Senior Information Security Risk Analyst

As part of Trainline's Information Security (InfoSec) team, reporting to the GRC Manager, the Senior Information Security Risk Analyst will mature and maintain our risk management practices across the entire organization, including the growing landscape of AI risk. The role sits at the intersection of technology, business operations, and assurance, ensuring that security risks from traditional cyber threats and AI‑specific risks are understood, effectively managed, and aligned with our business risk appetite.

Responsibilities

• Lead the identification, documentation, and tracking of security and cyber risks across all functions and departments.
• Maintain the Information Security Risk Framework and Register in line with enterprise risk methodology, supporting delivery of centralized risk reporting via the CISO/GRC Dashboard.
• Facilitate risk workshops, control self‑assessments (CSAs), and po...