SOC Analyst I

RedHelm is seeking a SOC Analyst I to support the monitoring, analysis, and response to security alerts, events, and incidents in accordance with established procedures and playbooks. This role requires sound analytical judgment, strong documentation skills, and the ability to communicate findings clearly and professionally.

In this role, you’ll independently triage and investigate common alert types, recognize patterns and indicators of compromise, and escalate incidents appropriately while contributing to consistent, high-quality SOC operations.

• Monitor, triage, and respond to security alerts, events, and incidents in accordance with defined SOC procedures and playbooks.

• Perform initial investigations to determine alert validity, scope, and potential impact.

• Accurately document investigations, actions taken, and outcomes within the ticketing system.

• Independently handle routine and low-to-moderate severity alerts and escalate higher-risk incidents as required.

• Identify patterns, recurring alerts, or anomalies and document findings for review by senior analysts.

• Communicate investigation findings clearly and professionally with internal teams and customers.

• Assist in identifying potential security gaps or misconfigurations and escalate observations appropriately.

• Support the monitoring and day-to-day operation of security tools and platforms.

• Follow all information security, privacy, and data protection policies when handling client data.

• Contribute to the maintenance and improvement of SOC documentation, procedures, and playbooks.

• Stay informed on common attack techniques, emerging threats, and relevant vulnerabilities.

• Maintain focus and accuracy while working in a fast-paced, alert-driven environment.
  

• Exposure to a SOC, NOC, IT support, or similar technical operations environment.

• Familiarity with security monitoring concepts, incident response workflows, or alert handling.

• Experience working with ticketing systems or case management tools.

• Academic, internship, lab, or entry-level professional experience in cybersecurity, IT, or related fields.

• Strong written and verbal communication skills, particularly in documenting and explaining technical findings.

• Solid understanding of networking and security fundamentals.

• Ability to analyze alerts, logs, and events to determine appropriate response.

• Strong attention to detail and consistency in documentation and process adherence.

• Ability to prioritize workload and follow established escalation procedures.

• Basic familiarity with scripting or automation concepts is a plus.

• Customer-focused mindset with the ability to remain calm and professional during incidents.

• Associate’s or Bachelor’s degree in a relevant field, or equivalent professional experience.

• Security+ or similar foundational security certification preferred but not required.
  

• Some travel and heavy lifting may be required.

• Successful completion of federal and state background checks and credit checks is required.