Cyber Security Engineer

### **Basic Function** Lumin Digital's Security Engineering team is a true engineering organization that protects a cloud\-hosted digital banking platform serving financial institutions and their members. As a Cybersecurity Engineer, you will build software and infrastructure that heals itself, automatically enforces controls at scale, and converges on correct operation across hundreds of environments. Your scope includes the lifecycle of our cryptographic material and the architecture of our security telemetry. You will work in AI\-assisted engineering tools every day: agentic coding assistants like Claude Code, MCP\-based integrations, and custom agent harnesses. This role exists for engineers fluent in AI tools who have something to teach the rest of us about working with them. Success means our security infrastructure doesn't go bump in the night. ### **Essential Functions and Responsibilities:** * Engineer the security infrastructure the rest of the company depends on across AWS and Kubernetes: telemetry pipelines, cryptographic material lifecycle, compliance automation, and the architecture patterns that scale across hundreds of environments. * Build and maintain agentic AI workflows using tools like Claude Code, MCP\-based integrations, and custom agent harnesses to automate security engineering tasks. Examples include code review for vulnerability patterns, drift detection in security controls, and automated evidence collection. * Engineer the lifecycle of cryptographic material as code, including key generation, secure storage, certificate issuance, rotation, and revocation. All steps version\-controlled, automated, and recoverable without a human in the loop. * Build security telemetry pipelines that detect, enrich, and route signals with the fidelity our auto\-remediation systems require. * Embed security controls into deployment pipelines so vulnerabilities are prevented or resolved at build time rather than discovered post\-deployment, including policy\-as\-code rules and automated playbooks. * Build compliance evidence collection and continuous control monitoring as engineered systems that produce auditor\-ready outputs from continuous data flows. * Develop and maintain threat models that inform security architecture decisions and prioritize where engineered controls earn their place. Promote learnings into reusable patterns the rest of engineering can adopt. * Consult, review, and approve architectural decisions by other infrastructure and product teams for security compliance and outcomes, with attention to where secrets are stored and how trust boundaries are crossed. * Provide engineering support to Security Operations during incident response: build the tooling, telemetry, and automation that aids detection, containment, and recovery, in coordination with the Sec Ops team that owns the response process. * Partner with other Risk functions, technical teams, auditors, vendors, and clients to translate security requirements