Enterprise Collaboration Tools Administrator
European Bank for Reconstruction and Development (EBRD)
Sofia
Bulgaria
January 8, 2026
Full-timeJanuary 8, 2026
Incident Response Engineer
Job Description
Job Posting Organization:
The European Bank for Reconstruction and Development (EBRD) is a pioneering international organization established to support the development of market economies and promote private and entrepreneurial initiatives in countries transitioning to market economies. Founded in 1991, the EBRD operates in over 30 countries across Europe, Asia, and the Middle East, employing thousands of professionals dedicated to fostering sustainable development and economic growth. The EBRD's mission is to promote the transition to open market-oriented economies and to promote private and entrepreneurial initiatives. The organization is committed to sustainability, equality, and digital transformation, ensuring that its operations align with its core values of inclusiveness, innovation, trust, and responsibility.
Job Overview:
The Incident Response Engineer will play a critical role in the detection, analysis, and containment of cybersecurity threats across various environments, including on-premises, cloud, and hybrid systems. This position requires a proactive approach to incident response, utilizing SIEM and SOAR tools to monitor for anomalous activities and respond effectively to security" style="border-bottom: 1px dotted #007bff !important;">security incidents. The engineer will be responsible for tuning detection content, conducting forensic analysis, and leading the technical response to security alerts. The role also involves collaboration with Managed Security Service Providers (MSSPs), internal Security Operations Center (SOC) teams, and cloud security specialists to enhance the incident response function. The engineer will apply established frameworks such as NIST CSF and MITRE ATT&CK to orchestrate response playbooks and drive improvements in organizational resilience and recovery strategies. This position is ideal for individuals who thrive in high-pressure situations and are looking to make a significant impact in the field of cybersecurity.
Duties and Responsibilities:
The Incident Response Engineer will be responsible for a wide range of duties, including but not limited to: supporting the MSSP with network monitoring and intrusion detection analysis using various tools; assisting with cloud-centric threat detection; contributing to correlation activities across different assets and environments to identify anomalous patterns; reviewing alerts and documenting formal incident reports; providing incident response support and forensic analysis; creating and testing business continuity and disaster recovery plans; managing and tuning the SIEM system; correlating network, cloud, and endpoint activities to identify unauthorized use; coordinating with internal incident response teams to manage and resolve incidents; and participating in after-hours support for cybersecurity incidents. The engineer will also be expected to stay updated on the latest cybersecurity trends and threats, continuously improving incident response processes and methodologies.
Required Qualifications:
Candidates must possess a strong understanding of security information and event management (SIEM) and security orchestration, automation, and response (SOAR) tools. Familiarity with incident response frameworks such as NIST CSF and MITRE ATT&CK is essential. Experience with incident response tools and technologies, including forensics and threat intelligence, is required. Candidates should have a proven track record of developing and implementing incident response plans, as well as the ability to communicate complex technical issues effectively to diverse audiences. Knowledge of cloud security concepts and best practices, particularly related to major cloud platforms like AWS, Azure, and GCP, is also necessary. Familiarity with security automation tools and techniques is advantageous.
Educational Background:
A bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field is required. Advanced degrees or certifications in cybersecurity or information security are preferred and may enhance a candidate's qualifications for this role.
Experience:
Candidates should have substantial experience in incident response, cybersecurity operations, or a related field. A minimum of 5 years of relevant experience is typically expected, with a strong emphasis on hands-on experience in managing security incidents and utilizing incident response tools and methodologies.
Languages:
Fluency in English is mandatory, as the role requires effective communication with diverse stakeholders. Proficiency in additional languages, particularly those relevant to the EBRD's operational regions, is considered a valuable asset.
Additional Notes:
This position is a fixed-term contract lasting 3 years. The EBRD promotes a hybrid working model, encouraging collaboration in person at least three days a week. The organization values diversity and inclusion, welcoming applications from all qualified candidates regardless of their background. The EBRD offers a comprehensive suite of competitive benefits and prioritizes employee wellbeing.
The European Bank for Reconstruction and Development (EBRD) is a pioneering international organization established to support the development of market economies and promote private and entrepreneurial initiatives in countries transitioning to market economies. Founded in 1991, the EBRD operates in over 30 countries across Europe, Asia, and the Middle East, employing thousands of professionals dedicated to fostering sustainable development and economic growth. The EBRD's mission is to promote the transition to open market-oriented economies and to promote private and entrepreneurial initiatives. The organization is committed to sustainability, equality, and digital transformation, ensuring that its operations align with its core values of inclusiveness, innovation, trust, and responsibility.
