Associate IT Workforce Development and Engagement Officer
World Bank
Sofia
Bulgaria
April 16, 2026
Full-timeApril 16, 2026
Principal, Security Operations
Job Description
Job Posting Organization:
The European Bank for Reconstruction and Development (EBRD) is a pioneering international organization established to support the development of market economies and promote private and entrepreneurial initiatives in countries across Europe, Asia, and beyond. Founded in 1991, the EBRD has grown to employ thousands of professionals and operates in over 30 countries. The bank's mission is to foster the transition to open market-oriented economies and to promote sustainable development through investments and partnerships. The EBRD is committed to inclusiveness, innovation, trust, and responsibility, which are reflected in its workplace culture and operational strategies.
Job Overview:
The Principal, security" style="border-bottom: 1px dotted #007bff !important;">Security Operations will play a crucial role in leading and evolving the cyber defense capabilities that protect the core corporate functions of the EBRD. This high-impact leadership position is centered around incident response, operational governance, and oversight of third-party security. The successful candidate will be responsible for the end-to-end Security Operations function, which includes defining security policies, directing major incident responses, overseeing the performance of Managed Security Service Providers (MSSPs), and ensuring that the Security Operations Center (SOC) operates with precision and accountability. The role requires collaboration with Security Engineering, Infrastructure, and senior stakeholders to translate operational risks into actionable strategies. The Principal will leverage deep expertise in various security domains, including Security Information and Event Management (SIEM), Data Loss Prevention (DLP), vulnerability management, Public Key Infrastructure (PKI), cloud security, and advanced threat detection to enhance the organization's security posture.
Duties and Responsibilities:
The Principal, Security Operations will lead the full Security Operations function, which encompasses incident response, governance, and the performance of the SOC. Key responsibilities include managing relationships with MSSPs to ensure high-quality service delivery and continuous improvement, participating in red and purple team exercises, conducting tabletop simulations, and engaging in crisis-management activities. The Principal will work closely with Security Engineering and Infrastructure teams to maintain and optimize core security platforms, produce clear Key Performance Indicators (KPIs), reporting, and insights for senior IT leadership. Additionally, the role involves tracking, escalating, and remediating audit findings, risks, and incidents effectively, overseeing third-party security assessments, and ensuring that supplier security standards are met. The Principal will also act as the primary escalation point for cyber incidents, ensuring that the organization is prepared to respond to threats in a timely and effective manner.
Required Qualifications:
Candidates must possess extensive experience in leading Security Operations within large and complex environments. Strong expertise in SIEM, DLP, vulnerability management, threat detection, PKI, and both network and cloud security is essential. Hands-on experience in running and supporting incident response is required, along with a strong ability to interpret logs, analyze attacker behavior, and guide investigations. A proven track record in managing MSSPs and security service providers is necessary, as well as excellent communication skills to effectively brief and manage senior stakeholders. The ability to make decisions under pressure, prioritize tasks, and act quickly is crucial. Experience in coordinating audit remediation and operational risk management is also required, along with the ability to lead and mentor SOC analysts and internal security staff.
Educational Background:
A relevant educational background is essential for this position. Candidates should ideally hold a degree in Computer Science, Information Technology, Cybersecurity, or a related field. Advanced degrees or certifications in cybersecurity or information security management will be considered an asset and may enhance a candidate's profile.
Experience:
The position requires significant experience in the field of cybersecurity, particularly in leading Security Operations. Candidates should have a minimum of 7-10 years of experience in cybersecurity roles, with a focus on incident response, security governance, and operational risk management. Experience in a leadership role within a security operations environment is highly desirable, as is familiarity with managing teams and collaborating with various stakeholders.
Languages:
Fluency in English is mandatory for this position, as it is the primary language of communication within the organization. Knowledge of additional languages, particularly those relevant to the EBRD's member countries, would be considered a valuable asset and could enhance a candidate's application.
Additional Notes:
This position is offered on a fixed-term contract basis for a duration of 3 years. The role is classified as a senior leadership position within the organization, and candidates should be prepared for a full-time commitment. The EBRD is open to recruiting internationally, and the organization values diversity and inclusion in its workforce. Compensation and benefits will be competitive and commensurate with experience, and the EBRD offers a comprehensive suite of benefits to support employee wellbeing.
The European Bank for Reconstruction and Development (EBRD) is a pioneering international organization established to support the development of market economies and promote private and entrepreneurial initiatives in countries across Europe, Asia, and beyond. Founded in 1991, the EBRD has grown to employ thousands of professionals and operates in over 30 countries. The bank's mission is to foster the transition to open market-oriented economies and to promote sustainable development through investments and partnerships. The EBRD is committed to inclusiveness, innovation, trust, and responsibility, which are reflected in its workplace culture and operational strategies.
