • Responsible for assisting in the review of security events, including notification, escalation response and post incident reviews
  • Responsible for the Identification of internal and external attacks against Thomas Cook networks
  • Responsible for fine-tuning SIEM and IDS/IPS toolsets to provide maximum benefit and reduce overall company cyber risk
  • Responsible for liaising with stakeholders to determine impacts, workarounds, analytical services and recommendations for improvement
  • Responsible for ensuring monitoring and operational services are fit for purpose
  • Provide command, control and reporting support for all security incidents
  • Support enhancement, improvement and delivery of monitoring and response methods, procedures and processes to reduce risk

Skills, know-how and experience]:

Must have:

  • Demonstrable evidence of conducting tactical and strategic analysis of cyber threats
  • Strong analytical skills, capable of analysing complex technical information to identify patterns, trends and linkage.
  • Previous experience within cybersecurity incident response
  • Excellent written and verbal skills, with the ability to translate complex concepts into easily understood principals.
  • The ability to pro-actively identify cross-functional threats
  • Previous experience writing cyber incident response procedures
  • Previous experience dealing with Malware outbreaks and spam/phishing incidents


  • Detailed understanding of ITIL principals
  • The ability to work across various cultures internationally

Technical / professional qualifications:

  • MSc
  • GCFW
  • GSEC

Life at Thomas Cook is fast-paced and full of opportunities. We’re a leading international travel company that believes in empowering our people, so when you join us, you’ll be given the chance to create, learn and innovate. You’ll also be given the support and training you need to develop your career in the direction you choose.

As you might expect, our holiday benefits are something special. We’ll give you an allowance towards your holiday every year, depending on how long you’ve been with us. There are also special last minute employee deals, which give you the opportunity to pick up a holiday at an outstanding price. Working for Thomas Cook, you can travel the world for less.

We also offer a flexible benefits package that gives you a range of options to ensure your benefits match your lifestyle.

Similar jobs

Similar jobs