Job Overview:
The Incident Response Engineer will play a critical role in the detection, analysis, and containment of cybersecurity threats across various environments, including on-premises, cloud, and hybrid systems. This position requires a proactive approach to incident response, utilizing SIEM and SOAR tools to monitor for anomalous activities and respond effectively to security" style="border-bottom: 1px dotted #007bff !important;">security incidents. The engineer will be responsible for tuning detection content, conducting forensic analysis, and leading the technical response to security alerts. The role also involves collaboration with Managed Security Service Providers (MSSPs), internal Security Operations Center (SOC) teams, and cloud security specialists to enhance the incident response function. The engineer will apply established frameworks such as NIST CSF and MITRE ATT&CK to orchestrate response playbooks and drive improvements in organizational resilience and recovery strategies. This position is ideal for individuals who thrive in high-pressure situations and are looking to make a significant impact in the field of cybersecurity.
Duties and Responsibilities:
The Incident Response Engineer will be responsible for a wide range of duties, including but not limited to: supporting the MSSP with network monitoring and intrusion detection analysis using various tools; assisting with cloud-centric threat detection; contributing to correlation activities across different assets and environments to identify anomalous patterns; reviewing alerts and documenting formal incident reports; providing incident response support and forensic analysis; creating and testing business continuity and disaster recovery plans; managing and tuning the SIEM system; correlating network, cloud, and endpoint activities to identify unauthorized use; coordinating with internal incident response teams to manage and resolve incidents; and participating in after-hours support for cybersecurity incidents. The engineer will also be expected to stay updated on the latest cybersecurity trends and threats, continuously improving incident response processes and methodologies.
Required Qualifications:
Candidates must possess a strong understanding of security information and event management (SIEM) and security orchestration, automation, and response (SOAR) tools. Familiarity with incident response frameworks such as NIST CSF and MITRE ATT&CK is essential. Experience with incident response tools and technologies, including forensics and threat intelligence, is required. Candidates should have a proven track record of developing and implementing incident response plans, as well as the ability to communicate complex technical issues effectively to diverse audiences. Knowledge of cloud security concepts and best practices, particularly related to major cloud platforms like AWS, Azure, and GCP, is also necessary. Familiarity with security automation tools and techniques is advantageous.
Educational Background:
A bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field is required. Advanced degrees or certifications in cybersecurity or information security are preferred and may enhance a candidate's qualifications for this role.
Experience:
Candidates should have substantial experience in incident response, cybersecurity operations, or a related field. A minimum of 5 years of relevant experience is typically expected, with a strong emphasis on hands-on experience in managing security incidents and utilizing incident response tools and methodologies.
Languages:
Fluency in English is mandatory, as the role requires effective communication with diverse stakeholders. Proficiency in additional languages, particularly those relevant to the EBRD's operational regions, is considered a valuable asset.
Additional Notes:
This position is a fixed-term contract lasting 3 years. The EBRD promotes a hybrid working model, encouraging collaboration in person at least three days a week. The organization values diversity and inclusion, welcoming applications from all qualified candidates regardless of their background. The EBRD offers a comprehensive suite of competitive benefits and prioritizes employee wellbeing.
Info
Job Posting Disclaimer
This job posting is provided for informational purposes only. The accuracy of the job description, qualifications, and other details mentioned is the sole responsibility of the employer or the organization listing the job. We do not guarantee the validity or legitimacy of this job posting. Candidates are advised to conduct their own due diligence and verify the details directly with the employer before applying.
We are not liable for any decisions or actions taken by applicants in response to this job listing. By applying, you agree that all application processes, interviews, and potential job offers are managed exclusively by the listed employer or organization.
Beware of fraudulent job offers. Do not provide sensitive personal information or make any payments to secure a job.
We are not liable for any decisions or actions taken by applicants in response to this job listing. By applying, you agree that all application processes, interviews, and potential job offers are managed exclusively by the listed employer or organization.
Beware of fraudulent job offers. Do not provide sensitive personal information or make any payments to secure a job.