Chief Information Security Officer

Trainline

  • London
  • Permanent
  • Full-time
  • 15 days ago
Company DescriptionWe are champions of rail, inspired to build a greener, more sustainable future of travel. Our purpose is our momentum. It makes us feel good because we know we're doing good. As we lead the way to a greener future, we do it together. We're all about connections - with each other, with our customers and with the world. Just as our platform brings the world together, it's our ambition that connects us. We motivate each other to go beyond our limits, to experiment, to fail and to always grow.With over 110 million visits every month to our platform and £4.3 billion in net ticket sales, we're always innovating and making moves towards our final destination - a world where travel is as simple, seamless, and affordable as it should be.And we couldn't do any of it without our incredible people driving us forward. Today, we're a FTSE 250 company that's proudly home to more than 1000 Trainliners from over 60 nationalities across offices in London, Paris, Barcelona, Milan, Edinburgh, Berlin, Madrid and Brussels. It's this diversity that energises us and makes us stronger, helping us to achieve amazing things.With our sights firmly set on further European growth, there is no better time to jump on board this high-speed train and be part of our continued success.Great journeys start with Trainline.Job DescriptionAs the Chief Information Security Officer (CISO) at Trainline, you will play a critical role in establishing and maintaining the security and privacy of our digital assets, employee, and customer data. You will lead a multifaceted approach to cybersecurity and privacy, developing and implementing comprehensive strategies, policies, and programs to safeguard our information assets while also ensuring compliance with data protection regulations and standards.This is a fantastic opportunity for someone who is passionate about information security, compliance and privacy and want to play a pivotal role in protecting our employee and customers' data while shaping the future of sustainable travel. You will be pivotal in helping us deliver a safe, secure, and privacy-respecting travel experience for millions of travellers across Europe.
  • Develop and implement Trainline's information security and privacy strategy, vision, and roadmap, aligning with business objectives and regulatory requirements.
  • Lead the design, implementation, and management of a robust information security and privacy program, encompassing policies, standards, procedures, and controls.
  • Provide leadership and guidance to the security, compliance and privacy teams, fostering a culture of collaboration, innovation, and continuous improvement.
  • Conduct regular risk assessments and vulnerability assessments to identify and prioritize security and privacy risks, and develop mitigation strategies and controls.
  • Oversee the implementation of security and privacy controls and technologies to protect Trainline's digital infrastructure and data from cyber threats and privacy breaches.
  • Establish incident response procedures and contribute to incident response efforts in the event of security breaches or privacy incidents, ensuring timely and effective resolution.
  • Collaborate closely with cross-functional teams, including finance, legal, compliance, and the wider tech and product organisation, to integrate security and privacy into all aspects of Trainline's operations and product lifecycle.
  • Stay informed about emerging threats, vulnerabilities, and privacy regulations, and provide guidance and recommendations to senior management on security and privacy best practices and trends.
  • Develop and maintain relationships with external partners, vendors, and industry peers to enhance Trainline's security and privacy posture and stay abreast of industry developments.
Qualifications
  • Proven experience (15+ years) in information security and privacy leadership roles, with expertise in cybersecurity strategy, governance, risk management, and compliance.
  • Strong understanding of cybersecurity and privacy principles, laws, regulations, frameworks, and best practices (e.g., ISO, PCI, GDPR, etc.).
  • Experience leading multidisciplinary teams and fostering a collaborative and inclusive work environment.
  • Excellent leadership, communication, and interpersonal skills, with the ability to effectively influence and collaborate with stakeholders at all levels of the organization.
Additional InformationWhy should you jump on board?We pay special attention to learning and development and organise quarterly company learning days as well as offering a learning budget that can be put towards resources of your choice. We will cover the costs of your professional subscriptions and give you access to our very own learning platform.At Trainline, we care about the wellness of our employees. We host puppy therapy sessions, in-office yoga and run Mental Health First Aider training courses as well as having an Employee Assistance Program as one of our many company benefits.We regularly throw fun social events such pub quizzes, karaoke nights and our large-scale Summer and Winter Festivals every year. Additionally, we love hosting meetups in our amazing event spaces and having the opportunity to support internal and external community groups.We also hold companywide hackathons and our annual Trainline Tech Summit, which provides Trainliners with an opportunity to stand up and share their story, learnings, or new skills with their colleagues in a safe environment.Our flexi-first approachWe believe in the importance of a healthy work-life balance and the value of a flexible workforce. Our flexi-first approach outlines our commitment to a hybrid way of working and our expectations of Trainliners. A key part of what makes Trainline special is our people and the value we get from the buzz and energy of our workplaces, and that's why we're proud to offer the best of both worlds. In practice this means in-office attendance at least 40% of the time over a 12-week period for all Trainliners. These in-office days are typically team led to help us connect, collaborate and create together.Our Values
  • Think Big - We're building the future of rail
  • Own It - We care about every customer, partner and journey
  • Do Good - We make a positive impact
  • Travel Together - We're one team
Interested in finding out more about what it's like to work at Trainline? Why not check out what our employees say about us on ? You can also find out more information by following us on or our 'Life at Trainline' account.We value open expression at Trainline, we believe it's the diversity of experience, backgrounds and perspectives of our employees that makes us who we are. We encourage everybody to play a part in changing the way people travel across the world.

Trainline