Information Security Expert

Reach new technical heights and:

  • Oversee information security policies (incl. data privacy and data protection policies) within the organization
  • Manage security requirements in contractual agreements with customers
  • Handle communication with customers related to information security – including presenting ScaleFocus respective procedures and processes
  • Develop and manage data processing and security policies that enforce and monitor compliance with regulations, including GDPR and other applicable data protection laws
  • Proactively keep up to date with changes in law and issue recommendations to ensure compliance
  • Monitor and maintain records of data processing activities conducted by the company
  • Participate in systems risk management evaluation
  • Ensure that regular risk assessments are performed, results are recorded and recommended actions are timely completed
  • Communicate non-compliance findings with Chief Operations Officer, Executive Management, Legal and other relevant teams
  • Act as a point of contact with regulators, external auditors, supervisory authorities and data subjects
  • Liaise and manage contractual agreements with all parties that process data on our behalf
  • Communicate with data subjects to inform them about how their data is being processed and the rights they have to their data
  • Ensure all queries from data subjects are addressed within legal timeframes
  • Raise awareness and provide staff training for any employees related to information security and data processing activities
  • Support company accreditations as per business needs


Skill set:

  • Background and expertise in IT security and/or data compliance
  • Knowledge of information security standards (ISO 27001)
  • Ability to get things done without direct authority over a team. Very strong communication skills
  • Ethical, with the ability to remain impartial and report all non-compliances
  • Ability to handle confidential information
  • Organizational skills with attention to detail
  • Experience of providing training and guidance around data security issues, from IT engineers to non-IT literate staff
  • Willingness to gain knowledge of the industry specifics and company’s business operations, IT infrastructure, key success and risk factors
  • Excellent verbal and written communication in Bulgarian and English


Stand out with:

  • Business Administration or knowledge of applicable legislative framework would be considered as an advantage
  • CIPM or CIPT/ Security management certifications such as CISA, CEGIT
  • Advanced level of IT literacy – direct experience of working with data security applications, systems and solutions
  • Experience in designing and implementing procedures and policies
  • Experience in cooperation with supervisory authorities
  • Expert knowledge of data protection law and practices/ data protection and legal compliance


Capital Fort, Sofia

ScaleFocus is an European IT solutions delivery center. Enabling our global customer base through technology excellence, R&D and innovation, we are focusing on advanced engineering services and bespoke consultancy in the domains of Digital, Data and Cloud. Through team care and customer success obsession, we are engaging in fulfilling partnership journeys of open communication, respect, trust and drive for tangible business outcomes.

If you find the position interesting and would like to apply send us your CV.

Please note that only shortlisted candidates will be contacted for an interview.