SecOps Engineer

London
Technology – Information Security
Full-time
Our Mission 🚀
Trainline is the leading independent rail and coach travel platform selling rail and coach tickets to millions of travellers worldwide.  Via our highly rated website and mobile app, people can seamlessly search, book and manage their journeys all in one place. We bring together millions of routes, fares and journey times from 260 rail and coach carriers across 45 countries.  We offer our customers the best price for their journey and smart, real time travel information on the go.  Our aim is to make rail and coach travel easier and more accessible, encouraging people to make more environmentally sustainable travel choices.

Introducing the Security Team 👋 
The security team works closely with development and operations to build security into applications and support processes. We provide assurance in the application lifecycle in various areas, including; design reviews, supporting automated code scanning, performing targeted application vulnerability assessments, and ethical hacking across systems.
We are responsible for the security of all channels which collectively bring in over £3.2 billion in ticket sales every year. That means at peak times over 300 people per minute are booking Trains.

As a SecOps Engineer at Trainline, you will...
- Help to ensure the ongoing security of multichannel operations covering ecommerce, mobile, and customer relations
- Collaborate with IT operations teams, advise on security best practices and ensure security requirements are followed
- Research and implement solutions to improve Trainline’s security stack
- Improve signal detection and alerting capabilities within Trainline’s corporate and production systems 
- Work to embed security in the operational lifecycle
- Take part and lead incident investigation
 
We'd love to hear from you if you have...🔍
- Demonstrable comprehension of cyber and information security including operational security processes, logging and monitoring technologies, hacking techniques and the evolving threat landscape.
- Working knowledge of variety of security tools and infrastructure
- Experience of monitoring cloud infrastructure
- Experience with SEIM tools
- Experience with WAF and CDN
- Technical mind-set with an aptitude for analysis and investigation
- Knowledge of current information security standards and regulations such as PCI-DSS, ISO27000 series, and GDPR


Our Culture 🤗
Everything begins with great people, as well as aptitude, we put a heavy emphasis on attitude.

Coaches Over Heroes
- We prioritise the focus on being one team over elevating the heroics of an individual, for us the true heroes are those individuals who are excellent at nurturing, coaching and generous in sharing their knowledge with others.

Well-being
- Everything that we do takes into account the morale of every member of our team, their opportunities for growth and for participation in exciting challenges.

Mentoring and Learning
- We have a mentoring community that is constantly growing, we provide people with mentors or buddies from various teams.

Trust
- We hire awesome people capable of making smart decisions - empowerment is a great enabler of agility.

We value open expression at Trainline, we believe it’s the diversity of experience, backgrounds and perspectives of our employees that makes us who we are. We encourage everybody to play a part in changing the way people travel across the world.