Security Platform Engineer

### Basic Function Lumin Digital's Security Engineering team is a true engineering organization that protects a cloud\-hosted digital banking platform serving financial institutions and their members. As a Security Platform Engineer, you will apply reliability engineering to our security\-critical infrastructure: building systems that scale gracefully, recover automatically, and converge on correct operation across hundreds of environments. Your scope spans telemetry clusters, GitOps\-driven deployment workflows, and the patterns that make security a paved path for the rest of engineering. You will work in AI\-assisted engineering tools every day: agentic coding assistants like Claude Code, MCP\-based integrations, and custom agent harnesses. This role exists for Platform and Reliability Engineers who treat AI as part of their working medium and have something to teach the rest of us about reliability in an AI\-native world. Success means our security fabric scales without us, and our on\-call rotations get quieter every quarter. ### Essential Functions and Responsibilities: * Build and operate Lumin's security fabric: the foundation other security capabilities depend on, engineered for reliability and scale across hundreds of environments. * Build and maintain agentic AI workflows using tools like Claude Code, MCP\-based integrations, and custom agent harnesses to automate security platform engineering tasks. Examples include infrastructure code review, configuration drift detection, runbook generation, and incident timeline synthesis. * Build and operate security telemetry, log analytics, and observability infrastructure: logging clusters, ingest pipelines, OpenSearch index management and performance tuning, and the alerting systems that enable detection and response capabilities across the platform. * Design and implement deployment workflows using GitOps patterns (ArgoCD, Argo Workflows, Kustomize) to manage security infrastructure across hundreds of AWS accounts and regions, with consistency, auditability, and separation of duties enforced as code. * Write and maintain production\-quality Python applications and tooling that support platform operations: automation, integrations, internal utilities, and the AI\-assisted workflows that wrap them. * Secure and operate Kubernetes workloads in EKS, configuring RBAC, network policies, and deployment safeguards to reduce lateral movement and minimize blast radius for security services. * Design and maintain secure cross\-account and multi\-region infrastructure patterns, including KMS, IAM roles, and VPC configurations, ensuring consistent security posture across hundreds of environments. * Participate in an on\-call rotation for security infrastructure services, restoring service health, documenting resolutions, and converging the systems toward needing fewer humans in the loop over time. * Provide engineering support during security incidents by ensuring logging and monitoring infrastructure