UiPath
Engineering
SecurityOperationsEngineerII
Neural analysis suggests this role is
optimal for Mid candidates.
“Security Operations Engineer II at UiPath. Skills: Threat management, Incident response, Security Operations. Own incidents end-to-end. Conduct root cause analysis”
Industry & Context.
Perform complex analysis of network, host, identity, and cloud logs and reaches sound conclusions under time pressure; Exercises discretion in selecting methods and tooling, knows when to escalate, and brings critical thinking and problem-solving to ambiguous situations; Accelerate detection development, investigation, and reporting
What They're Looking For.
Must Have
Minimum 3 years of experience in Security Operations roles (SOC analyst, incident responder, detection engineer, threat hunter, or equivalent), Demonstrated ownership of incidents end-to-end, including containment decisions and stakeholder communication, Hands-on experience with at least one major SIEM (Sentinel, Splunk, Chronicle, Elastic), Hands-on experience with at least one EDR (Defender XDR, CrowdStrike, SentinelOne), Working scripting ability in one of the following: Python, PowerShell, Bash, Working ability to author and tune KQL queries or similar languages for Analytics and Hunting rules, Practical experience using coding agents and/or LLM tooling in a professional workflow
Nice to Have
Experience with incident response frameworks (NIST 800-61, SANS PICERL), Deep understanding of modern attacker TTPs, malware behavior, and MITRE ATT&CK, Solid understanding of operating system internals (Windows, Linux, macOS), Solid understanding of networking protocols, Solid understanding of identity systems, Solid understanding of at least one major cloud platform (AWS, Azure, or GCP) with preference for Azure, Foundational understanding of malware analysis and digital forensics methodology, Experience with coding agents (Claude Code, Copilot, Cursor), Experience with LLM-based tools
What You'll Do.
Own incidents end-to-end
Conduct root cause analysis
Conduct proactive threat hunting
Develop and maintain incident response playbooks and runbooks
Exercise playbooks through drills and tabletops
tune and contribute to detection and response tooling stack
Automate routine SecOps tasks
Integrate security tooling via APIs
How You'll Work.
Team & Collaboration
Collaborate with Threat Intelligence and Detection Engineering teams; Communicate with technical and non-technical stakeholders; Close the loop with Product, Engineering, Technology, Corporate and Security teams; Provide technical guidance and mentorship to junior IR analysts and adjacent security teams
Communication Scope
Written communication; Verbal communication
Full Job Description
LIFE AT UIPATH The people at UiPath believe in the transformative power of automation to change how the world works. We’re committed to creating category-leading enterprise software that unleashes that power. To make that happen, we need people who are curious, self-propelled, generous, and genuine. People who love being part of a fast-moving, fast-thinking growth company. And people who care—about each other, about UiPath, and about our larger purpose. Could that be you? YOUR MISSION As a Security Operations Engineer II, you are an experienced professional specializing in threat management and incident response. You handle the end-to-end process of investigating, containing, and remediating security incidents. You collaborate with Threat Intelligence and Detection Engineering teams to ensure that today's incidents become tomorrow's prevented attacks. With a builder's mindset, you automate tasks that shouldn't be done manually and develop playbooks for those that should. WHAT YOU'LL DO AT UIPATH - Own incidents end-to-end - from real-time triage of SIEM, EDR, network, identity, and cloud telemetry, through containment and eradication across those domains, to written and verbal communication with technical and non-technical stakeholders. - Conduct root cause analysis and close the loop with Product, Engineering, Technology, Corporate and Security teams so each incident produces durable detections, controls, or playbook updates that prevent recurrence. - Conduct proactive threat hunting across enterprise, and cloud telemetry to identify and mitigate threats before they manifest as incidents. - Develop and maintain incident response playbooks and runbooks, and exercise them through drills and tabletops that surface gaps in readiness. - Manage, tune and contribute to detection and response tooling stack (SIEM, EDR, SOAR, case management), contributing to roadmap and configuration standards. Provide technical guidance and mentorship to junior IR analysts and adjacent sec
Applying for this Security Operations Engineer II role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Ashby
- Ashby is a fast modern ATS — most applications take under 3 minutes.
- The resume parser is strong; verify parsed experience dates and job titles.
- Custom screening questions are often scored algorithmically — answer completely.
- Location field affects geo-based screening; use your actual metro area.
ANONYMOUS · UNFILTERED
What do employees actually say about UiPath?
Real rants from real employees. Read before you apply.