< Back to search

top 3 scores:
79%

Mission

79%

Hours flexibility

79%

Autonomy

Apply now

Job Description

Company Description

We are champions of rail, inspired to build a greener, more sustainable future of travel. Trainline enables millions of travellers to find and book the best value tickets across carriers, fares, and journey options through our highly rated mobile app, website, and B2B partner channels.

Great journeys start with Trainline 🚄

Now Europe’s number 1 downloaded rail app, with over 125 million monthly visits and £5.3 billion in annual ticket sales, we collaborate with 270+ rail and coach companies in over 40 countries. We want to create a world where travel is as simple, seamless, and affordable as it should be.

Today, we're a FTSE 250 company driven by our incredible team of over 1,000 Trainliners from 50+ nationalities, based across London, Paris, Barcelona, Milan, Edinburgh, Berlin, Madrid, and Brussels. With our focus on growth in the UK and Europe, now is the perfect time to join us on this high-speed journey!

Job Description

Most of our Talent team are currently on leave for the holiday period, so your application is likely to be reviewed in January. Enjoy the break, we’ll get back to you in the new year!

Introducing Security at Trainline👋

Join our dynamic team, where we focus on designing, implementing, and monitoring security controls to ensure a robust security posture in a fast-evolving environment. As part of our mission to continuously improve and mature Trainline's security capabilities, we work in close collaboration with cross functional teams, including Cloud Engineering, SRE, Platform Engineering, and more, to integrate the latest technologies and best practices into our security strategy.

You will play a critical role in safeguarding all digital channels that collectively generate billions of pounds in annual ticket sales, ensuring that our systems remain secure, resilient, and innovative in the face of evolving threats.

As a Principal Cloud Security Engineer at Trainline, you will be responsible for...🚄

  • Cloud Security Architecture & Design: Lead the design, implementation, and maintenance of robust security frameworks and controls to protect cloud infrastructure across multi-cloud environments (AWS, GCP, Azure). Ensure that security is seamlessly integrated into every layer of the cloud architecture, from network configuration to identity management.
  • Container & Orchestration Security: Architect and implement secure containerised environments using platforms like Docker, and ECS. Focus on vulnerability mitigation, compliance automation, and secure orchestration practices to ensure container workloads are resilient and meet organisational security requirements.
  • Security Policy Development & Enforcement: Develop, document, and enforce comprehensive cloud security policies, standards, and procedures that govern cloud infrastructure, services, and containerised workloads. Drive compliance initiatives for security frameworks such as CIS Benchmarks, NIST, and SOC2, ensuring policies are consistently applied across the organization.
  • Cloud Migration & Native Infrastructure Support: Provide expert guidance and hands on support to teams migrating workloads and applications to cloud-native infrastructure, ensuring security considerations are fully addressed throughout the migration lifecycle. Assist in the adoption of best practices for securing cloud-native architectures (e.g., serverless, microservices, and containerised environments).
  • Security Integration into SDLC & CI/CD Pipelines: Collaborate with Development, DevOps, and QA teams to integrate security best practices into the software development lifecycle (SDLC) and CI/CD pipelines. Ensure security is prioritised through automation tools, security testing, and vulnerability scanning as part of the continuous delivery process.
  • Cross-functional Collaboration on Container Security: Partner with Cloud Engineering, DevOps, and Platform teams to enhance the security of container orchestration platforms (e.g, ECS) and containerised workloads. Proactively identify and mitigate risks related to container security, including configuration management, runtime protection, and image scanning.
  • Security Assessments & Incident Response: Conduct security assessments, vulnerability scans and risk analyses to identify and address potential security weaknesses within cloud environments. Support the security operations team in incident response efforts related to cloud security incidents, ensuring timely detection, containment, and remediation.
  • Staying Current on Threat Intelligence & Industry Trends: Continuously research and stay up to date on emerging threats, vulnerabilities, and security trends within cloud infrastructure, container security, and DevSecOps practices. Regularly evaluate new security tools, frameworks, and technologies to enhance the organisation’s cloud security posture.
  • Security Training & Mentorship: Provide ongoing cloud security training, guidance, and mentorship to engineering and DevOps teams, fostering a security-first culture within the organisation. Ensure that teams are well-equipped to identify, understand, and mitigate cloud security risks and align with established security standards and frameworks.

