If by secure you mean "cannot be reverse-engineered" then that is correct. However, it is suspectable to brute-force. On a 1080 Ti card a hacker can try SHA256 combos at around 4400 megahash/s. For comparison, the same card can only try scrypt at around 0.9 megahash/s and PBKDF2 with HMAC-SHA256 iterations at 1.6 megahash/s.

I guess the fact that you are using 132 bits of entropy in your string nullifies the cracking speed increase, but you must make sure your entropy source is not dirty or else you could actually be using less entropy unknowingly. A good example of this is using /dev/urandom.