Rodeo
ResourcesPartnersSign in

Trainline

SecOps Engineer

London
£55k – £65k/yr
Posted about 15 hours ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

About Us

We are champions of rail, inspired to build a greener, more sustainable future of travel. Trainline enables millions of travellers to find and book the best value tickets across carriers, fares, and journey options through our highly rated mobile app, website, and B2B partner channels.

Great journeys start with Trainline 🚄

Now Europe’s number 1 downloaded rail app, with over 135 million monthly visits and £6.3 billion in annual ticket sales, we collaborate with 270+ rail and coach companies in over 40 countries. We want to create a world where travel is as simple, seamless, eco-friendly and affordable as it should be.

Today, we're a FTSE 250 company driven by our incredible team of over 1,000 Trainliners from 50+ nationalities, based across London, Paris, Barcelona, Milan, Edinburgh and Madrid. With our focus on growth in the UK and Europe, now is the perfect time to join us on this high-speed journey.

Introducing Security Operations @ Trainline 👋

Our Security Operations team plays a vital role in protecting Trainline's people, platforms, and data. As a Security Operations Engineer, you'll primarily be working on monitoring, investigating, and responding to security events while helping to strengthen our detection and response capabilities through continuous engineering and automation improvements.

Working closely with Security, Engineering, and Technology teams, you'll combine operational analysis with hands-on engineering, using Splunk, automation, and AI to improve threat detection, streamline investigations, and enhance our overall security posture. You'll optimise our security tooling, improve detection capabilities, and support incident response across the business through threat hunting, continuous improvement, and meaningful reporting that enables informed security decisions. If you're passionate about cybersecurity and enjoy solving complex problems in a collaborative environment, we'd love to hear from you.

In this role as the Security Operations Engineer, you will... 🚄

  • Monitor, triage, and investigate security alerts, leading technical investigations, and working with stakeholders to contain, remediate, and learn from security incidents.
  • Use Splunk Search Processing Language (SPL) to investigate security events, identify patterns of malicious activity, and support incident response.
  • Design, develop, automate, and continuously tune Splunk detection rules, improving alert fidelity, reducing false positives, and expanding visibility across our technology estate.
  • Build and enhance automation and AI-driven workflows to improve threat detection, investigation, and alert triage, enabling the team to respond more effectively and efficiently at scale.
  • Perform proactive threat hunting using threat intelligence and security telemetry to identify emerging threats, improve detection capabilities, and help shape our Security Operations roadmap.
  • Support the administration, configuration, and continuous optimisation of our SIEM platform (Splunk), ensuring it remains resilient, up to date, cost-effective, and aligned with industry best practices.
  • Partner with Engineering and Technology teams to embed security best practices into systems, tooling, and operational processes, while supporting vulnerability management activities, including the assessment and response to critical and zero-day vulnerabilities.
  • Participate in the On-Call Rota with the Team.
  • Produce clear documentation, dashboards, and reporting that provide operational insight, support knowledge sharing, and enable stakeholders to make informed security decisions. You'll also contribute to the wider Security function by participating in the on-call rota (once established in the role) and supporting compliance and certification activities, including GDPR, PCI DSS, and ISO 27001.

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

We'd love to hear from you if you have... 🔍

  • Hands-on experience with Splunk, including developing and tuning detection rules, log management, and investigating security events using Splunk Search Processing Language (SPL).
  • Experience designing, automating, and continuously improving threat detection capabilities using automation and AI to enhance Security Operations.
  • Experience applying AI, whether through vendor-provided capabilities or custom workflows, to improve threat detection, investigations, or operational efficiency would be highly beneficial.
  • Strong technical knowledge across cybersecurity, infrastructure, networking, or cloud technologies, with the ability to investigate security events and make informed, risk-based decisions.
  • Experience working with security technologies such as Microsoft Defender, endpoint detection and response (EDR) solutions, and SIEM platforms.
  • Experience working with Web Application Firewalls (WAF), including creating, tuning, and maintaining WAF rules to protect internet-facing applications, would be highly beneficial.
  • Experience with vulnerability management, including assessing, prioritising, and responding to critical vulnerabilities and zero-day exploits, would be beneficial.
  • Experience working within an e-commerce or high-traffic digital environment would be highly beneficial, with an understanding of the unique security challenges associated with customer-facing platforms.
  • Excellent analytical, communication, and documentation skills, with the ability to collaborate effectively across teams and explain technical concepts clearly to both technical and non-technical stakeholders. Experience supporting compliance frameworks such as GDPR, PCI DSS, or ISO 27001 would be helpful but isn't essential.

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

More Information

Enjoy fantastic perks like private healthcare & dental insurance, a generous work-from-abroad policy, 2-for-1 share purchase plans, an EV Scheme to further reduce carbon emissions, extra festive time off, and excellent family-friendly benefits.

We prioritise career growth with clear career paths, transparent pay bands, personal learning budgets, and regular learning days. Jump on board and supercharge your career from day one!

We're operating a hybrid model and ask that Trainliners work from the office a minimum of 60% of their time over a 12-week period. We also have a 28-day Work from Abroad policy.

Our Values

Our values represent the things that matter most to us and what we live and breathe every day, in everything we do:

  • 💭 Think Big - We're building the future of rail
  • ✔️ Own It - We focus on every customer, partner, and journey
  • 🤝 Travel Together - We're one team
  • ♻️ Do Good - We make a positive impact

We know that having a diverse team makes us better and helps us succeed. And we mean all forms of diversity - gender, ethnicity, sexuality, disability, nationality, and diversity of thought. That's why we're committed to creating inclusive places to work, where everyone belongs, and differences are valued and celebrated.

Interested in finding out more about what it's like to work at Trainline? Why not check us out on LinkedIn, Instagram, and Glassdoor!

Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Splunk
Splunk Search Processing Language (SPL)
Threat Detection
Incident Response
Automation
AI-driven Workflows
Threat Hunting
SIEM Administration
Vulnerability Management
Microsoft Defender
EDR
Web Application Firewall (WAF)
GDPR
PCI DSS
ISO 27001
Cloud Technologies

Location

London, England, United Kingdom

Sign up to applySee more jobs like this