You are on the global GfK website. Visit our local website for more offerings and information in your country.

SOC Analyst



Job Family


For almost 90 years, GfK has been a reliable and trusted insight partner for the world’s biggest companies and leading brands who make a difference in every consumer’s life - and we will continue to build on this. We connect data, science and innovative digital research solutions to provide answers for key business questions around consumers, markets, ROI, brands and media. With our headquarters in Germany and a presence in around 60 countries worldwide, you benefit from our global company with a diverse community of 8,000+ employees.

Harnessing the power of our workforce, the greatest asset we have is our people. As part of GfK, you can take your future into your own hands. We value talent, skills and responsibility and will support your development within our international teams. We are proud of our heritage and our future, as we continue our evolution from Market Research provider to SaaS data solutions and consulting partner. We value extraordinary people and this is why we are looking for YOU to help create our future. For our employees as well as for our clients we pursue one goal: Growth from Knowledge!

Job Description

Mission of the role

The Security Operations Analyst's primary role is to detect and analyze data centrally collected from various sources such as Intrusion Detection Systems, Directory Services, Proxies, Anti-Virus systems etc. and manage security incidents that may occur. The Security Operations Analyst also serves as the point of contact for end users and Technology staff to report suspicious events. After identifying a potential security incident, the Security Operation Analyst handles and supports the containment, analysis and remediation of incidents.

Apart from reacting to potential security incidents, the SOC analyst is actively hunting for threats in GfK's environment, using dedicated security solutions or through means of data analytics on the central security log management / SIEM solution and other tools available.

You will:

  • React to security alerts and security events of interest from Splunk, IDS, endpoint protection and other security related systems

  • Threat hunt in GfK's environment

  • Use data analytics in Splunk

  • Be the escalation point of contact for security incident notifications from SOC alerting tools, service desks, IT engineers and administrators

  • React to reported suspicious emails and phishing attacks

  • Manage security incidents – mid to major severity

  • Escalate major incidents to Senior SOC Analysts or SOC Manager

  • Provide rotational on-call services during off hours and weekends.

You have:

  • Minimum of 2 years of relevant SOC experience, with at least one year focused on security incident response

  • Experience in handling security incidents such as web application attacks, phishing, container, public cloud, vendor supply chain incidents, ransomware, emergency vulnerability management and account compromise

  • Working knowledge of both the operations and digital technology environment

  • Knowledge of industry security incident process frameworks such as SANS PICERL or NIST 800-61

  • The ability to think like a hacker

  • The ability to manage security incidents by understanding common attack techniques, vectors and tools as well as defending against and/or responding to such attacks when they occur

  • The ability to detect malicious applications and network activity

  • The ability to perform hypothesis driven threat hunts

  • Knowledge of industry security frameworks including Critical Security Controls for Effective Cyber Defense, ISO27001, NIST800-53

  • Working knowledge of security modules in Splunk or similar SIEM systems

  • Working knowledge of security technologies including AV, endpoint protection, IDS, proxies, content filtering, application security, vulnerability management

  • Technical understanding and knowledge of IT Security best practice, common attack types and detection/prevention methods, including CISecurity Benchmarks, OWASP and NIST guidelines, etc.


  • Exciting work environment that brings people together

  • Use of the latest digital technologies

  • Initial and ongoing trainings to support your development

  • Opportunities for personal and professional growth

  • Flexible working hours and home office

  • 3 additional non-working days annually

  • Food vouchers

  • Health insurance

  • Discount program with external vendors

  • Eco friendly travelers are welcome to the office – parking places for bikers and free card for public transportation are available to all employees

  • Last but not least – GfK Sofia office is located close to the city centre and easily accessible from any point by public transportation – 47A Tsarisgradsko Shose Blvd

All documents will be treated in the strictest confidentiality.

Only short-listed candidates will be invited for an interview.

We are an ethical and honest company that is wholly committed to its clients and employees. We are proud to be an inclusive workplace for all and are committed to equal employment opportunity, focusing on all of our employees reaching their full potential. 

We respect and value every employee regardless of race, ethnicity, gender, sex, sexual orientation, age, personality, experience, culture, faith, socio-economic status, or physical or mental disabilities.

We endorse the core principles and rights set forth in the United Nations Declaration of Human Rights and the Social Charter of Fundamental Rights of the European Union, promoting the universal values of human dignity, freedom, equality, and solidarity.

Learn more about how we are driving diversity and inclusion in everything we do on:

At GfK we work collaboratively with our colleagues but offer a flexible working approach, including dividing our time between office & remote working as well as the opportunity to flex our working hours around team core hours.

Don't meet every single requirement? Some people are less likely to apply unless they meet all the requirements listed in a job specification. GfK is looking for self-starters to join our innovative team keen to take on a new challenge. So, if you're excited about this role but your skills and experience don't align perfectly with every requirement we've listed, we still encourage you to apply. You may be just the right candidate for this or other roles.

Posted: 11 days ago

City: Sofia

Work Area: IT

Job Time: Full Time

Requisition ID: R00019190