Security Operations Engineer II

Responsibilities

• - Conduct root cause analysis and close the loop with Product, Engineering, Technology, Corporate and Security teams so each incident produces durable detections, controls, or playbook updates that prevent recurrence.
• - Conduct proactive threat hunting across enterprise, and cloud telemetry to identify and mitigate threats before they manifest as incidents.

Requirements

• LIFE AT UIPATH The people at UiPath believe in the transformative power of automation to change how the world works.
• WHAT YOU'LL DO AT UIPATH - Own incidents end-to-end - from real-time triage of SIEM, EDR, network, identity, and cloud telemetry, through containment and eradication across those domains, to written and verbal communication with technical and non-technical stakeholders.
• WHAT YOU'LL BRING TO THE TEAM - Strong working knowledge of incident response frameworks (NIST 800-61, SANS PICERL) and a deep understanding of modern attacker TTPs, malware behavior, and MITRE ATT&CK. - Solid understanding of operating system internals (Windows, Linux, macOS), networking protocols, identity systems, and at least one major cloud platform (AWS, Azure, or GCP) with preference for Azure - Foundational understanding of malware analysis and digital forensics methodology.
• - Effective use of coding agents (Claude Code, Copilot, Cursor) and LLM-based tools to accelerate detection development, investigation, and reporting - applying sound judgment around code validation, sensitive data handling, hallucination risk, and chain of custody, and able to advise on safe enterprise AI adoption.
• experience in Security Operations roles (SOC analyst, incident responder, detection engineer, threat hunter, or equivalent). - Demonstrated ownership of incidents end-to-end, including containment decisions and stakeholder communication. - Hands-on
• experience with at least one major SIEM (Sentinel, Splunk, Chronicle, Elastic) and at least one EDR (Defender XDR, CrowdStrike, SentinelOne). - Working scripting ability in one of the following: Python, PowerShell, Bash, or Node; - Working ability to author and tune KQL queries or similar languages for Analytics and Hunting rules. Practical
• experience using coding agents and/or LLM tooling in a professional workflow.

Additional details