The Role

As a Product Security Engineer Analyst, you will help embed security into our product development lifecycle, handle vulnerability management, and collaborate across teams to improve security practices across Trainline’s digital products.

What You’ll Do

Support Secure Development

• Support the integration of security practices across the product development lifecycle, helping teams design and build secure services and features.
• Work with teams to promote secure-by-default and a shift‑left approach to security, ensuring security considerations are addressed early to reduce the risk and cost of fixing issues later.
• Help integrate security checks (e.g., SAST, SCA, secret scanning) into CI/CD workflows to identify risks during development.
• Assist in triaging and analysing findings from automated tooling, validating results, false positives, and partnering with engineering teams to prioritise and remediate...