security
Posted 1 hour agoSecurity Engineer I
at UiPath
Hybrid
Requirements
- LIFE AT UIPATH The people at UiPath believe in the transformative power of automation to change how the world works.
- CROSS-FUNCTIONAL COMPETENCIES - Threat Intelligence - developing ability to consume threat intelligence and apply it to hunts, detections, and incident context; learning to map adversary behavior to MITRE ATT&CK.
- KNOWLEDGE, SKILLS & CAPABILITIES - Working knowledge of incident response frameworks (NIST 800-61, SANS PICERL) and a developing understanding of modern attacker TTPs, malware behavior, and MITRE ATT&CK.
- - Familiarity with operating system fundamentals (Windows, Linux, macOS), networking protocols, identity systems, and at least one major cloud platform (AWS, Azure, or GCP) with preference of Azure.
- - Foundational scripting in Python, PowerShell, Bash, or Node plus developing proficiency in Microsoft KQL or similar query analytics languages; comfortable in terminal-first workflows with utilities such as grep, jq, awk, sed, curl, and git.
- experience in a Security Operations role (SOC analyst, junior incident responder, detection engineer, or equivalent), internship, or relevant academic/lab work. - Hands-on exposure to at least one major SIEM (Sentinel, Splunk, Chronicle, Elastic) and at least one EDR (Defender XDR, CrowdStrike, SentinelOne). - Developing ability to write and run KQL queries (or willingness to ramp quickly). - Practical
- experience using coding agents and/or LLM tooling, with judgment about when to validate or escalate.
- - Ability to successfully complete a background investigation appropriate to a FedRAMP Moderate environment.
- - Familiarity with NIST SP 800-53 and NIST SP 800-61 concepts (or commitment to develop working knowledge within the first 90 days) to support work inside the FedRAMP boundary.
- Preferred - Exposure to incidents in cloud environments (Azure / AWS / GCP) and SaaS platforms.
- - Familiarity with digital forensics tooling (Velociraptor, KAPE, Volatility) or malware triage concepts.
- - Entry-to-mid certifications such as Security+, CySA+, SC-200, AZ-500, GSEC, GCIH, or equivalent.
- - Bachelor's degree in Computer Science, Information Security, or related field - or equivalent practical experience.
- - Exposure to Azure Government, AWS GovCloud (US), or Google Cloud Assured Workloads - Awareness of 3PAO assessment activities, ConMon, POA&Ms, and SSPs.