Data Privacy Analyst, Bulgaria

• Managing data subject rights requests (DSRs) end-to-end, including complex cases, with escalation where needed.
• Drafting and reviewing privacy documentation such as policies, procedures, and internal/external opinions.
• Conducting structured legal and regulatory research and preparing analyses for decision-making.
• Supporting the Data Privacy Managers and the Data Protection Officer in operational and project-based work (including PIAs, vendor due diligence, and records of processing activities).
• Assisting in preparing responses to requests for information from supervisory authorities or law enforcement.

• Good level of understanding of the EU privacy regulatory framework, including GDPR, CJEU jurisprudence, and EDPB/ICO guidance.
• Ability to apply complex regulatory requirements to real business situations in a practical, solution-oriented manner.
• Strong analytical skills, attention to detail, and ability to work independently with sound judgment.
• Excellent communication and collaboration skills in a diverse, multinational environment.
• Fluency in Bulgarian and English.
• Awareness of AI and privacy implications, including risks of profiling, automated decision-making, and familiarity with the evolving EU AI Act.

• Proven hands-on experience in handling DSRs and drafting privacy-related documents.
• Familiarity with EU financial compliance frameworks (e.g., AML, PSD2) or global privacy frameworks (US, Brazil, Canada, Australia).
• Professional certifications (e.g., IAPP CIPP/E, CIPT) or willingness to pursue them.
• Experience using compliance and privacy management platforms (e.g., OneTrust, DataGuidance).
• Experience with PIAs, vendor assessments, or handling requests from authorities.

For candidates with Bulgarian judicial capacity: the position allows gaining professional legal experience as per the Bulgarian Bar Act.