Risk Automation Engineer

Lumin Digital is looking for a Risk Automation Engineer who will fundamentally reimagine how risk management operates in a cloud-native, infrastructure-as-code environment. This role exists because traditional GRC processes (spreadsheet-driven assessments, manual remediation tracking, and documentation-heavy workflows) cannot keep pace with the velocity at which our technology evolves. The Risk Automation Engineer will design, build, and operate secure, agentic automation pipelines that handle risk and vendor lifecycle processes end-to-end, eliminating manual handoffs wherever human judgment is not required. Success in this position means Lumin’s risk posture is visible in near real time, risk processes are self-service and self-documenting, and the broader Risk Management team spends its time on strategic decisions rather than procedural coordination. This person will teach us what’s possible, not wait to be taught.

• →

  Architect and build lights-off automation pipelines that orchestrate the full risk assessment lifecycle—from intake and scoping through evidence collection, control testing, findings generation, and remediation tracking—using AI-driven agentic workflows and tools such as Claude Code.

• →

  Design and implement automated vendor risk lifecycle management, including onboarding questionnaires, periodic reassessment triggers, continuous monitoring integrations, and contract-driven offboarding workflows that require zero manual coordination for routine vendor tiers.

• →

  Build and maintain near-real-time risk posture dashboards and reporting pipelines that programmatically aggregate data from cloud infrastructure, security tooling, vulnerability scanners, and GRC platforms to give leadership continuous visibility into the organization’s evolving risk landscape.

• →

  Develop secure agentic AI pipelines that autonomously triage, classify, and route risk-related tasks—escalating to human reviewers only when decisions exceed defined confidence thresholds or policy boundaries.

• →

  Engineer integrations between GRC platforms, cloud and vendor provider APIs, CI/CD pipelines, and internal systems to enable continuous control monitoring and evidence collection that replaces periodic, manual audit preparation.

• →

  Eliminate procedural ambiguity by codifying risk management processes into self-service, event-driven workflows so that stakeholders across the enterprise never need to ask how to initiate or proceed through a risk or vendor process.

• →

  Apply security-first engineering practices to all automation, including secrets management, least-privilege access, audit logging, input validation, and guardrails on AI agent behavior to ensure automated pipelines operate within defined trust boundaries.

• →

  Serve as an internal force multiplier by introducing and evangelizing AI-assisted engineering practices, including prompt engineering, agentic tool use, and LLM-powered code generation, to uplevel the capabilities of the broader Risk and Compliance teams.

• →

  Perform other duties as assigned.

• →

  None.

• While performing the duties of this Job, the employee is regularly required to sit; use hands to type, handle, or feel and talk or hear 

• Specific vision abilities required by this job include close vision

• Ability to occasionally lift/move up to 25 pounds

• Individuals with a disability who are otherwise able to perform the essential functions of the job may request reasonable accommodation through the Human Resources department.

• Bachelor’s degree in Computer Science, Cybersecurity, Software Engineering, or a related field; or equivalent combination of education and demonstrated engineering experience in integration and automation.

• Relevant certifications valued but not required (e.g., AWS Solutions Architect, CRISC, CISSP, or equivalent cloud/security credentials)

• 5+ years of hands-on software engineering, DevOps, or security automation experience in production environments

• 2+ years working in or directly supporting risk management functions or GRC operations

• Demonstrated experience building and shipping automation pipelines in production environments using Python, Go, Bash, or similar languages, with infrastructure-as-code tools such as Terraform.

• Track record of using AI/LLM tools (e.g., Claude Code, GitHub Copilot, or equivalent) to accelerate engineering output and build agentic or semi-autonomous workflows

• Experience with risk registers and GRC platforms (e.g., Archer, ServiceNow, TrustCloud, Vanta, Drata, Hyperproof) and the ability to integrate them programmatically into automated workflows.

• Working understanding of risk management frameworks (NIST CSF, PCI DSS, ISO 27001, SOC 2, FFIEC) and how controls map to technical implementations

• Proficiency with AI-assisted development tools (Claude Code, GitHub Copilot, or similar agentic coding assistants) and the ability to design, prompt-engineer, and orchestrate AI agents for security automation workflows.

• Strong proficiency in Python, Go, or TypeScript with the ability to ship production-grade code independently

• Deep working knowledge of cloud platforms (AWS preferred), including IAM, Lambda, Step Functions, EventBridge, API Gateway, and related serverless/event-driven services

• Strong software engineering fundamentals: version control (Git), code review, testing, CI/CD, API design, and the ability to write production-quality, maintainable code—not just scripts.

• Strong systems-thinking mindset with the ability to see across organizational silos and design automation that accounts for process dependencies, edge cases, and failure modes

• Familiarity with security data engineering concepts: API and database integration, data normalization, and building automated evidence-collection pipelines for compliance and audit support.

• Excellent written and verbal communication skills, with the ability to translate complex automation architectures into clear documentation, runbooks, and knowledge-transfer materials for cross-functional teams.

• Self-directed engineering mindset with a bias toward action, a low tolerance for manual toil, and a drive to eliminate recurring work through automation. You see a repeated manual process as a bug, not a task.

• Minimal, generally 12 days or less per year, ~2X team get-togethers a year

Lumin Digital is a trailblazer in digital banking solutions, driven by a unique approach to technology, service, and people. We empower credit unions and banks by creating cutting-edge digital experiences that continuously serve, engage, and grow their membership base — and as a 100% cloud-native company, we're purpose-built to unlock the full advantages of the cloud for financial institutions and their users.

At Lumin, we thrive on curiosity and innovation. Our culture is built on trust in our expertise and decisions, respect for diverse perspectives and talents, and boldness in pursuing new ideas. These values shape a workplace where collaboration thrives, ideas flourish, and new possibilities are discovered every day. We encourage our team to explore, experiment, and challenge the status quo — because continuous improvement isn't just a goal, it's how we operate.

Benefits include: We take care of our people with medical, dental, and vision insurance, a 401(k) with company match, flexible PTO plus 12 paid holidays, paid sick leave, and paid parental and family leave. We also offer a lifestyle spending account, tuition reimbursement, and a cell phone stipend. Additional details are provided during the interview process.

Lumin Digital is an equal opportunity employer. We consider all qualified applicants without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender identity, or any other legally protected basis. For more information, visit lumindigital.com.