Principal, Security Engineer

Are you ready to shape the future of cybersecurity at enterprise scale? We’re looking for an forward-thinking Principal, Security Engineer to lead the charge in embedding cutting-edge security tooling and practices across EBRD’s entire technology landscape & establishing effective follow-up processes to remediate findings and protect systems, data & people. From influencing architecture and building resilient systems to driving cyber maturity through collaboration with Infrastructure, Identity, and Application teams. This is your opportunity to be an catalyst for secure innovation! You’ll stay ahead of evolving threats, introduce the right technologies, and ensure security enhances agility rather than slows it down.

This isn’t just an technical role, it’s about delivering impact. You’ll guide teams, hold vendors to account, design, implement, & manage security tools to help shape the security vision and roadmap at the highest level. Your deep knowledge of frameworks like NIST helps collaborating with risk and business teams to embed security into operations, paired with an pragmatic approach to automation and Agile delivery, will enable secure-by-design principles to thrive. If you're an persuasive communicator with an passion for proactive, intelligent cybersecurity - your next big move starts here.

Accountabilities & Responsibilities

• Is responsible for ensuring Security tooling enables IT and EBRD to be efficient, effective and agile
• Is responsible to staying abreast of the latest advancements in technology, the latest threats that EBRD (or similar organisations face) and identifying appropriate security technology to reduce risk
• Is responsible for working with Capabilities to incorporate security principles into the design of hardware and software systems
• Is responsible for working with Capabilities to ensuring systems are designed to be resilient from Cyber-attacks and can maintain functionality under adverse conditions
• Is responsible for ensuring Network, Applications, Identity (and other such technical teams) are using Security Engineering practises, tooling and standards to reduce risk and improve cyber maturity
• Works with Principal, Security Operations & other Capabilities in holding the Security & other Partners to account for delivery of Security Technology
• Gathers technical requirements for new engagements (IT programmes, projects, discrete enhancements, consultancy engagements or BAU service delivery) or changes existing engagements with security partners, projects and programmes
• Acts as a senior escalation for Associate technical leads in relation to Major Incidents, Problems, Changes or other significant technical challenges within the squad / area of responsibility
• Assists the Capability Leadership team comprised of the Associate Director - Capability Lead, Associate Director - Product Owner, Principal - Capability Architect, Principal - Quality Engineering Principal to build the vision and roadmaps
• Deputises for the Associate Director Capability Lead, Security as required
• Responsible for creating a psychologically safe environment in which the newly formed squad can operate.

Knowledge, Skills, Experience & Qualifications
• Extensive Security Technology and Engineering experience with deep insight into the latest security technology trends
• In-depth knowledge of drivers of cyber engineering, cybersecurity terminology, methodologies including the OWASP and cyber threat intelligence frameworks.
• Extensive experience in managing teams, managed service providers and professional service organisations
• Comfortable managing resourcing requirements (supply and demand)
• An excellent understanding of security engineering principles and how they are applied across all forms of technology
• Experience working in an ITIL governed environment, ideally certified
• Experience working with the NIST Cyber Security Framework and ISO27001
• Familiarity of working with Agile software development teams, ensuring that security enhances velocity rather than introduces inertia, whilst remaining secure.
• Driven to ensure wherever possible technology is automated and appropriately quality assured with the aim of removing waste
• A persuasive communicator who can engage across levels of seniority and technical capability
• Must be comfortable with office productivity tools 

What is it like to work at the EBRD?

Our agile and innovative approach is what makes life at the EBRD a unique experience! You will be part of a pioneering and diverse international organisation, and use your talents to make a real difference to people's lives and help shape the future of the regions we invest in. 

The EBRD environment provides you with:

• Varied, stimulating and engaging work that gives you an opportunity to interact with a wide range of experts in the financial, political, public and private sectors across the regions we invest in;
• A working culture that embraces inclusion and celebrates diversity;
• An environment that places sustainability, equality and digital  transformation at the heart of what we do.

Diversity is one of the Bank’s core values which are at the heart of everything it does.  A diverse workforce with the right knowledge and skills enables connection with our clients, brings pioneering ideas, energy and innovation. The EBRD staff is characterised by its rich diversity of nationalities, cultures and opinions and we aim to sustain and build on this strength. As such, the EBRD seeks to ensure that everyone is treated with respect and given equal opportunities and works in an inclusive environment. The EBRD encourages all qualified candidates who are nationals of the EBRD member countries to apply regardless of their racial, ethnic, religious and cultural background, gender, sexual orientation or disabilities. We offer hybrid and flexible working arrangements and believe we operate at our best when collaborating 3 days a week in person (minimum).

Please note, that due to the high volume of applications received, we regret to inform you that we are unable to provide detailed feedback to candidates who have not been shortlisted (for further consideration).