Security Engineer II

Akuna Capital • Full-time • Chicago • 3d ago

About Akuna:

Akuna Capital is an innovative trading firm with a strong focus on collaboration, cutting-edge technology, data driven solutions, and automation. We specialize in providing liquidity as an options market-maker – meaning we are committed to providing competitive quotes to both buy and sell options to other market participants. To do this successfully, we design and implement our own low latency technologies, trading strategies, and mathematical models.

Our Founding Partners first conceptualized Akuna in their hometown of Sydney. They opened the firm’s first office in 2011 in the heart of the derivatives industry and the options capital of the world – Chicago. Today, Akuna is proud to operate from additional offices in Sydney, Shanghai, and London.

What you’ll do as a Security Engineer II at Akuna:

Akuna is seeking an accomplished and driven Security Engineer II to join our dynamic team. In this pivotal role, you will safeguard our systems, data, and assets against evolving cyber threats by proactively hunting vulnerabilities and threats, automating security workflows, and driving effective incident response efforts. By focusing on preventing, detecting, disrupting, investigating, responding to, and recovering from potential cyber risks, you will play a key role in strengthening and advancing our security posture.

As a Security Engineer II, your responsibilities will include developing and implementing robust security measures, thoroughly investigating incidents, and proposing targeted remediation strategies. You will also collaborate with cross-functional teams to refine detection capabilities, close monitoring gaps, and educate end users ensuring a resilient defense against sophisticated attacks. In this role you’ll:

Perform analysis of security incidents and threat actors utilizing the MITRE ATT&CK framework to enhance detection capabilities
Investigate and respond to security incidents reported by the Managed Security Service Provider (MSSP), security controls, and end users, while developing effective triage processes to ensure prompt and thorough incident handling
Assist in managing enterprise security infrastructure, including Intrusion Detection/Prevention Systems, SIEM, EDR, Web Filtering, MFA, and Email Security
Develop threat hunting activities by analyzing anomalous log data, intelligence, and conducting brainstorming sessions to detect and eliminate potential adversaries in our network
Leverage APIs across enterprise technology, SaaS/IaaS/PaaS and business applications to create new sources of telemetry signals for threat Detection and Response
Engineer orchestration and automation to streamline the incident analysis and response process
Engineer war-gaming and tabletop activities as part of red/blue team exercises to strengthen and test incident response playbooks, evaluating and improving the firm's incident response capabilities
Conduct vulnerability management assessments, recommend remediation actions, and collaborate with system owners to ensure timely patching
Collaborate with Managed Security Service Provider (MSSP) to implement threat detection rules and event correlation using SIEM platforms to identify malicious, suspicious, and anomalous activities
Collaborate with different departments within the firm to identify security monitoring blind spots and opportunities for threat detection
Provide support in implementing and maintaining the information security infrastructure ensuring its effective operation and ongoing maintenance
Educate users on security best practices and implement initiatives to promote cybersecurity awareness and risk reduction, including conducting training sessions and developing user-friendly documentation

Qualities that make great candidates:

Minimum of 4 years’ experience in a cyber defense or security engineering role -Demonstrated track record of protecting and defending enterprise systems, data, and infrastructure
Demonstrated passion for cybersecurity - Strong foundational knowledge of security operations, cyber defense, enterprise security, threat intelligence, and incident response
Deep understanding of security technologies and best practices - Proficiency with security controls, firewalls, IDS/IPS, SIEM, DLP, encryption, MFA architectures, O365 architecture, Active Directory, SSO, system hardening, and enterprise security principles
Security Automation - Hands-on experience with automation and orchestration tools (e.g., Splunk Phantom, Cortex XSOAR, tines, torq), including the ability to streamline repetitive tasks, reduce manual effort, and improve incident response efficiency
Understanding of vulnerability management - Experience using vulnerability scanning tools and overseeing remediation processes to address identified weaknesses
Cloud security expertise - Familiarity with SaaS, IaaS, and PaaS environments, along with provider-specific security controls and best practices
Log analysis and threat identification - Ability to review logs from diverse platforms and environments, detect indicators of compromise, and investigate potential threats
Broad technical knowledge - In-depth understanding of multiple operating systems (Linux/Unix, Windows, Mac), enabling comprehensive threat detection and response
Scripting and programming skills - Demonstrated proficiency in scripting languages such as PowerShell or Python to automate tasks and enhance security workflows
Network protocols and network security - Working knowledge of TCP/IP, UDP, DHCP, FTP, SFTP, SNMP, SMTP, SSH, SSL, VPN, RDP, HTTP, and HTTPS, as well as their roles in securing enterprise environments
Endpoint and data security - Exposure to Next-Gen AV, Endpoint Security, and CASB DLP solutions, with the ability to implement and optimize controls for various endpoints and data channels
Strong communication and collaboration - Excellent interpersonal skills to work effectively with cross-functional teams, leadership, and stakeholders; ability to translate complex security concepts for non-technical audiences
Documentation and policy development - Capable of producing clear policies, standards, and procedural documents that enhance organizational security and guide best practices
Familiarity with regulatory and compliance frameworks (plus) - Awareness of standards such as NIST, CIS and the ability to apply them to ensure compliance within the firm's policy

In accordance with Illinois Equal Pay Act, the minimum base salary starts at $130,000. Exact compensation offered may vary based on many factors including, but not limited to, the candidate’s experience, qualifications, and skill set. This role is also eligible for a discretionary performance bonus as part of the total compensation package, in addition to the benefits listed here: https://akunacapital.com/our-culture#benefits. The minimum base salary herein was determined in good faith by Akuna Capital LLC.