Cyber Security Engineer

🔥 17 hours ago

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Lumin Digital

WebsiteLinkedInAll Job Openings

51 - 200 employees

💳 Fintech

🤝 B2B

☁️ SaaS

Fintech • B2B • SaaS

Lumin Digital is a company that specializes in providing next-generation digital banking solutions for credit unions and banks. Their platform offers a wide array of services, including retail and commercial banking solutions, digital account opening, and tools to enhance user engagement and operational efficiency. With a focus on innovation and cutting-edge technology, Lumin Digital leverages artificial intelligence and robust security features to offer seamless, cloud-native services with near-perfect uptime. They are known for delivering business growth and cost savings for financial institutions, adapting to new technologies, and offering an enhanced user experience.

📋 Description

• Engineer the security infrastructure the rest of the company depends on across AWS and Kubernetes: telemetry pipelines, cryptographic material lifecycle, compliance automation, and the architecture patterns that scale across hundreds of environments. • Build and maintain agentic AI workflows using tools like Claude Code, MCP-based integrations, and custom agent harnesses to automate security engineering tasks. Examples include code review for vulnerability patterns, drift detection in security controls, and automated evidence collection. • Engineer the lifecycle of cryptographic material as code, including key generation, secure storage, certificate issuance, rotation, and revocation. All steps version-controlled, automated, and recoverable without a human in the loop. • Build security telemetry pipelines that detect, enrich, and route signals with the fidelity our auto-remediation systems require. • Embed security controls into deployment pipelines so vulnerabilities are prevented or resolved at build time rather than discovered post-deployment, including policy-as-code rules and automated playbooks. • Build compliance evidence collection and continuous control monitoring as engineered systems that produce auditor-ready outputs from continuous data flows. • Develop and maintain threat models that inform security architecture decisions and prioritize where engineered controls earn their place. Promote learnings into reusable patterns the rest of engineering can adopt. • Consult, review, and approve architectural decisions by other infrastructure and product teams for security compliance and outcomes, with attention to where secrets are stored and how trust boundaries are crossed. • Provide engineering support to Security Operations during incident response: build the tooling, telemetry, and automation that aids detection, containment, and recovery, in coordination with the Sec Ops team that owns the response process. • Partner with other Risk functions, technical teams, auditors, vendors, and clients to translate security requirements into engineered systems and validate posture across all environments. • Evaluate emerging AI-assisted engineering patterns and tooling through proof-of-concept work, including agent harness designs, prompt patterns, and eval methodologies. Promote what proves itself into team standard practice. • Operate our COTS security tooling when needed, usually through IaC and automation we've built ourselves, occasionally by clicking through a vendor console. • Perform other duties as assigned.

🎯 Requirements

• Bachelor's degree in Computer Science, Cybersecurity, Software Engineering, or related field, or equivalent combination of demonstrated engineering experience, shipped projects, and certifications in security engineering, cryptography, or cloud-native automation. • 5+ years of hands-on experience in security engineering, software engineering, or a closely related technical discipline, with a strong emphasis on building engineered systems rather than operating manual processes. • At least 1 year of production experience with at least 2 agentic coding tools, such as Claude Code, Gemini, Cursor, Codex, AMP, or OpenCode. • Demonstrated experience building and shipping production code in Python or a similarly capable language, with infrastructure-as-code tools such as Terraform. • Proven track record of working in cloud-native environments, with deep familiarity in AWS, Kubernetes, containerized workloads, and CI/CD pipeline integration. • Experience with security telemetry platforms (OpenSearch or similar), PKI / certificate lifecycle management, or compliance automation preferred. • Fluency with AI-assisted development tools like Claude Code and similar agentic coding assistants, including the ability to design, prompt-engineer, and orchestrate agents for security engineering workflows. Production experience where AI was load-bearing in the build. • Hands-on experience shipping at the agentic tool layer: MCP integrations, custom agent harnesses, or AI tool-use pipelines. • Strong software engineering fundamentals: version control, code review, testing, CI/CD, and API design, with the ability to write production-quality, maintainable code rather than throwaway scripts. • Hands-on proficiency with cloud-native engineering: AWS (KMS, IAM, Lambda, EKS, and supporting services), Kubernetes, and Terraform or equivalent IaC tools. • Technical knowledge of cybersecurity concepts, threat modeling, and secure design principles sufficient to consult on, review, and approve security-critical architectural decisions. • Working knowledge of PKI concepts and certificate lifecycle management, with the ability to engineer cryptographic lifecycles as code. • Experience with security telemetry pipelines and log analytics platforms (OpenSearch or similar), including data normalization, enrichment, and the structural fidelity required for downstream automation. • Working knowledge of cloud security and compliance frameworks (SOC 2, PCI DSS, CIS Benchmarks, AWS Well-Architected), with the ability to translate control requirements into automated, auditable systems. • Self-directed engineering mindset with a bias toward action, a low tolerance for manual toil, and a drive to eliminate recurring work through automation. A repeated manual process is a bug, not a task. • Excellent written and verbal communication, including the ability to translate complex security architectures into clear documentation and to operate as a consultative security partner across technical and non-technical teams. Comfort with a fully remote, async-first culture where Slack and thorough documentation are how decisions get made. • Nice to have: Contributions at the edge of what's possible with security and AI, including open-source projects, agent evaluation work, public writing, talks, or similar.

🏖️ Benefits

• medical, dental, and vision insurance • a 401(k) with company match • flexible PTO plus 12 paid holidays • paid sick leave • paid parental and family leave • lifestyle spending account • tuition reimbursement • cell phone stipend