Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Manage and optimise our SIEM platform while supporting security incident response.
- Company: Join Trainline, Europe's top rail app, dedicated to sustainable travel solutions.
- Benefits: Enjoy perks like private healthcare, work-from-abroad options, and generous learning budgets.
- Why this job: Be part of a dynamic team making a positive impact in the travel industry.
- Qualifications: Strong tech knowledge, hands-on SIEM experience, and a passion for cybersecurity required.
- Other info: Diversity is key; we celebrate all forms of it in our workplace.
The predicted salary is between 36000 - 60000 £ per year.
About us: We are champions of rail, inspired to build a greener, more sustainable future of travel. Trainline enables millions of travellers to find and book the best value tickets across carriers, fares, and journey options through our highly rated mobile app, website, and B2B partner channels. Great journeys start with Trainline. Now Europe’s number 1 downloaded rail app, with over 125 million monthly visits and £5.9 billion in annual ticket sales, we collaborate with 270+ rail and coach companies in over 40 countries. We want to create a world where travel is as simple, seamless, eco-friendly and affordable as it should be. Today, we're a FTSE 250 company driven by our incredible team of over 1,000 Trainliners from 50+ nationalities, based across London, Paris, Barcelona, Milan, Edinburgh and Madrid. With our focus on growth in the UK and Europe, now is the perfect time to join us on this high-speed journey.
Introducing Security Operations @ Trainline. We are seeking a highly motivated and detail-oriented Security Operations Engineer to join our dynamic Security Operations Team. As a Security Operations Engineer, you will play a critical role in safeguarding our organization’s assets and data by overseeing the management of Trainline’s SIEM. This is done by ensuring the SIEM is fully operational and that we have the logs and alerts needed to support incident detection and response efforts. Along with this, the Security Operations Engineer will support the wider team in monitoring, analysing, and responding to Security events and incidents. You will ensure that our wider set of Security tools are optimized to their full potential in-line with industry best practice. Create and maintain detailed documentation and provide key insights to management through customized dashboards and reports.
If you are passionate about cybersecurity, eager to stay ahead of emerging threats, and looking to grow within a fast-paced and evolving environment, we’d love to hear from you!
As a Security Analyst at Trainline, you will...
- Own the management and configuration of our SIEM platform (Splunk), ensuring its fully operational, updated, configured to best practice and providing value for money.
- Drive the creation of new alerts, working with the wider Security Operations team to ensure appropriate enrichment and value, and support the tuning of noisy alerts.
- Identify gaps in our logging and manage the onboarding of these from pre-implementation considerations, through to log availability monitoring.
- Undertake threat hunts to identify gaps in our logging and alerting. Use this along with threat intel to help drive our maturity road map.
- Support day-to-day management and configuration of other key security tools (for example Crowdstrike). Ensure these are configured and used to their full potential and in line with good industry practices.
- Collaborate with SMEs across the business to support and advise on the implementation of security best practice across our tooling and processes.
- Support the wider Security Operations team with the monitoring of our SecOps alert queue. Triage and investigate alerts providing detailed analysis and recommendations on remediation actions.
- Work with our Incident Management Team to respond to Security incidents. Provide Security analysis to validate and size up the problem, along with making recommendations for containment. Follow up after incidents with post incident review (PIR), ensuring any outstanding actions are tracked, and trends are identified.
- Continuously develop and improve the documentation for our Security tooling. Ensuring knowledge is shared with the wider team, and that we have standardised responses for reliability issues.
- Create, maintain, and analyse Security Operations dashboards and reports fed into management and stakeholders across the business. Identify key trends to help inform Trainline's threat landscape and key Security risks.
- (Once established within the team) join the on-call rota, responding to high priority incidents out-of-hours to ensure uninterrupted protection of mission critical systems and data.
- Support the wider Security team in our compliance and accreditation activities (GDPR, PCI, ISO12001).
We'd love to hear from you if you have...
- Strong technical knowledge, this could be across the domain (Security, Networks, Infrastructure, End User Compute).
- Hands-on experience with SIEM platforms (Splunk, Microsoft Sentinel, Elastic, etc).
