successfactors

Principal Security Engineer - Hybrid Cloud & Application (Sofia, BG) @ EBRD

Sofia, BGOnsiteFull-timePosted today

Opens on successfactors

About this role

<table style="width:500.0px" border="0" cellspacing="1" cellpadding="1"> <tbody> <tr> <td><span style="font-size:10.0pt"><span style="font-family:Verdana, Geneva, sans-serif">Requisition ID</span></span></td> <td><span style="font-size:10.0pt"><span style="font-family:Verdana, Geneva, sans-serif">36784</span></span></td> </tr> <tr> <td><span style="font-size:10.0pt"><span style="font-family:Verdana, Geneva, sans-serif">Office Country</span></span></td> <td><span style="font-size:10.0pt"><span style="font-family:Verdana, Geneva, sans-serif">Bulgaria</span></span></td> </tr> <tr> <td><span style="font-size:10.0pt"><span style="font-family:Verdana, Geneva, sans-serif">Office City</span></span></td> <td><span style="font-size:10.0pt"><span style="font-family:Verdana, Geneva, sans-serif">Sofia</span></span></td> </tr> <tr> <td><span style="font-size:10.0pt"><span style="font-family:Verdana, Geneva, sans-serif">Division</span></span></td> <td><span style="font-size:10.0pt"><span style="font-family:Verdana, Geneva, sans-serif">Information Technology </span></span></td> </tr> <tr> <td><span style="font-size:10.0pt"><span style="font-family:Verdana, Geneva, sans-serif">Contract Type</span></span></td> <td><span style="font-size:10.0pt"><span style="font-family:Verdana, Geneva, sans-serif">Fixed Term </span></span></td> </tr> <tr> <td><span style="font-size:10.0pt"><span style="font-family:Verdana, Geneva, sans-serif">Contract Length</span></span></td> <td><span style="font-size:10.0pt"><span style="font-family:Verdana, Geneva, sans-serif">3 years </span></span></td> </tr> <tr> <td><span style="font-size:10.0pt"><span style="font-family:Verdana, Geneva, sans-serif">Posting End Date</span></span></td> <td><span style="font-size:10.0pt"><span style="font-family:Verdana, Geneva, sans-serif">13/07/2026 </span></span></td> </tr> </tbody> </table> <p> </p> <p> </p> <p> </p> <p> </p><p><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Build security into everything, from APIs to cloud platforms, at enterprise scale.</span><br><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">This is your opportunity to lead secure-by-design engineering across modern applications, microservices, and cloud-native environments. You’ll define the golden paths for secure development, embed DevSecOps practices into delivery pipelines, and shape how security is engineered, not bolted on, across a complex technology landscape.</span><br><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Operating within agreed enterprise security standards and governance set by the central IT Security function, you’ll act as the bridge between central policy and real-world engineering, ensuring security is both practical and scalable.</span><br><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">If you thrive on solving deep technical challenges, influencing architecture, and turning security into a scalable, developer-friendly capability, this role puts you at the heart of it all.</span></p> <p> </p> <p><strong><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">What You’ll Do</span></strong></p> <p> </p> <ul> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Define and drive secure-by-design patterns across applications, APIs, integrations, and cloud services</span></li> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Embed DevSecOps and secure SDLC practices across engineering teams, ensuring consistent adoption at scale</span></li> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Lead security architecture across APIs, microservices, Kubernetes (AKS), and Azure environments</span></li> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Drive threat modelling, translating risks into practical controls and resilient design decisions</span></li> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Own API security, identity, and authentication strategies (OAuth2, OIDC, JWT)</span></li> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Champion Zero Trust principles across applications, identities, and workloads</span></li> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Lead security for Azure platforms, including landing zones, Defender for Cloud, and policy controls</span></li> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Partner with engineering teams to secure Kubernetes, Java applications, and secrets/key management</span></li> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Oversee security monitoring, vulnerability management, and posture improvement initiatives</span></li> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Contribute to architecture reviews (HLD/LLD), PoCs, and major programmes to ensure security is built in from day one</span></li> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Support audits, risk reporting, and stakeholder engagement with clear, actionable insights</span></li> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Work in close alignment with the central IT Security function (dotted line), ensuring all engineering practices adhere to enterprise security standards, policies, and governance</span></li> </ul> <p> </p> <p><strong><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Need to Have - Your Essentials</span></strong></p> <p> </p> <ul> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Extensive experience in Security Engineering within complex, enterprise environments</span></li> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Deep expertise securing cloud-native platforms (Azure, APIs, Kubernetes, microservices)</span></li> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Strong knowledge of application and API security, including OAuth2, OIDC, JWT</span></li> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Proven experience implementing secure SDLC and DevSecOps practices</span></li> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Hands-on experience with Azure security tooling (Defender for Cloud, Sentinel, Key Vault, policies)</span></li> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Strong understanding of Zero Trust architecture and identity-first security models (Entra ID)</span></li> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Experience in threat modelling and translating risks into engineering controls</span></li> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Knowledge of secure coding