Security Operations Engineer II

UiPath2 weeks ago

Location

Bucharest

Type

Full Time

Salary

RON 75,000 – 125,000

Level

Senior

Role

Security Operations Engineer

Posted

May 21, 2026

Full TimeSenior

The role

Summary

UiPath is seeking a Security Operations Engineer II in Bucharest to lead end-to-end incident response and threat management. The ideal candidate will possess strong technical skills in security operations, incident investigation, and automation, with a focus on proactively preventing and mitigating security threats across enterprise and cloud environments.

What you'll do

Incident Management: Own end-to-end incident handling from real-time triage of SIEM, EDR, network, identity, and cloud telemetry through containment and eradication across multiple domains

Root Cause Analysis: Conduct comprehensive root cause analysis and collaborate with cross-functional teams to develop durable detections, controls, and playbook updates to prevent incident recurrence

Threat Hunting: Perform proactive threat hunting across enterprise and cloud telemetry to identify and mitigate potential security threats before they escalate

Incident Response Documentation: Develop, maintain, and exercise incident response playbooks and runbooks through drills and tabletop exercises to identify and address readiness gaps

Security Tooling Management: Manage, tune, and contribute to detection and response tooling stack, including SIEM, EDR, SOAR, and case management systems

Automation and Mentorship: Automate routine SecOps tasks using a DevOps/IaC approach and provide technical guidance and mentorship to junior IR analysts and adjacent security teams

What we look for

Technical

Incident Response FrameworksExpertise in NIST 800-61 and SANS PICERL incident response frameworks

Operating System KnowledgeDeep understanding of Windows, Linux, and macOS operating system internals

Cloud PlatformsProficiency in at least one major cloud platform (AWS, Azure, or GCP), with preference for Azure

Security ToolsHands-on experience with SIEM (Sentinel, Splunk, Chronicle, Elastic) and EDR (Defender XDR, CrowdStrike, SentinelOne) tools

Education

Cybersecurity EducationBachelor's degree in Computer Science, Cybersecurity, or related technical field preferred

Experience

Professional ExperienceMinimum 3 years in Security Operations roles such as SOC analyst, incident responder, detection engineer, or threat hunter

Incident HandlingDemonstrated end-to-end incident ownership, including containment decisions and stakeholder communication

Skills

Required skills

ScriptingProficiency in Python, PowerShell, Bash, or Node.js

Query LanguagesAbility to author and tune KQL queries or similar analytics and hunting rules

Malware AnalysisFoundational understanding of malware analysis and digital forensics methodology

Nice to have

AI ToolsExperience using coding agents and LLM-based tools for security workflows

Cloud SecurityAdvanced knowledge of cloud security principles and threat detection

Compensation & benefits

Salary

RON 75,000 – 125,000 (annual)

Benefits

Professional Development

Continuous learning opportunities and technical training

Inclusive Workplace

Diverse and supportive work environment with equal opportunities

Flexible Work

Potential for hybrid work arrangements and flexible scheduling

Interview process

1
Initial Screening — HR review of resume and initial qualifications
2
Technical Phone Screen — Detailed discussion of technical skills and security operations experience
3
Technical Interview — In-depth technical assessment of incident response, threat hunting, and security tooling knowledge
4
Practical Assessment — Hands-on security scenario and incident response simulation
5
Final Interview — Meeting with security team leadership and cultural fit assessment