Requisition ID 35645 Office Country Bulgaria Office City Sofia Division Information Technology Full-Time/Part-Timeโ Full Time Contract Type Fixed Term Contract Length 3 years Posting End Date 06/08/2025
Ready to play a pivotal role in shaping the security posture of major cloud transformation projects? This is your opportunity to bring cutting-edge cloud security expertise to a high-impact, multi-cloud environment. As a key technical point of contact, youโll embed robust security controls into cloud projects from day one, defining best practices, mitigating risks, and ensuring alignment with ISO27001, NIST CSF, and the Bankโs security standards. From securing Azure and Microsoft Defender environments to guiding architectural decisions and threat mitigation strategies, youโll ensure every cloud deployment is safe, scalable, and future-ready.
This is a hands-on role for a sharp technologist who thrives on cross-functional collaboration and who can translate security frameworks into practical action. Youโll work closely with project managers, architects, developers, and external partners, advising on secure SDLC practices, shaping operational processes, and leading the implementation of controls for identity, data protection, DLP, and more. Youโll also help remove security-oriented impediments by translating complex frameworks into practical, developer-friendly controls that accelerate secure delivery. If youโre passionate about proactive cloud security, multi-cloud governance, and delivering measurable risk reduction at scale, this role puts you at the heart of it all.
Accountabilities and Responsibilities:
Plans, develops and implements new security technologies to enable the continual improvement of cloud security technology related controls. Work within a project team with a focus on embedding relevant security controls into the project delivery process. Working with third parties to establish and implement the baseline for IT Security controls. Establish, implement and maintain a suite of IT Security controls within the scope of the project, protecting IT and Cloud based systems and providing visibility of potential threats and vulnerabilities. Development of clear and concise reporting suitable for presentation to Project Management including submission of regular Key Risk Indicator reports highlighting IT Security activities as required by the project. Ensure key IT Security project deliverables are addressed within agreed timescales. Work closely with members of Operation Risk and Information Security to ensure any IT Security controls and associated risks are appropriately managed in delivery of the project. Define the IT Security requirements for cloud projects and assist with the creation of operational processes, ensuring alignment to EBRD standards and industry best practice recommendations. Provide expertise in the definition, selection and implementation of Cloud Security related controls to the IT Department. Manage and promote IT Security to ensure that the project understands the value of best practice and supports the defined IT Security objectives. Participate in workshops, providing security guidance and recommendations to help structure requirements and shape project deliverables. Act as the key IT Security technical point of contact for Cloud projects and engage with internal teams to ensure all interests and objectives are included.
Knowledge and Experience:
Demonstrable experience of successfully securing Microsoft Cloud solutions Demonstrable experience of conducting security assessments and threat identification, mitigation and remediation. Good understanding of Defender for Cloud and its policies Demonstrable experience of working in a multi-cloud organisation Ability to guide projects to apply appropriate security standards and policies. Good technical understanding of Cloud security, security configuration and best practices for servers, workstations, SASE technologies, SD-WAN, Firewall infrastructure and penetration testing scoping. Maintains in-depth knowledge of security standards and regulations, including ISO27001 and NIST CSF, ensuring ongoing compliance and proactive adjustments to ever-evolving security requirements. Deep technical knowledge of the following: data encryption, data leakage controls, application integration, identity and access management, certificate management and database security. Excellent understanding of the Secure Application Development Lifecycle (SDLC) and the ability to advise the AppDev teams in the remediation. Expert knowledge of Microsoft Cloud security features, including Azure AD, Microsoft Defender, DLP, etc.
What is it like to work at the EBRD? / About EBRD
Our agile and innovative approach is what makes life at the EBRD a unique experience! You will be part of a pioneering and diverse international organisation, and use your talents to make a real difference to people's lives and help shape the future of the regions we invest in.
At EBRD, our Values โ Inclusiveness, Innovation, Trust, and Responsibility โ are at the heart of how we work. We bring these to life through our Workplace Behaviours: listening well and speaking up, collaborating smartly, acting decisively with full commitment, and simplifying to amplify our impact. These principles shape our culture and define our success. We seek individuals who not only share these values but are also committed to embedding them in their daily work, fostering a positive and high-performing environment.
The EBRD environment provides you with:
Varied, stimulating and engaging work that gives you an opportunity to interact with a wide range of experts in the financial, political, public and private sectors across the regions we invest in. A working culture that embraces inclusion and celebrates diversity. Our workforce reflects a broad range of backgrounds, perspectives, and experiences, bringing fresh ideas, energy, and innovation and enhancing our ability to serve our clients, shareholders, and counterparties effectively. We offer hybrid and flexible working arrangements and believe we operate at our best when collaborating 3 days a week in person (minimum) An environment that places sustainability, equality and digital transformation at the heart of what we do. A workplace that prioritises employee wellbeing and provides a comprehensive suite of competitive benefits.
Diversity is one of the Bankโs core values which are at the heart of everything it does. As such, the EBRD seeks to ensure that everyone is treated with respect and given equal opportunities and works in an inclusive environment. The EBRD encourages all qualified candidates who are nationals of the EBRD member countries to apply regardless of their racial, ethnic, religious and cultural background, gender, gender identity, sexual orientation, age, socio-economic background or disability.
Please note, that due to the high volume of applications received, we regret to inform you that we are unable to provide detailed feedback to candidates who have not been shortlisted (for further consideration).