Enterprise Collaboration Tools Administrator
European Bank for Reconstruction and Development (EBRD)
Sofia
Bulgaria
January 8, 2026
Full-timeJanuary 8, 2026
Principal Security Engineer
Job Description
Job Posting Organization:
The European Bank for Reconstruction and Development (EBRD) is a pioneering international financial institution established in 199
Job Overview:
The Principal security" style="border-bottom: 1px dotted #007bff !important;">Security Engineer is responsible for leading the strategy, design, implementation, support, and maintenance of the Bank's platforms and software solutions. This role acts as the technical lead for one or more multi-disciplinary platform or software delivery squads, with a direct responsibility for setting the overall technical direction and design approaches. The Principal will ensure that technical approaches are well-defined and prioritized in collaboration with Product Owners, Solution Architects, Delivery Managers, Capability Leads, and other engineering teams. The focus will be on ensuring product robustness and facilitating efficient and effective delivery, while also integrating security into CI/CD pipelines and developer tooling. The Principal will work closely with security architecture teams and engage with security architects to validate threat scenarios and mitigation strategies, ensuring that security principles are incorporated into the design of hardware and software systems.
Duties and Responsibilities:
The Principal Security Engineer will consult on integrating security into CI/CD pipelines and developer tooling, creating secure 'golden paths' for compliant software delivery. Responsibilities include advising on security standards for platform infrastructure, collaborating with security engineers, supporting platform teams in threat modeling, and establishing secure-by-design principles. The role involves providing guidance on identity and access strategies, coordinating with the CISO’s office, and consulting on security observability and vulnerability management. The Principal will also be responsible for ensuring that security tooling, processes, and standards enable assigned capabilities to be efficient and effective. Additionally, the Principal will gather technical requirements for new engagements and assist the Capability Leadership team in building vision and roadmaps, while creating a psychologically safe environment for the squad.
Required Qualifications:
Candidates must possess extensive experience in security technology and engineering, with a deep understanding of the latest security technology trends. Technical knowledge in security engineering, system and network security, and authentication protocols is essential. In-depth knowledge of cybersecurity methodologies, including OWASP and cyber threat intelligence frameworks, is required. Candidates should have a strong understanding of cloud security, secure application development lifecycle, and experience managing teams and service providers. Familiarity with ITIL governance, NIST Cyber Security Framework, and ISO27001 is preferred, along with experience working with Agile software development teams.
Educational Background:
A degree in Computer Science, Information Technology, Cybersecurity, or a related field is required. Advanced certifications in security (such as CISSP, CISM, or equivalent) are highly desirable and will be considered an asset.
Experience:
Candidates should have significant experience in security engineering roles, ideally with a minimum of 5-7 years in a similar position. Experience in managing teams and working in a multi-disciplinary environment is essential, along with a proven track record of delivering security solutions in complex environments.
Languages:
Fluency in English is mandatory, both written and spoken. Knowledge of additional languages relevant to the EBRD member countries is considered an asset and may enhance a candidate's application.
Additional Notes:
This position is a fixed-term contract for a duration of 3 years. The role is full-time and based in Sofia, Bulgaria. The EBRD promotes a hybrid working model, encouraging collaboration in person at least three days a week. The organization values diversity and encourages applications from all qualified candidates, regardless of background.
The European Bank for Reconstruction and Development (EBRD) is a pioneering international financial institution established in 199
- The EBRD's mission is to foster the transition to open market-oriented economies and promote private and entrepreneurial initiative in countries from Central Europe to Central Asia and the Southern and Eastern Mediterranean. The organization operates in over 30 countries and employs a diverse workforce of approximately 2,000 employees. The EBRD is committed to promoting sustainable development and enhancing the quality of life in the regions it serves, focusing on inclusiveness, innovation, trust, and responsibility.
Job Overview:
The Principal security" style="border-bottom: 1px dotted #007bff !important;">Security Engineer is responsible for leading the strategy, design, implementation, support, and maintenance of the Bank's platforms and software solutions. This role acts as the technical lead for one or more multi-disciplinary platform or software delivery squads, with a direct responsibility for setting the overall technical direction and design approaches. The Principal will ensure that technical approaches are well-defined and prioritized in collaboration with Product Owners, Solution Architects, Delivery Managers, Capability Leads, and other engineering teams. The focus will be on ensuring product robustness and facilitating efficient and effective delivery, while also integrating security into CI/CD pipelines and developer tooling. The Principal will work closely with security architecture teams and engage with security architects to validate threat scenarios and mitigation strategies, ensuring that security principles are incorporated into the design of hardware and software systems.
Duties and Responsibilities:
The Principal Security Engineer will consult on integrating security into CI/CD pipelines and developer tooling, creating secure 'golden paths' for compliant software delivery. Responsibilities include advising on security standards for platform infrastructure, collaborating with security engineers, supporting platform teams in threat modeling, and establishing secure-by-design principles. The role involves providing guidance on identity and access strategies, coordinating with the CISO’s office, and consulting on security observability and vulnerability management. The Principal will also be responsible for ensuring that security tooling, processes, and standards enable assigned capabilities to be efficient and effective. Additionally, the Principal will gather technical requirements for new engagements and assist the Capability Leadership team in building vision and roadmaps, while creating a psychologically safe environment for the squad.
Required Qualifications:
Candidates must possess extensive experience in security technology and engineering, with a deep understanding of the latest security technology trends. Technical knowledge in security engineering, system and network security, and authentication protocols is essential. In-depth knowledge of cybersecurity methodologies, including OWASP and cyber threat intelligence frameworks, is required. Candidates should have a strong understanding of cloud security, secure application development lifecycle, and experience managing teams and service providers. Familiarity with ITIL governance, NIST Cyber Security Framework, and ISO27001 is preferred, along with experience working with Agile software development teams.
Educational Background:
A degree in Computer Science, Information Technology, Cybersecurity, or a related field is required. Advanced certifications in security (such as CISSP, CISM, or equivalent) are highly desirable and will be considered an asset.
Experience:
Candidates should have significant experience in security engineering roles, ideally with a minimum of 5-7 years in a similar position. Experience in managing teams and working in a multi-disciplinary environment is essential, along with a proven track record of delivering security solutions in complex environments.
Languages:
Fluency in English is mandatory, both written and spoken. Knowledge of additional languages relevant to the EBRD member countries is considered an asset and may enhance a candidate's application.
Additional Notes:
This position is a fixed-term contract for a duration of 3 years. The role is full-time and based in Sofia, Bulgaria. The EBRD promotes a hybrid working model, encouraging collaboration in person at least three days a week. The organization values diversity and encourages applications from all qualified candidates, regardless of background.
Info
Job Posting Disclaimer
This job posting is provided for informational purposes only. The accuracy of the job description, qualifications, and other details mentioned is the sole responsibility of the employer or the organization listing the job. We do not guarantee the validity or legitimacy of this job posting. Candidates are advised to conduct their own due diligence and verify the details directly with the employer before applying.
We are not liable for any decisions or actions taken by applicants in response to this job listing. By applying, you agree that all application processes, interviews, and potential job offers are managed exclusively by the listed employer or organization.
Beware of fraudulent job offers. Do not provide sensitive personal information or make any payments to secure a job.
We are not liable for any decisions or actions taken by applicants in response to this job listing. By applying, you agree that all application processes, interviews, and potential job offers are managed exclusively by the listed employer or organization.
Beware of fraudulent job offers. Do not provide sensitive personal information or make any payments to secure a job.