Data Privacy Analyst, Bulgaria

Sofia, Bulgaria

Security – DPO /

Full-time /

Hybrid

Managing data subject rights requests (DSRs) end-to-end, including complex cases, with escalation where needed.
Drafting and reviewing privacy documentation such as policies, procedures, and internal/external opinions.
Conducting structured legal and regulatory research and preparing analyses for decision-making.
Supporting the Data Privacy Managers and the Data Protection Officer in operational and project-based work (including PIAs, vendor due diligence, and records of processing activities).
Assisting in preparing responses to requests for information from supervisory authorities or law enforcement

Good level of understanding of the EU privacy regulatory framework, including GDPR, CJEU jurisprudence, and EDPB/ICO guidance.
Ability to apply complex regulatory requirements to real business situations in a practical, solution-oriented manner.
Strong analytical skills, attention to detail, and ability to work independently with sound judgment.
Excellent communication and collaboration skills in a diverse, multinational environment.
Fluency in Bulgarian and English.
Awareness of AI and privacy implications, including risks of profiling, automated decision-making, and familiarity with the evolving EU AI Act.

Considered an Advantage:

Proven hands-on experience in handling DSRs and drafting privacy-related documents.
Familiarity with EU financial compliance frameworks (e.g., AML, PSD2) or global privacy frameworks (US, Brazil, Canada, Australia).
Professional certifications (e.g., IAPP CIPP/E, CIPT) or willingness to pursue them.
Experience using compliance and privacy management platforms (e.g., OneTrust, DataGuidance).
Experience with PIAs, vendor assessments, or handling requests from authorities.

For candidates with Bulgarian judicial capacity: the position allows gaining professional legal experience as per the Bulgarian Bar Act.