Qualifications

We'd love to hear from you if you have...🔍

  • AWS Expertise & Cloud Security Experience: Proven experience in implementing and managing robust security controls across AWS environments, with a strong understanding of cloud-native security best practices. Familiarity with other major cloud platforms such as GCP and Azure is highly desirable. Experience working with web-based Git repositories (e.g., GitHub, GitLab) and cloud services such as AWS Lambda, API Gateway, and other serverless architectures to ensure secure configurations and operations. Strong understanding of cloud security frameworks, such as AWS Well-Architected Framework and CIS Benchmarks.
  • Cloud & Networking Skills: Solid experience with cloud networking concepts and services, including configuring and securing Virtual Private Clouds (VPCs), Subnets, Security Groups, and Network ACLs. Expertise in implementing and managing Content Delivery Networks (CDNs), Web Application Firewalls (WAF), and DDoS protection. Ability to design and enforce security policies that align with best practices for cloud networking and ensure secure application delivery.
  • Infrastructure & Compliance as Code: In-depth knowledge of Infrastructure as Code (IaC) practices, including the use of tools like Terraform, AWS CloudFormation to automate the provisioning and management of cloud resources. Strong understanding of Policy as Code frameworks such as OPA or AWS config to enforce security policies and compliance requirements automatically across the infrastructure. Experience in driving Cloud Security maturity in fast-paced, agile environments, and advocating for security automation and DevSecOps practices to streamline security governance.
  • Engineering Mindset: A strong engineering mindset with excellent troubleshooting and problem-solving skills to quickly identify security issues and gaps within automated processes. The ability to implement effective solutions that enhance the overall security posture is essential. Additionally, the candidate should possess an analytical approach to continuously evaluate and refine automation workflows, security controls, and cloud security policies, identifying areas for improvement and optimizing the security infrastructure.

Certificates

Any of the following would be beneficial but are not essential. Experience and cultural fit are just as important.

  • CCSP
  • AWS Certified Security
  • AWS Certified DevOps Engineer
  • AWS Certified Solutions Architect
  • CompTIA Cloud+

Additional Information

Enjoy fantastic perks like private healthcare & dental insurance, a generous work from abroad policy, 2-for-1 share purchase plans, extra festive time off, and excellent family-friendly benefits.

We prioritise career growth with clear career paths, transparent pay bands, personal learning budgets, and regular learning days. Jump on board and supercharge your career from day one!

Our values represent the things that matter most to us and what we live and breathe every day, in everything we do:

  • 💭 Think Big - We're building the future of rail
  • ✔️ Own It - We focus on every customer, partner and journey
  • 🤝 ​Travel Together - We're one team
  • ♻️ Do Good - We make a positive impact

Interested in finding out more about what it's like to work at Trainline? Why not check us out on LinkedIn, Instagram and Glassdoor.

Company benefits

Work from anywhere scheme – work from abroad for up to 28 days a year
2 extra days over the Festive period & 25 days annual leave + bank holidays
Buy or sell annual leave – buy or sell up to 3 days each year
Shared parental leave
Carer’s leave – primary & secondary
L&D budget – £300 a year
Personal development days – 4 meeting free Learning Days a year
Health insurance – Bupa Health Insurance for you and your family
Enhanced sick pay – 8 weeks full pay, 18 weeks 75% pay per 12 month period
Free meals – free breakfast & soft drinks every day, monthly lunches and evening socials
Share options
Dental coverage – Bupa Dental Insurance for you and your family
Health assessment – Free annual health check for all employees
Life assurance
Accrued annual leave – carry over 5 days of annual leave each year
Income protection – 75% of your salary
Private GP service – with Bupa
Complimentary Medical Services – Flu vaccinations
Employee assistance programme
Adoption leave – 52 weeks
Fertility treatment leave
Pregnancy loss leave – 2 weeks
Compassionate leave
Mental health platform access
Eye Care Support – vouchers
Annual pay rises – Based on bi-annual performance reviews
Salary sacrifice
Volunteer days – 1 day a year to volunteer with a charity of your choice
Charity donation scheme – Charity matching & Give as you earn
Perkbox subscription
Professional subscriptions
Hackathons
Gym membership – GymFlex scheme
Cycle to work scheme
Faith rooms
Buddy scheme
Optional unpaid leave
Open to compressed hours
Open to job sharing
Open to part time work for some roles
Flexible working week
Travel loan
Enhanced pension match/contribution

We asked employees of Trainline what it's like to work there, and this is what they told us.

Location flexibility
73%
Employees are largely happy with their working location freedom
Hours flexibility
79%
Employees are largely happy with the flexibility in the hours they work
Benefits
70%
Employees are largely happy with the benefits their company offers
Work-life balance
70%
Employees feel that they can switch off quite easily from work
Role modelling
69%
Employees feel that most people work flexibly
Autonomy
79%
Employees feel that they can mostly manage how they get their own work done

Additional employee ratings
(these do not contribute to the FlexScore®)

Diversity
72%
Employees feel that the diversity is good and there are continued efforts to improve it
Inclusion
71%
Employees feel that the culture supports equity and inclusivity well
Culture
77%
Employees enjoy the working environment
Mission
79%
Employees feel quite excited about the company mission
Salary
64%
Employees feel that their salary is good and matches the value they bring

Working at Trainline

Company employees

1000+

Gender diversity (male:female)

60:40

Currently Hiring Countries

United Kingdom

Office Locations