Job Overview:
The Principal, security" style="border-bottom: 1px dotted #007bff !important;">Security Operations will play a crucial role in leading and evolving the cyber defense capabilities that protect the core corporate functions of the EBRD. This high-impact leadership position is centered around incident response, operational governance, and oversight of third-party security. The successful candidate will be responsible for the end-to-end Security Operations function, which includes defining security policies, directing major incident responses, overseeing the performance of Managed Security Service Providers (MSSPs), and ensuring that the Security Operations Center (SOC) operates with precision and accountability. The role requires collaboration with Security Engineering, Infrastructure, and senior stakeholders to translate operational risks into actionable strategies. The Principal will leverage deep expertise in various security domains, including Security Information and Event Management (SIEM), Data Loss Prevention (DLP), vulnerability management, Public Key Infrastructure (PKI), cloud security, and advanced threat detection to enhance the organization's security posture.
Duties and Responsibilities:
The Principal, Security Operations will lead the full Security Operations function, which encompasses incident response, governance, and the performance of the SOC. Key responsibilities include managing relationships with MSSPs to ensure high-quality service delivery and continuous improvement, participating in red and purple team exercises, conducting tabletop simulations, and engaging in crisis-management activities. The Principal will work closely with Security Engineering and Infrastructure teams to maintain and optimize core security platforms, produce clear Key Performance Indicators (KPIs), reporting, and insights for senior IT leadership. Additionally, the role involves tracking, escalating, and remediating audit findings, risks, and incidents effectively, overseeing third-party security assessments, and ensuring that supplier security standards are met. The Principal will also act as the primary escalation point for cyber incidents, ensuring that the organization is prepared to respond to threats in a timely and effective manner.
Required Qualifications:
Candidates must possess extensive experience in leading Security Operations within large and complex environments. Strong expertise in SIEM, DLP, vulnerability management, threat detection, PKI, and both network and cloud security is essential. Hands-on experience in running and supporting incident response is required, along with a strong ability to interpret logs, analyze attacker behavior, and guide investigations. A proven track record in managing MSSPs and security service providers is necessary, as well as excellent communication skills to effectively brief and manage senior stakeholders. The ability to make decisions under pressure, prioritize tasks, and act quickly is crucial. Experience in coordinating audit remediation and operational risk management is also required, along with the ability to lead and mentor SOC analysts and internal security staff.
Educational Background:
A relevant educational background is essential for this position. Candidates should ideally hold a degree in Computer Science, Information Technology, Cybersecurity, or a related field. Advanced degrees or certifications in cybersecurity or information security management will be considered an asset and may enhance a candidate's profile.
Experience:
The position requires significant experience in the field of cybersecurity, particularly in leading Security Operations. Candidates should have a minimum of 7-10 years of experience in cybersecurity roles, with a focus on incident response, security governance, and operational risk management. Experience in a leadership role within a security operations environment is highly desirable, as is familiarity with managing teams and collaborating with various stakeholders.
Languages:
Fluency in English is mandatory for this position, as it is the primary language of communication within the organization. Knowledge of additional languages, particularly those relevant to the EBRD's member countries, would be considered a valuable asset and could enhance a candidate's application.
Additional Notes:
This position is offered on a fixed-term contract basis for a duration of 3 years. The role is classified as a senior leadership position within the organization, and candidates should be prepared for a full-time commitment. The EBRD is open to recruiting internationally, and the organization values diversity and inclusion in its workforce. Compensation and benefits will be competitive and commensurate with experience, and the EBRD offers a comprehensive suite of benefits to support employee wellbeing.
Info
Job Posting Disclaimer
This job posting is provided for informational purposes only. The accuracy of the job description, qualifications, and other details mentioned is the sole responsibility of the employer or the organization listing the job. We do not guarantee the validity or legitimacy of this job posting. Candidates are advised to conduct their own due diligence and verify the details directly with the employer before applying.
We are not liable for any decisions or actions taken by applicants in response to this job listing. By applying, you agree that all application processes, interviews, and potential job offers are managed exclusively by the listed employer or organization.
Beware of fraudulent job offers. Do not provide sensitive personal information or make any payments to secure a job.
We are not liable for any decisions or actions taken by applicants in response to this job listing. By applying, you agree that all application processes, interviews, and potential job offers are managed exclusively by the listed employer or organization.
Beware of fraudulent job offers. Do not provide sensitive personal information or make any payments to secure a job.
