Keep work exciting with ScaleFocus' latest openings!

Data Security Officer

Why should you join our team?

  • Get involved in challenging, interesting and important projects
  • Have fun in a friendly, informal and relaxed working environment
  • Collaborate with software engineers with more than 5 years of experience with back-end technologies
  • Enhance your career in one of the fastest growing IT companies in Europe
  • Enjoy flexibility with working hours
  • Earn a very competitive compensation package depending on your personal achievements
  • Get appreciation for each “extra mile” covered
  • Receive trainings and professional development opportunities


How are you going to contribute to the success of the team?

  • By possessing excellent management skills.
  • By having excellent verbal and written communication in Bulgarian and English.
  • With an ability to get things done without direct authority over a team.
  • With good negotiation skills.
  • With experience in providing training and guidance around data security issues, from IT engineers to non-IT literate staff.
  • By understanding the importance of Data Security management, including external drivers and standards such as ISO 27001 and GDPR.
  • With an ability to undertake research and development work to ensure that the organization is up to date with the latest developments in data security management.
  • By possessing a degree in law or information systems, information security, or business management or equivalent.
  • By showing willingness to gain knowledge of the company’s IT infrastructure and organizational structure.


What are you going to do?

  • Identify and evaluate the company’s data processing activities.
  • Develop and execute relevant compliance projects.
  • Perform audits and determine whether we need to alter our procedures to comply with regulations and address potential problems.
  • Act as the point of contact between the company and any Supervisory Authorities.
  • Coordinate with other organizations that process data on our behalf.
  • Write and update detailed policies and procedures related to data processing and security.
  • Manage and be accountable for responding to requests from regulators, regarding information, inspection audit and any enforcement action.
  • Oversee Data Ownership and Management in the Organization.
  • Monitor and maintain records of all data processing activities, conducted by the company.
  • Review the company’s agreements and contracts with data processors and controllers.
  • Communicate with data subjects to inform them about how their data is being processed and the rights they have to their data.
  • Execute incident management and coordinate data breach responses and notification procedures.
  • Perform Risk Management E.g:
    • Research and develop a security strategy by being aware of potential threats and possible countermeasures. Use this knowledge to make judgments, based on analysis of a range of options and conflicting opinions to best ensure that the highly complex security issues are understood, and that the risks are managed.
    • Set in place the process for the raising and monitoring risks on a regular basis, with reference to the Technology and Information Management Board.
    • Ensure that regular risk assessments are completed in departments and results are recorded.
    • Assist in taking timely action resulting from any risk assessment recommendations. This may involve liaison with other department such as estates or planning. It is essential to keep the Chief Information Officer informed if there are any issues of non-compliance.
  • Speak knowledgeably on DP to client facing, internal teams and direct their queries appropriately.
  • Speak at external conferences and events.
  • Proactively keep up to date with DP and security topics such as regulatory guidance and enforcement action, activities of relevant industry and standards associations etc.
  • Train the staff involved in data processing. E.g.:
    • Define needs, strategy, and execution for global and local DP training and awareness programs, including building, developing and delivering such programs
    • Ensure that data protection and information security training is up-to-date, and incorporates trust current policies and practices.
    • Develop and maintain the departments’ Intranet site, ensuring that it contains the most up-to-date and accurate information.


You can refresh your days with the team by:

  • Work hard and play harder showcasing your skills in table tennis, darts, foosball etc.;
  • Play board or video games, drink or make beer, watch movies, go skiing etc.;
  • Support diverse charity causes and enable communities through technology
  • Go on a mesmerizing trip to a mystic country by winning our innovation challenge.
  • Celebrate success together!
  • Have a coffee, sweets and fruits, while enjoying the magnificent view from the highest office point in Sofia.


If you find the position interesting and would like to apply send us your CV.
Please note that only shortlisted candidates will be contacted for an interview.

Share this position: