AI Engineer

Position Overview:

You'll design and build automation that replaces manual, error-prone security and compliance work. The goal is simple: systems should produce evidence, enforce controls, and follow up on work automatically—without humans chasing tickets, spreadsheets, or Teams messages.

You'll work closely with security, compliance, and product teams to turn vague operational requirements into deterministic, testable software. Some problems are rules-based. Others benefit from AI assistance. You're expected to make good calls about where each belongs.

This is a hands-on engineering role. You will ship real workflows that touch production systems.

• Automation that reacts to system events (deployments, access changes, onboarding/offboarding, vendor lifecycle events).

• Services that create and reconcile records across systems (identity, ticketing, change management, vendor risk, training platforms).

• Evidence-first workflows that generate audit artifacts as a side effect of normal operations.

• AI-assisted tooling for summarization, classification, evidence mapping, and owner follow-ups.

• Guardrails that prevent unsafe or non-compliant actions before they happen.

• Internal tools that make security and compliance states visible and actionable.

• Strong software engineering background (backend, platform, or automation experience).

• Experience building production systems that integrate with multiple APIs.

• Comfortable with at least one modern backend stack (e.g., Python, TypeScript, Go, Java).

• Solid fundamentals: data modeling, async workflows, failure handling, idempotency.

• Experience designing systems that are reliable, auditable, and easy to reason about.

• Ability to work with ambiguous requirements and turn them into concrete implementations.

• Experience with identity systems (IAM, SSO, RBAC).

• Experience with ticketing, workflow, or ITSM tools.

• Familiarity with security, risk, or compliance concepts (ISO, SOC 2, FedRAMP, etc.).

• Experience using LLMs for classification, summarization, extraction, or decision support.

• Event-driven architectures, webhooks, or workflow orchestrators.

• Cloud-native systems and CI/CD pipelines.

• Not a research role.

• Not a prompt-engineering job.

• Not a policy-writing role.

• Not "AI theater."

If it can be solved with deterministic logic, you'll do that. If AI helps, you'll use it responsibly and measurably.

• Manual processes replaced with reliable automation.

• Fewer audit findings and faster evidence collection.

• Clear ownership, traceability, and system-generated records.

• Workflows that don't require humans to remember what to do next.

• Code quality, clarity, and operational reliability.

Security and compliance teams are expected to operate at scale, with speed and precision, while using tools that were never designed to work together. Your job is to fix that—by shipping software that makes compliance the default outcome, not a last-minute scramble.

If you're a strong engineer who enjoys cleaning up messy real-world systems and making them behave correctly, this role is for you.