Overview

About us: We are champions of rail, inspired to build a greener, more sustainable future of travel. Trainline enables millions of travellers to find and book the best value tickets across carriers, fares, and journey options through our highly rated mobile app, website, and B2B partner channels.

Great journeys start with Trainline. Now Europe’s number 1 downloaded rail app, with over 125 million monthly visits and £5.9 billion in annual ticket sales, we collaborate with 270+ rail and coach companies in over 40 countries. We want to create a world where travel is as simple, seamless, eco-friendly and affordable as it should be.

Today, we\'re a FTSE 250 company driven by our incredible team of over 1,000 Trainliners from 50+ nationalities, based across London, Paris, Barcelona, Milan, Edinburgh and Madrid. With our focus on growth in the UK and Europe, now is the perfect time to join us on this high-speed journey.

Introducing the Information Security Team at Trainline

As Head of Information Security Risk and Compliance, you will lead the development and management of Trainline’s information security risk and compliance management framework. Reporting to the CISO, you will oversee a team of risk and compliance analysts and associates, driving the integration of governance, risk, and compliance practices throughout Trainline.

This role sits at the intersection of technology, business operations, and assurance, ensuring the delivery of a comprehensive Framework to effectively manage risk and compliance aligned with our business risk appetite and legal and regulatory requirements. You will be responsible for ensuring adherence to key standards such as ISO 27001, ISO 22301, and PCI DSS, while identifying, assessing, and mitigating information security risks that could impact the business.

In this critical role, you will collaborate closely with cross-functional teams including Legal, Engineering, and Procurement to embed risk management into daily operations and strategic initiatives. You will provide regular, insightful reporting to senior leadership and stakeholders, influencing decision-making and strengthening Trainline’s security posture. As a key member of the Security leadership team, your remit will extend beyond risk and compliance to include shaping the security and privacy strategy, enhancing supplier risk processes, and fostering a culture of security awareness across the company. Your leadership and strategic insight will be essential in navigating the evolving regulatory landscape and supporting Trainline’s growth ambitions with robust yet pragmatic risk management.

As the Head of Information Security Risk and Compliance at Trainline, you will...