Trainline
,
London, Greater London
SecOps Engineer
Overview
Job Description
Trainline is an innovative, tech business with a mission to bring together the world's rail, coach and other travel services into one simple experience. We aim to make travel easier and more accessible, encouraging people to make more environmentally sustainable travel choices . We're hugely proud to be the world's leading independent rail and coach travel platform and rank among the highest-rated travel and ticketing apps globally. Today, we offer our customers travel to thousands of destinations in and across 45 countries in Europe and beyond . That's more than 3.7 billion in ticket sales annually, and over 96 million visits to our apps and websites each month. In another major milestone, last summer Trainline listed on the London Stock Exchange and is now part of the FTSE 250 . Our culture is central to our success .We're driven to sustain our phenomenal growth from recent years, and this means we're always working closely and collaboratively to turn our ideas into reality. It's this sense of pace , innovating and improving pretty much everything we do, that makes Trainline so exciting and unique - we truly believe our work has a genuine impact and will change travel for the better . We are an innovative team that ensures the ongoing security of multichannel operations covering eCommerce, mobile and customer services. Here you will be responsible for driving security improvement into operations. Working closely with the security and IT operations teams to build security into the operational lifecycle, you will advise on security best practices and ensure security requirements are followed. You will deliver on time and work on own initiative. You will be expected to draw on your previous knowledge, self-learning and formal training, seeking out guidance and feedback where appropriate to ensure tasks are completed. The role is a proactive one, and you will be responsible for ensuring key contacts know as much as possible, as quickly as possible about security incidents and acting as an escalation point for operational security issues. Although the primary focus of the role is on operational security, the role also touches on application, cloud, network and infrastructure security, and will be expected to approve security based change requests. What You'll Be Working On: Helping to ensure the ongoing security of multichannel operations covering ecommerce, mobile, and customer relations Collaborate with IT operations teams, advise on security best practices and ensure security requirements are followed Configure and maintain the operational security stack including logging and monitoring SIEM solutions, FIM, WAF, and vulnerability scanning services Research and implement solutions to improve Trainline's security stack Help improve signal detection and alerting capabilities within Trainline's corporate and production systems [AM1] Help to embed security in the operational lifecycle Automate tooling and process to eliminate as much manual work as possible Prepare and document standard operating procedures and protocols for DevOps and IT operations teams Use incumbent logging and monitoring SIEM solutions and other advanced tools to process large sets of data and correlate events and alerts Ensure key contacts know as much as possible, as quickly as possible about security incidents Act as an escalation point for operational security issues Identifying and pursuing opportunities for continuous improvement What You'll Bring: Solid and demonstrable comprehension of cyber and information security including operational security processes, logging and monitoring technologies, hacking techniques and the evolving threat landscape Demonstrable ability to transfer knowledge to others Experience or working knowledge of variety of security tools and infrastructure Experience with application level firewalls Working knowledge of security scanning software or services Knowledge of secure development practices such as OWASP and BSIMM Technical mind-set with an aptitude for analysis and investigation Keeps up to date with industry trends, new threats and changes in the security landscape Able to analyse technical data to decipher, prioritise and act upon findings Knowledge of current information security standards and regulations such as PCI-DSS, ISO27000 series, and the DPA Bonus Skills: Strong people and engagement skills Strong oral and written communication skills Enthusiastic and shows a wiliness to learn new skills and take on new work Helping to maintain PCI DSS compliance Deliver on time and work on own initiative, seeking out guidance and feedback where appropriate to ensure tasks are completed Dependable yet flexible with the ability to carry out scheduled activities Identifying and pursuing opportunities for continuous improvement Strong analytical, organisational, multitasking and prioritisation skills Self-starter who is able to work on their own and seek out new areas for investigation with limited guidance Abil