On behalf of our client, a renowned Gaming company based in Limassol, we are seeking a knowledgeable and proactive Data Privacy Analyst to join our Data Protection Office. This mid-senior level role is ideal for an experienced privacy professional who is comfortable working independently, managing key aspects of the privacy program, and contributing to the ongoing maturity of the global data protection framework. Reporting to Data Protection Officer, the Data Privacy Analyst will play a pivotal role in ensuring compliance with applicable data protection laws, including the GDPR, ePrivacy Directive, and other international regulations. If you feel you have the necessary skills, please apply today for this Limassol based role.
MAIN DUTIES AND RESPONSIBITLITIES
- Manage and coordinate the response to data subject rights requests (DSARs), including access, erasure, and portability, ensuring legal deadlines are met and operational risks are mitigated.
- Maintain and enhance the Record of Processing Activities (RoPA), including working closely with business units to document data flows and processing operations.
- Conduct and review Data Protection Impact Assessments (DPIAs) and Legitimate Interest Assessments (LIAs), advising business stakeholders on risks and mitigation strategies.
- Support or lead vendor privacy risk assessments, including reviewing DPAs, SCCs, TIAs, and monitoring third-party compliance.
- Participate in the investigation and documentation of data breaches or incidents, including root cause analysis, risk assessments, and regulatory notification support.
- Collaborate with internal stakeholders across Legal, Security, HR, Marketing, and IT to embed privacy-by-design into products, services, and operations.
- Assist in regulatory readiness projects and maintain awareness of evolving privacy laws (e.g., GDPR, CCPA/CPRA, LGPD, PDPA, etc.).
- Draft and update privacy notices, internal procedures, and awareness materials in collaboration with the DPO office.
- Monitor and analyze trends in privacy enforcement, industry best practices, and legislative developments to support continuous program improvement.
CANDIDATE PROFILE
- 2–5years of experience in privacy, data protection, legal, compliance, or risk roles.
- Solid understanding of GDPR and international privacy laws (CCPA, LGPD, etc.).
- Experience conducting DPIAs, vendor assessments, and responding to DSARs.
- Strong legal/technical acumen and ability to translate privacy requirements into practical actions.
- Excellent written and verbal communication skills, including experience with policy writing and stakeholder engagement.
- Self-starter with strong organizational and time management skills.
- Professional certifications such as CIPP/E, CIPP/US, CIPM, or equivalent.
- Experience in highly regulated or data-intensive industries (e.g., gaming, finance, fintech).
- Familiarity with GRC tools, privacy management software (e.g., OneTrust, TrustArc), or IT risk platforms.
- Experience contributing to regulatory audits, due diligence exercises, or internal investigations.
Due to the high volume of applications, we receive at GRS Recruitment, only shortlisted candidates will be responded to.
To apply for this position, please email your CV to
Emilios Eracleous, emilios@grsrecruitment.com quoting the above job reference or call +357 25 342 723 for further information.