- Familiarity with other security tools (EDR, Vulnerability Management, Firewalls, IDS).
- An understanding of cloud platforms (AWS, Azure, GCP) and relevant Security principles.
- A desire to be continuously upskilling your Security knowledge and skills.
- Ability to work under pressure and manage multiple priorities in a dynamic environment.
- Strong analytical and problem-solving skills.
- Clear communication and documentation skills, notably for PIRs and stakeholder updates.
More information: Enjoy fantastic perks like private healthcare & dental insurance, a generous work from abroad policy, 2-for-1 share purchase plans, an EV Scheme to further reduce carbon emissions, extra festive time off, and excellent family-friendly benefits. We prioritise career growth with clear career paths, transparent pay bands, personal learning budgets, and regular learning days. Jump on board and supercharge your career from day one!
Our values represent the things that matter most to us and what we live and breathe every day, in everything we do: Think Big - We're building the future of rail; Own It - We focus on every customer, partner and journey; Travel Together - We're one team; Do Good - We make a positive impact.
We know that having a diverse team makes us better and helps us succeed. And we mean all forms of diversity - gender, ethnicity, sexuality, disability, nationality and diversity of thought. That’s why we’re committed to creating inclusive places to work, where everyone belongs and differences are valued and celebrated.
Interested in finding out more about what it’s like to work at Trainline? Why not check us out on LinkedIn, Instagram and Glassdoor!
SecOps Engineer FullTime London employer: Trainline plc
Contact Detail:
Trainline plc Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land SecOps Engineer FullTime London
✨Tip Number 1
Familiarise yourself with the specific SIEM tools mentioned in the job description, particularly Splunk. Consider taking online courses or certifications that focus on these platforms to demonstrate your hands-on experience and technical knowledge.
✨Tip Number 2
Engage with the cybersecurity community by joining forums or attending webinars related to security operations. This will not only enhance your knowledge but also help you network with professionals who might provide insights or referrals for opportunities at Trainline.
✨Tip Number 3
Stay updated on the latest trends and threats in cybersecurity. Follow relevant blogs, podcasts, or news outlets to ensure you can speak knowledgeably about current issues during interviews, showcasing your passion for the field.
✨Tip Number 4
Prepare to discuss your problem-solving skills and analytical abilities in detail. Think of specific examples from your past experiences where you successfully triaged alerts or managed security incidents, as this will resonate well with the responsibilities outlined in the job description.
We think you need these skills to ace SecOps Engineer FullTime London
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience and skills that align with the responsibilities of a Security Operations Engineer. Focus on your hands-on experience with SIEM platforms and any familiarity with security tools mentioned in the job description.
Craft a Compelling Cover Letter: In your cover letter, express your passion for cybersecurity and how it aligns with Trainline's mission to create a sustainable future of travel. Mention specific examples of how you've contributed to security operations in previous roles.
Highlight Technical Skills: Clearly outline your technical knowledge in areas such as Security, Networks, and Infrastructure. Be specific about your experience with tools like Splunk and any cloud platforms you are familiar with, as these are crucial for the role.
Showcase Problem-Solving Abilities: Provide examples in your application that demonstrate your analytical and problem-solving skills. Discuss situations where you've successfully triaged alerts or responded to security incidents, as this will resonate well with the hiring team.
How to prepare for a job interview at Trainline plc
✨Understand the Role
Make sure you have a solid grasp of what a Security Operations Engineer does, especially in relation to SIEM management and incident response. Familiarise yourself with Trainline's specific tools like Splunk and Crowdstrike, as well as their approach to cybersecurity.
✨Showcase Your Technical Skills
Be prepared to discuss your hands-on experience with SIEM platforms and other security tools. Highlight any relevant projects or situations where you've successfully managed security incidents or improved security processes.
✨Demonstrate Problem-Solving Abilities
Expect scenario-based questions that assess your analytical and problem-solving skills. Prepare examples of how you've tackled complex security challenges in the past, focusing on your thought process and the outcomes.
✨Communicate Clearly
Effective communication is key in this role. Practice explaining technical concepts in simple terms, as you'll need to convey information to various stakeholders. Be ready to discuss how you document incidents and share knowledge with your team.