practices and vulnerability management (OWASP Top 10)</span></li> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Experience securing hybrid environments (on-prem, SaaS, PaaS)</span></li> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Familiarity with cybersecurity frameworks (e.g., NIST CSF, ISO 27001)</span></li> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Ability to translate complex security requirements into clear, actionable guidance for engineers</span></li> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Strong communication skills, able to influence both technical and non-technical stakeholders</span></li> </ul> <p> </p> <p><strong><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Nice to Have</span></strong></p> <p> </p> <ul> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Experience working with Kubernetes/AKS security at scale</span></li> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Background in financial or regulated environments</span></li> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Experience leading security architecture governance across multiple teams</span></li> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Hands-on experience with threat intelligence integration</span></li> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Experience delivering security training and awareness programmes</span></li> <li><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Relevant certifications (CISSP, CSSLP, Azure Security Engineer, etc.)</span></li> </ul> <p> </p> <p><strong><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Why You’ll Love This Role</span></strong></p> <p><br><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">Because this isn’t just about securing systems.</span><br><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">It’s about redefining how engineering teams build secure software at scale.</span><br><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">You’ll sit at the intersection of central security strategy and hands-on engineering delivery, giving you both influence and impact. Your work will shape how security is applied in real-world systems, across every product, every deployment, and every layer of the stack.</span><br><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">If you want ownership, technical depth, and the opportunity to lead security engineering in a truly modern environment, this is your platform.</span></p> <p> </p> <p> </p><p><span style="font-size:10.0pt"><span style="font-family:Verdana, Geneva, sans-serif"><strong>What is it like to work at the EBRD? / About EBRD </strong></span></span></p> <p> </p> <p><span style="font-size:10.0pt"><span style="font-family:Verdana, Geneva, sans-serif">Our agile and innovative approach is what makes life at the EBRD a unique experience! You will be part of a pioneering and diverse international organisation, and use your talents to make a real difference to people&apos;s lives and help shape the future of the regions we invest in. </span></span></p> <p> </p> <p><span style="font-size:10.0pt"><span style="font-family:Verdana, Geneva, sans-serif">At EBRD, our Values – Inclusiveness, Innovation, Trust, and Responsibility – are at the heart of how we work. We bring these to life through our Workplace Behaviours: listening well and speaking up, collaborating smartly, acting decisively with full commitment, and simplifying to amplify our impact. These principles shape our culture and define our success. We seek individuals who not only share these values but are also committed to embedding them in their daily work, fostering a positive and high-performing environment. </span></span></p> <p> </p> <p><span style="font-size:10.0pt"><span style="font-family:Verdana, Geneva, sans-serif">The EBRD environment provides you with: </span></span></p> <ul> <li style="font-size:10.0pt"><span style="font-size:10.0pt"><span style="font-family:Verdana, Geneva, sans-serif">Varied, stimulating and engaging work that gives you an opportunity to interact with a wide range of experts in the financial, political, public and private sectors across the regions we invest in. </span></span></li> <li style="font-size:10.0pt"><span style="font-size:10.0pt"><span style="font-family:Verdana, Geneva, sans-serif">A working culture that embraces inclusion and celebrates diversity. Our workforce reflects a broad range of backgrounds, perspectives, and experiences, bringing fresh ideas, energy, and innovation and enhancing our ability to serve our clients, shareholders, and counterparties effectively.</span></span></li> <li style="font-family:verdana, geneva, sans-serif;font-size:10.0pt"><span style="font-family:verdana, geneva, sans-serif;font-size:10.0pt">We offer hybrid and flexible working arrangements and believe we operate at our best when collaborating 3 days a week in person (minimum).</span></li> <li style="font-size:10.0pt"><span style="font-size:10.0pt"><span style="font-family:Verdana, Geneva, sans-serif">An environment that places sustainability, equality and digital transformation at the heart of what we do. </span></span></li> <li style="font-size:10.0pt"><span style="font-size:10.0pt"><span style="font-family:Verdana, Geneva, sans-serif">A workplace that prioritises employee wellbeing and provides a comprehensive suite of competitive benefits. </span></span></li> </ul> <p> </p> <p><span style="font-size:10.0pt"><span style="font-family:Verdana, Geneva, sans-serif">Diversity is one of the Bank’s core values which are at the heart of everything it does. As such, the EBRD seeks to ensure that everyone is treated with respect and given equal opportunities and works in an inclusive environment. The EBRD encourages all qualified candidates who are nationals of the EBRD member countries to apply regardless of their racial, ethnic, religious and cultural background, gender, gender identity, sexual orientation, age, socio-economic background or disability. </span></span></p> <p> </p> <p><span style="font-size:10.0pt"><span style="font-family:Verdana, Geneva, sans-serif">Please note, that due to the high volume of applications received, we regret to inform you that we are unable to provide detailed feedback to candidates who have not been shortlisted (for further consideration). </span></span></p>

Ready to apply?

Install the ResuMinder extension and we'll auto-fill the application in seconds — no rewriting.

See how your CV scores — free
Principal Security Engineer - Hybrid Cloud & Application (Sofia, BG) at EBRD | ResuMinder Jobs