Senior InfoSec Risk Analyst

Company: Trainline
Apply for the Senior InfoSec Risk Analyst
Location: London
Job Description:

Senior Information Security Risk Analyst

As part of Trainline’s Information Security (InfoSec) team, reporting to the GRC Manager, the Senior Information Security Risk Analyst will mature and maintain our risk management practices across the entire organization, including the growing landscape of AI risk. The role sits at the intersection of technology, business operations, and assurance, ensuring that security risks from traditional cyber threats and AI‑specific risks are understood, effectively managed, and aligned with our business risk appetite.

Responsibilities

  • Lead the identification, documentation, and tracking of security and cyber risks across all functions and departments.
  • Maintain the Information Security Risk Framework and Register in line with enterprise risk methodology, supporting delivery of centralized risk reporting via the CISO/GRC Dashboard.
  • Facilitate risk workshops, control self‑assessments (CSAs), and policy reviews with business units.
  • Track risk remediation efforts and elevate critical project, operational and supplier risks to appropriate forums.
  • Collaborate with engineering, legal, privacy and product teams to assess and document risk impacts.
  • Support the development and implementation of the AI Readiness and Governance framework, including conducting AI risk assessments for new and existing AI use cases, applying the risk classification model, and maintaining the AI use case register. This includes evaluating risks around data quality, model bias, transparency, third‑party AI dependencies, and regulatory compliance.
  • Conduct structured AI risk assessments across the business, working with product, data science, and engineering teams to evaluate AI use cases against the risk classification model, assess control adequacy, and ensure high‑risk use cases have approved controls before production release.
  • Support the implementation and ongoing maintenance of the unified internal control framework, mapping controls across ISO 27001, ISO 22301, Cyber Essentials, and PCI DSS.
  • Leverage AI tools and techniques to streamline repetitive GRC tasks such as policy gap analysis, control mapping, vendor questionnaire processing, and risk reporting.
  • Provide risk advisory for new product launches, technology and AI adoptions, and vendor integrations ensuring Security by Design and informed risk decision making.
  • Support internal education and awareness around security risk and governance.

Qualifications

  • Proven experience in Information Security or Cyber Risk, with direct experience in a cloud‑first, tech‑driven environment.
  • Experience conducting AI risk assessments, including evaluating risks related to data privacy, model bias, hallucination, third‑party AI tooling, and regulatory compliance.
  • Familiarity with AI governance frameworks such as ISO 42001, the EU AI Act risk classification approach, or NIST AI RMF.
  • Experience with common infosec standards/frameworks particularly ISO 27001, ISO 22301, and PCI DSS.
  • Experience with Cyber Essentials and NIS 2 is a strong advantage.
  • Clear communicator able to translate technical risks for non‑technical audiences.
  • Hands‑on experience with GRC platforms and tooling (e.g. ServiceNow GRC, Archer, LogicGate, Vanta, or similar) including configuration, workflow design, and reporting.
  • Experience working with internal audit, privacy, legal and other cross‑functional business stakeholders.
  • Strong verbal and written communication skills, with the ability to influence at all levels.
  • Comfortable navigating ambiguity, competing priorities, and organizational scale‑up challenges.

Nice to Have

  • Experience assessing large language model (LLM) deployments, AI‑as‑a‑service integrations, or machine learning pipelines from a security and governance perspective.
  • Experience building automated compliance evidence pipelines or continuous control monitoring.
  • Demonstrable experience automating GRC processes whether through scripting, no‑code/low‑code platforms, API integrations, or GRC‑specific tooling.
  • Active and proficient use of AI tools (e.g. LLMs, AI assistants, AI‑powered search) to accelerate day‑to‑day work.
  • Background in security engineering, DevSecOps, or technical GRC implementation alongside traditional risk management.
  • Experience with data analytics or BI tools (e.g. Power BI, Tableau) for risk and compliance reporting.
  • Contributions to GRC community knowledge (blog posts, conference talks, open‑source tools).

Benefits

Private healthcare and dental insurance, a generous work‑from‑abroad policy, 2‑for‑1 share purchase plans, an EV scheme to further reduce carbon emissions, extra festive time off, and excellent family‑friendly benefits.

Career growth with clear career paths, transparent pay bands, personal learning budgets, and regular learning days.

Hybrid work model: office minimum 60% of time over a 12‑week period, 28‑day work‑from‑abroad policy.

