The role contributes to the implementation of the Bank’s Digital Approach. The Digital Approach consists of: i) enabling equal access to digital technology and skills, ii) provision of financial and technical support to companies and governments, and iii) establishment of robust governance practices. The role also contributes to the implementation of cybersecurity management approaches across various sectors and supports the work around digital risks as per EBRD’s Environmental and Social Policy, all consist of the need to screen banking projects for digital risks, providing concrete cyber advice and putting in place required mitigation measures. The role also contributes to implementing cybersecurity advisory work for Bank’s clients.
Accountabilities & Responsibilities:
Operational Delivery:
Lead and support the development of methodologies regarding cyber and digital safeguards assessments of projects
Lead the technical elements of project digital safeguard screening process and work with consultants and other banking teams on shaping and conducting in depth due diligence processes.
Lead and support the Hub technical discussions on digital safeguards and cybersecurity with stakeholders and clients.
Lead on the development of digital safeguards and cybersecurity advisory and other products to be deployed by the EBRD.
Lead, together with delivery teams, the shaping and implementation of technical assistance projects with EBRD clients.
Support the Hub’s policy teams on embedding the theme of digital safeguards in strategic initiatives.
Organisational Development:
Lead technical discussions with cybersecurity and digital safeguards vendors and service providers to explore partnerships.
Keep abreast of developments in the field of cybersecurity and digital safeguards: regulatory, policy, technological innovation and industry trends, and advise on the impact of these on various works streams and potential new ones.
Lead and support upskilling efforts of other team members, and other banking departments, on said topics.
Knowledge, Skills, Experience & Qualifications
Academic Qualifications:
Master’s degree in a discipline relevant to the EBRD and the theme of digital safeguards and cybersecurity
Fluent English, with excellent written and oral communications skills.
Knowledge of another language (e.g. Russian, French or Arabic) both written and spoken would be desirable.
Experience/Knowledge:
Cybersecurity or Privacy professional certifications are highly desirable.
Experience in assessing digital risks from a regulatory, insurance, investment or similar standpoint is highly desirable
Experience in auditing digital safeguard controls is highly desirable
Experience in implementing digital safeguards and cybersecurity for large organizations as part of in-house teams or as a consultant is desirable
Specific digital risk experience in the following sectors is highly desirable: Energy (TSOs, DSOs, Renewable energy), National Transportation infrastructure and Financial institutions.
Knowledge of a diverse set of digital risk standards, frameworks and baselines (ISO 27001, IEC/ISA-62443, C2M2, CIS18 etc..) is highly desirable
Expertise in both IT environments, OT and cloud is desirable
Good knowledge of vendor and service provider landscape is desirable.
