Risk Automation Engineer

Lumin Digital

Risk Automation Engineer developing AI-driven automation for risk management at Lumin Digital. Focused on eliminating manual processes in a cloud-native environment.

Posted 6/2/2026full-timeRemote • 🇺🇸 United StatesMid-LevelSenior💰 $165,000 - $185,000 per yearWebsite

Tech Stack

Tools & technologies

AWSCloudCyber SecurityGoPythonServiceNowTerraformTypeScript

About the role

Key responsibilities & impact

Architect and build lights-off automation pipelines that orchestrate the full risk assessment lifecycle—from intake and scoping through evidence collection, control testing, findings generation, and remediation tracking—using AI-driven agentic workflows and tools such as Claude Code.
Design and implement automated vendor risk lifecycle management, including onboarding questionnaires, periodic reassessment triggers, continuous monitoring integrations, and contract-driven offboarding workflows that require zero manual coordination for routine vendor tiers.
Build and maintain near-real-time risk posture dashboards and reporting pipelines that programmatically aggregate data from cloud infrastructure, security tooling, vulnerability scanners, and GRC platforms to give leadership continuous visibility into the organization’s evolving risk landscape.
Develop secure agentic AI pipelines that autonomously triage, classify, and route risk-related tasks—escalating to human reviewers only when decisions exceed defined confidence thresholds or policy boundaries.
Engineer integrations between GRC platforms, cloud and vendor provider APIs, CI/CD pipelines, and internal systems to enable continuous control monitoring and evidence collection that replaces periodic, manual audit preparation.
Eliminate procedural ambiguity by codifying risk management processes into self-service, event-driven workflows so that stakeholders across the enterprise never need to ask how to initiate or proceed through a risk or vendor process.
Apply security-first engineering practices to all automation, including secrets management, least-privilege access, audit logging, input validation, and guardrails on AI agent behavior to ensure automated pipelines operate within defined trust boundaries.
Serve as an internal force multiplier by introducing and evangelizing AI-assisted engineering practices, including prompt engineering, agentic tool use, and LLM-powered code generation, to uplevel the capabilities of the broader Risk and Compliance teams.
Perform other duties as assigned.

Requirements

What you’ll need

Bachelor’s degree in Computer Science, Cybersecurity, Software Engineering, or a related field; or equivalent combination of education and demonstrated engineering experience in integration and automation.
5+ years of hands-on software engineering, DevOps, or security automation experience in production environments
2+ years working in or directly supporting risk management functions or GRC operations
Demonstrated experience building and shipping automation pipelines in production environments using Python, Go, Bash, or similar languages, with infrastructure-as-code tools such as Terraform.
Track record of using AI/LLM tools (e.g., Claude Code, GitHub Copilot, or equivalent) to accelerate engineering output and build agentic or semi-autonomous workflows
Experience with risk registers and GRC platforms (e.g., Archer, ServiceNow, TrustCloud, Vanta, Drata, Hyperproof) and the ability to integrate them programmatically into automated workflows.
Working understanding of risk management frameworks (NIST CSF, PCI DSS, ISO 27001, SOC 2, FFIEC) and how controls map to technical implementations
Proficiency with AI-assisted development tools (Claude Code, GitHub Copilot, or similar agentic coding assistants) and the ability to design, prompt-engineer, and orchestrate AI agents for security automation workflows.
Strong proficiency in Python, Go, or TypeScript with the ability to ship production-grade code independently
Deep working knowledge of cloud platforms (AWS preferred), including IAM, Lambda, Step Functions, EventBridge, API Gateway, and related serverless/event-driven services
Strong software engineering fundamentals: version control (Git), code review, testing, CI/CD, API design, and the ability to write production-quality, maintainable code—not just scripts.
Strong systems-thinking mindset with the ability to see across organizational silos and design automation that accounts for process dependencies, edge cases, and failure modes
Familiarity with security data engineering concepts: API and database integration, data normalization, and building automated evidence-collection pipelines for compliance and audit support.
Excellent written and verbal communication skills, with the ability to translate complex automation architectures into clear documentation, runbooks, and knowledge-transfer materials for cross-functional teams.
Self-directed engineering mindset with a bias toward action, a low tolerance for manual toil, and a drive to eliminate recurring work through automation. You see a repeated manual process as a bug, not a task.

Benefits

Comp & perks

medical insurance
dental insurance
vision insurance
401(k) with company match
flexible PTO plus 12 paid holidays
paid sick leave
paid parental leave
family leave
lifestyle spending account
tuition reimbursement
cell phone stipend

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

PythonGoBashTerraformAI/LLM toolscloud platformsversion controlCI/CDAPI designsecurity data engineering

Soft Skills

excellent written communicationexcellent verbal communicationself-directed engineering mindsetsystems-thinking mindsetability to translate complex architecturesbias toward actiondrive to eliminate recurring workcollaborationproblem-solvingstakeholder engagement