Principal, Security Operations

We’re looking for a Principal, Security Operations to lead and evolve the cyber defence capability protecting our core corporate functions. This is a high-impact leadership role at the centre of incident response, operational governance, and third-party security oversight. You’ll own the end-to-end Security Operations function, defining policy, directing major incident response, overseeing MSSP performance, and ensuring our SOC operates with precision, speed, and accountability. From participating red and purple team exercises to driving crisis response and audit remediation, you’ll ensure our corporate platforms remain resilient, compliant, and secure under pressure.

You’ll work closely with Security Engineering, Infrastructure, and senior stakeholders to translate operational risk into decisive action. Leveraging deep expertise across SIEM, DLP, vulnerability management, PKI, cloud security, and advanced threat detection, you’ll turn intelligence into measurable improvements, refining KPIs, strengthening SLAs, and continuously raising the bar for service performance. If you’re a strategic security leader who thrives in complex enterprise environments, confident managing providers and senior stakeholders alike, and ready to shape the future of Security Operations at scale, this is your opportunity to lead from the front.

What You’ll Do

• Lead the full Security Operations function, including incident response, governance, and SOC performance.
• Manage MSSP relationships, ensuring high quality service delivery and continuous improvement.
• Participate in red/purple team exercises, tabletop simulations, and crisis-management activities.
• Work with Security Engineering and Infrastructure to maintain and optimise core security platforms.
• Produce clear KPIs, reporting, and insights for senior IT leadership.
• Ensure audit findings, risks, and incidents are tracked, escalated, and remediated effectively.
• Oversee third party security assessments and ensure supplier security standards are met.
• Act as the primary escalation point for cyber incidents.

Need to Have - Your Essentials

• Extensive experience leading Security Operations in large, complex environments
• Strong expertise across SIEM, DLP, vulnerability management, threat detection, PKI, network & cloud security
• Hands on experience running and supporting incident response
• Strong ability to interpret logs, analyse attacker behaviour, and guide investigations
• Proven track record managing MSSPs and security service providers
• Excellent communication skills, able to brief & manage senior stakeholders with clarity and authority
• Strong decision making under pressure, with the ability to prioritise and act quickly
• Experience coordinating audit remediation and operational risk management
• Ability to lead and mentor SOC analysts and internal security staff

Nice to Have

• Experience supporting red/purple team exercises
• Familiarity with Azure/AWS/GCP security controls
• Experience improving SOC maturity models
• Security certifications (CISSP, CISM, GIAC, or similar)

Why You’ll Love This Role

Because this is your opportunity to own the entire Security Operations function, shaping how threats are detected, responded to, and prevented at scale.
You’ll lead the team, the strategy, the providers, and the technology that defend the organisation’s most critical platforms.
Your leadership will directly influence cyber resilience, executive decision making, and the long term maturity of the security function.
If you want visibility, authority, and the chance to leave a lasting mark on enterprise-level cyber defence, this is where you can do it.

What is it like to work at the EBRD? / About EBRD 

Our agile and innovative approach is what makes life at the EBRD a unique experience! You will be part of a pioneering and diverse international organisation, and use your talents to make a real difference to people's lives and help shape the future of the regions we invest in.  

At EBRD, our Values – Inclusiveness, Innovation, Trust, and Responsibility – are at the heart of how we work. We bring these to life through our Workplace Behaviours: listening well and speaking up, collaborating smartly, acting decisively with full commitment, and simplifying to amplify our impact. These principles shape our culture and define our success. We seek individuals who not only share these values but are also committed to embedding them in their daily work, fostering a positive and high-performing environment. 

The EBRD environment provides you with: 

• Varied, stimulating and engaging work that gives you an opportunity to interact with a wide range of experts in the financial, political, public and private sectors across the regions we invest in. 
• A working culture that embraces inclusion and celebrates diversity. Our workforce reflects a broad range of backgrounds, perspectives, and experiences, bringing fresh ideas, energy, and innovation and enhancing our ability to serve our clients, shareholders, and counterparties effectively.
• We offer hybrid and flexible working arrangements and believe we operate at our best when collaborating 3 days a week in person (minimum) 
• An environment that places sustainability, equality and digital transformation at the heart of what we do. 
• A workplace that prioritises employee wellbeing and provides a comprehensive suite of competitive benefits. 

Diversity is one of the Bank’s core values which are at the heart of everything it does.  As such, the EBRD seeks to ensure that everyone is treated with respect and given equal opportunities and works in an inclusive environment. The EBRD encourages all qualified candidates who are nationals of the EBRD member countries to apply regardless of their racial, ethnic, religious and cultural background, gender, gender identity, sexual orientation, age, socio-economic background or disability.   

Please note, that due to the high volume of applications received, we regret to inform you that we are unable to provide detailed feedback to candidates who have not been shortlisted (for further consideration).