Vulnerability Automation Engineer

🕒 May 5

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Lumin Digital

WebsiteLinkedInAll Job Openings

51 - 200 employees

💳 Fintech

🤝 B2B

☁️ SaaS

Fintech • B2B • SaaS

Lumin Digital is a company that specializes in providing next-generation digital banking solutions for credit unions and banks. Their platform offers a wide array of services, including retail and commercial banking solutions, digital account opening, and tools to enhance user engagement and operational efficiency. With a focus on innovation and cutting-edge technology, Lumin Digital leverages artificial intelligence and robust security features to offer seamless, cloud-native services with near-perfect uptime. They are known for delivering business growth and cost savings for financial institutions, adapting to new technologies, and offering an enhanced user experience.

📋 Description

• Design and implement end-to-end vulnerability automation pipelines that continuously discover assets, assess configurations, identify vulnerabilities, and execute or orchestrate remediation, without manual ticketing or human-in-the-loop coordination. • Build and maintain agentic AI workflows using tools such as Claude Code and MCP-based integrations to automate security engineering tasks, including code review for vulnerability patterns, configuration drift detection, and patch deployment across cloud-native environments. • Engineer new and enhance existing automated asset discovery and inventory systems that maintain a real-time, authoritative view of all infrastructure, services, and endpoints across environments, including ephemeral and containerized workloads. • Develop and operationalize automated configuration hardening pipelines that enforce security baselines (CIS Benchmarks, internal standards) as code, with drift detection and auto-remediation capabilities. • Create and maintain infrastructure-as-code templates, policy-as-code rules, and automated playbooks that embed security controls directly into deployment pipelines, preventing or resolving vulnerabilities at build time rather than discovering them post-deployment. • Build self-service remediation tooling and agentic support systems that empower development and infrastructure teams to resolve security findings autonomously, reducing cross-team dependencies and accelerating mean time to remediation. • Integrate vulnerability data sources (scanners, SCA tools, cloud-native security services, threat intelligence feeds) into unified automation platforms, normalizing and enriching findings to drive intelligent prioritization and automated response. • Develop metrics, dashboards, and automated reporting that provide real-time visibility into vulnerability posture, remediation velocity, and automation coverage, enabling leadership to measure program effectiveness without manual evidence gathering. • Collaborate with product, engineering, operations, and other risk teams to embed vulnerability automation into CI/CD pipelines, infrastructure provisioning workflows, and operational runbooks. • Perform other duties as assigned.

🎯 Requirements

• Bachelor’s degree in Computer Science, Cybersecurity, Software Engineering, or a related field; or equivalent combination of education and demonstrated engineering experience in vulnerability lifecycle management and security automation. • 5+ years of hands-on experience in security engineering, DevSecOps, vulnerability management, or infrastructure automation, with a strong emphasis on building automated systems rather than operating manual processes. • Demonstrated experience building and shipping automation pipelines in production environments using Python, Go, Bash, or similar languages, with infrastructure-as-code tools such as Terraform. • Proven track record of working in cloud-native environments with deep familiarity in containerized workloads, Kubernetes, serverless architectures, and CI/CD pipeline integration. • Experience with vulnerability scanning and security assessment platforms (e.g., Tenable, Qualys, Wiz, Snyk, Trivy, Grype, or cloud-native equivalents) and the ability to integrate them programmatically into automated workflows. • Deep understanding of vulnerability classes (OWASP Top 10, CWE, CVE/CVSS, EPSS) and modern prioritization frameworks that go beyond raw CVSS scores to factor exploitability, asset criticality, and business context. • Proficiency with AI-assisted development tools (Claude Code, GitHub Copilot, or similar agentic coding assistants) and the ability to design, prompt-engineer, and orchestrate AI agents for security automation workflows. • Strong software engineering fundamentals: version control (Git), code review, testing, CI/CD, API design, and the ability to write production-quality, maintainable code—not just scripts. • Hands-on experience with cloud security tooling and APIs (AWS Config, GuardDuty, Inspector, Security Hub), container security. • Familiarity with security data engineering concepts: API and database integration, data normalization, and building automated evidence-collection pipelines for compliance and audit support. • Excellent written and verbal communication skills, with the ability to translate complex automation architectures into clear documentation, runbooks, and knowledge-transfer materials for cross-functional teams.