Diversity and Inclusion

We know that having a diverse team makes us better and helps us succeed. And we mean all forms of diversity – gender, ethnicity, sexuality, disability, nationality and diversity of thought. That’s why we’re committed to creating inclusive places to work, where everyone belongs and differences are valued and celebrated.

#J-18808-Ljbffr…

Posted: April 26th, 2026
Popular Searches
Jobs by Sector
Jobs by Location

Admin jobs | Airport jobs | Amazon Driver jobs | Amazon Warehouse Operative jobs | Apprentice Electrician jobs | Apprenticeship jobs | Bricklaying jobs | Business Analyst jobs | Business Development Manager jobs | Care Assistant jobs | Care Home jobs | Caregiver jobs | Civil Service jobs | Class 1 Driver jobs | Cleaner jobs | Cleaning jobs | Council jobs | Cyber Security jobs | Data Analyst jobs | Data Entry jobs | Data Scientist jobs | Delivery Driver jobs | Digital Marketing jobs | Driver jobs | Driving jobs | Electrician jobs | Graphic Designer jobs | Healthcare Assistant jobs | HGV Class 2 Driver jobs | HGV Driver jobs | HGV jobs | HGVClass 1 Driver jobs | Hospital jobs | Housing jobs | Immediate Start jobs | It Consultant jobs | It Support jobs | Jobs for 16 Year Olds | Joiner jobs | Labourer jobs | Management jobs | NHS jobs | Night Shift jobs | Offshore jobs | Online jobs | Paralegal jobs | Personal Assistant jobs | Project Manager jobs | Receptionist jobs | Sales Assistant jobs | Scrum Master jobs | Security Guard jobs | Security jobs | Security Officer jobs | SEO jobs | Support Worker jobs | Teaching Assistant jobs | Van Driver jobs | Warehouse jobs | Warehouse Operative jobs | Web Designer jobs | Weekend jobs | Work From Home jobs

Accountancy jobs | Administration jobs | Advertising jobs | Aerospace jobs | Apprenticeships jobs | Automotive jobs | Banking jobs | Call Centre jobs | Catering jobs | Charity jobs | Construction jobs | Creative jobs | Customer Service jobs | Digital jobs | Education jobs | Engineering jobs | Finance jobs | FMCG jobs | Graduate jobs | Healthcare jobs | Hospitality jobs | HR jobs | Insurance jobs | IT jobs | Legal jobs | Leisure jobs | Logistics jobs | Management Consultancy jobs | Manufacturing jobs | Marketing jobs | Media jobs | Nursing jobs | Oil and Gas jobs | PA jobs | Part time jobs | Pharmaceutical jobs | PR jobs | Property jobs | Public Sector jobs | Recruitment Sales jobs | Renewable Energy jobs | Retail jobs | Sales jobs | Science jobs | Secretarial jobs | Senior Appointments jobs | Social Work jobs | Teaching jobs | Telecoms jobs | Temporary jobs | Tourism jobs | Transport jobs | Travel jobs | Utilities jobs | Wholesale jobs

Jobs in Aberdeen | Jobs in Belfast | Jobs in Birmingham | Jobs in Bolton | Jobs in Bournemouth | Jobs in Bradford | Jobs in Bristol | Jobs in Cambridge | Jobs in Cardiff | Jobs in Cornwall | Jobs in Coventry | Jobs in Derby | Jobs in Devon | Jobs in Doncaster | Jobs in Dundee | Jobs in East Anglia | Jobs in East Midlands | Jobs in Edinburgh | Jobs in Essex | Jobs in Exeter | Jobs in Glasgow | Jobs in Hull | Jobs in Inverness | Jobs in Ipswich | Jobs in Isle Of Wight | Jobs in Kent | Jobs in Leeds | Jobs in Leicester | Jobs in Liverpool | Jobs in London | Jobs in Luton | Jobs in Manchester | Jobs in Middlesbrough | Jobs in Milton Keynes | Jobs in Newcastle Upon Tyne | Jobs in Newport, Gwent | Jobs in North East | Jobs in North West | Jobs in Northampton | Jobs in Northern Ireland | Jobs in Norwich | Jobs in Nottingham | Jobs in Peterborough | Jobs in Plymouth | Jobs in Reading | Jobs in Scotland | Jobs in Sheffield | Jobs in South East | Jobs in South West | Jobs in Southampton | Jobs in Stoke On Trent | Jobs in Sunderland | Jobs in Surrey | Jobs in Swansea | Jobs in Swindon | Jobs in Telford | Jobs in Wales | Jobs in Wolverhampton | Jobs in Wrexham | Jobs in York | Jobs in Yorkshire