Principal, Security Engineer, Platform Engineering

Requisition ID 35896 Office Country Bulgaria Office City Sofia Division Information Technology   Contract Type Fixed Term  Contract Length 3 years  Posting End Date 31/07/2025 

 

 

 

 

Purpose of Job

 

The Principal leads the strategy, design, implementation, support and maintenance of the Bank's platforms and software solutions.

The Principal acts as technical lead to one or more multi-disciplinary platform or software delivery squads, with direct responsibility for setting the overall technical direction and design approaches for one or more squads, ensuring adherence to best practices, EBRD standards, and technical requirements.

The role involves ensuring technical approaches are well-defined and prioritised in collaboration with Product Owners, Solution Architects, Delivery Managers, Capability Leads, and other engineering teams, with a focus on ensuring product robustness and facilitating efficient and effective delivery.

 

Accountabilities & Responsibilities

 

• Consult on integrating security into CI/CD pipelines and developer tooling, including the creation of secure “golden paths” that promote safe and compliant software delivery. Collaborate with other security engineers to ensure alignment with secure development lifecycle practices.
• Advise on security standards and architectural patterns for platform infrastructure across compute, network, and storage layers in cloud-native and hybrid environments. This includes physical servers, hypervisors, virtualisation platforms, software-defined networks, firewalls, wireless and wired networking, storage area networks, network-attached storage, backup and replication systems, and observability and automation frameworks. Work closely with security architecture teams to ensure consistency with enterprise security models.
• Support platform teams in conducting threat modelling and establishing secure-by-design principles for shared services such as ingress, service mesh, and secrets management. Engage with security architects and engineering leads to validate threat scenarios and mitigation strategies.
• Provide guidance on identity and access strategies, including Zero Trust principles, workload identity, and service authentication across platform components. Coordinate with the CISO’s office to ensure alignment with organisational identity governance and access control policies.
• Consult on security observability, vulnerability management, and configuration compliance, including the use of SIEM platforms for log aggregation, correlation, and alerting to support threat detection and response. Help teams adopt best practices for monitoring, remediation, and drift detection, in collaboration with security operations and compliance stakeholders.
• Is responsible for ensuring Security tooling, processes and Standards enable assigned Capability to be efficient, effective and agile
• Is responsible to staying abreast of the latest advancements in technology, the latest threats that EBRD (or similar organisations face) and identifying appropriate security technology to reduce risk
• Is responsible for working with Capability to incorporate security principles into the design of hardware and software systems
• Is responsible for working with Capability to ensuring systems are designed to be resilient from Cyber-attacks and can maintain functionality under adverse conditions
• Is responsible for ensuring Network, Applications, Identity (and other such technical teams) are using Security Engineering practises, tooling and standards to reduce risk and improve cyber maturity
• Works with Principal, Security Operations & other Capabilities in holding the Security & other Partners to account for delivery of Security Technology
• Gathers technical requirements for new engagements (IT programmes, projects, discrete enhancements, consultancy engagements or BAU service delivery) or changes existing engagements with security partners, projects and programmes
• Assists the Capability Leadership team comprised of the Associate Director - Capability Lead, Associate Director - Product Owner, Principal - Capability Architect, Principal - Quality Engineering to build the vision and roadmaps
• Responsible for creating a psychologically safe environment in which the newly formed squad can operate and promote security awareness and training

 

Knowledge and Experience

 

• Proficient in communicating complex technical issues to diverse audiences, ensuring information is delivered in a clear, authoritative, and actionable manner, both orally and in writing.
• Extensive Security Technology and Engineering experience with deep insight into the latest security technology trends
• Technical knowledge in security engineering, system and network security, authentication and security protocols
• In-depth knowledge of drivers of cyber engineering, cybersecurity terminology, methodologies including the OWASP and cyber threat intelligence frameworks
• Extensive technical understanding of Cloud security, security configuration and best practices for servers, workstations, SASE technologies, SD-WAN, Firewall infrastructure and penetration testing scoping.
• Excellent understanding of the Secure Application Development Lifecycle (SDLC) and the ability to advise the AppDev teams in the remediation.
• Expert knowledge of Microsoft Cloud security features, including Azure AD, Microsoft Defender, DLP, etc
• Extensive experience in managing teams, managed service providers and professional service organisations
• Comfortable managing resourcing requirements (supply and demand)
• An excellent understanding of security engineering principles and how they are applied across all forms of technology
• Experience working in an ITIL governed environment, ideally certified
• Experience working with the NIST Cyber Security Framework and ISO27001
• Familiarity of working with Agile software development teams, ensuring that security enhances velocity rather than introduces inertia, whilst remaining secure.
• Driven to ensure wherever possible technology is automated and appropriately quality assured with the aim of removing waste

What is it like to work at the EBRD? / About EBRD 

 

Our agile and innovative approach is what makes life at the EBRD a unique experience! You will be part of a pioneering and diverse international organisation, and use your talents to make a real difference to people's lives and help shape the future of the regions we invest in.  

 

At EBRD, our Values – Inclusiveness, Innovation, Trust, and Responsibility – are at the heart of how we work. We bring these to life through our Workplace Behaviours: listening well and speaking up, collaborating smartly, acting decisively with full commitment, and simplifying to amplify our impact. These principles shape our culture and define our success. We seek individuals who not only share these values but are also committed to embedding them in their daily work, fostering a positive and high-performing environment. 

 

The EBRD environment provides you with: 

• Varied, stimulating and engaging work that gives you an opportunity to interact with a wide range of experts in the financial, political, public and private sectors across the regions we invest in. 
• A working culture that embraces inclusion and celebrates diversity. Our workforce reflects a broad range of backgrounds, perspectives, and experiences, bringing fresh ideas, energy, and innovation and enhancing our ability to serve our clients, shareholders, and counterparties effectively.
• We offer hybrid and flexible working arrangements and believe we operate at our best when collaborating 3 days a week in person (minimum)
• An environment that places sustainability, equality and digital transformation at the heart of what we do. 
• A workplace that prioritises employee wellbeing and provides a comprehensive suite of competitive benefits. 

 

Diversity is one of the Bank’s core values which are at the heart of everything it does.  As such, the EBRD seeks to ensure that everyone is treated with respect and given equal opportunities and works in an inclusive environment. The EBRD encourages all qualified candidates who are nationals of the EBRD member countries to apply regardless of their racial, ethnic, religious and cultural background, gender, gender identity, sexual orientation, age, socio-economic background or disability.   

 

Please note, that due to the high volume of applications received, we regret to inform you that we are unable to provide detailed feedback to candidates who have not been shortlisted (for further consideration).