• AI Security Engineer

    TEKsystems (Camas, WA)


    Description

    The Opportunity: We are looking for an AI Security Engineer to design, implement, and secure our next generation of AI solutions. You will combine hands-on engineering with security and governance expertise to ensure safe and compliant AI adoption. You will build and maintain AI guardrails, enforce Agent RBAC and permissions tied to firm roles, and integrate Data Loss Prevention (DLP) pipelines to protect sensitive information from leaking into LLM endpoints. Partnering with cloud, security, and governance teams, you will evaluate AI architectures for bias, drift, and risk, while aligning them with frameworks like NIST AI RMF, EU AI Act, and ISO/IEC 42001. You are equally comfortable developing AI security controls in Python/YAML as they are advising on compliance strategy — ensuring Fisher Investments leverages AI responsibly, securely, and at scale. You will report to the Team Lead. The Day-to-Day: • Plan, design, and build secure AI architectures applying NVIDIA NeMo Guardrails, Azure AI Foundry, and enterprise LLM integrations • Collaboratively develop agent RBAC (role-based access control) to ensure AI agents operate under permissions aligned to firm roles, enforcing least-privilege access • Design integrations for AI systems with corporate IAM/SSO (Entra, Okta, etc.) to manage persona- and role-based access across the enterprise • Design Data Loss Prevention (DLP) and redaction pipelines to prevent confidential, regulated, or proprietary data from being sent to external LLM endpoints • Provide technical advice, direction, and hands-on support to design and develop safe, compliant, and resilient AI workflows • Evaluate existing and proposed AI/ML architectures for bias, fairness, drift, hallucination, and security risks; recommend controls aligned with NIST AI RMF, EU AI Act, ISO/IEC 42001, CIS • Collaborate with Information Security, Cloud, Governance, and Engineering teams to implement standardized AI safety and compliance practices • Actively contribute to the development of AI security standards, playbooks, and architectural patterns • Automate guardrails, compliance checks, and AI gateway protections for scale and efficiency • Build and maintain initiative-level artifacts, including AI policy-as-code configs (YAML), architectural diagrams, and risk assessments • Monitor, log, and audit AI activity for policy violations, compliance tracking, and security event correlation. YAML-based guardrails, architectural diagrams, and AI risk assessments Your Qualifications: • 7+ years in IT, Information Security, or AI/ML engineering roles, with experience in: o Design, reviewing, and implementing secure AI programs in enterprise environments o Apply compliance frameworks (ISO 27001, SOC 2, NIST AI RMF, EU AI Act, ISO/IEC 42001) o Build RBAC/ABAC-based permission models for AI agents and personas • 2+ years of hands-on AI/ML administration or engineering, including: o Experience with NVIDIA NeMo Guardrails, Azure AI Foundry, or similar platforms o Design and deploy DLP solutions or privacy-preserving data pipelines for AI o Support AI and security operations in a large enterprise • Proficiency with Terraform, Python, and cloud automation • Prior experience in cloud security, data protection, and SIEM/logging for AI traffic Compensation: • $125,000 – $165,000 base salary per year in the state of WA – New hires should expect to start at the lower end of the range depending on experience. • Eligible for a discretionary bonus based on firm and individual performance. Why Fisher Investments: We work for a bigger purpose: bettering the investment universe. We take great pride in our inclusive culture, our learning and development framework customized for every employee, and our Great Place to Work Certification. It's the people that make the Fisher purpose possible, and we invest in them by offering exceptional benefits like: • 100% paid medical, dental and vision premiums for you and your qualifying dependents • A 50% 401(k) match, up to the IRS maximum • 20 days of PTO, plus 10 paid holidays • Family Support programs including 8 week Paid Primary Caregiver Leave, $10,000 fertility, family forming, and hormonal health assistance, and back-up child, adult, and elder care • This is an in-office role. Based on your role, tenure, and performance eligibility you may have the opportunity to participate in our hybrid work from home program. This program is subject to change. FISHER INVESTMENTS IS AN EQUAL OPPORTUNITY EMPLOYER

     

    Skills

     

    Paloalto, Firewall, Cisco asa, Penetration test, proxy, Network engineering

     

    Top Skills Details

     

    Paloalto,Firewall,Cisco asa,Penetration test,proxy,Network engineering

     

    Additional Skills & Qualifications

     

    We are looking for someone that is self-motivated and wants to contribute to team meetings Experience working in a team that is spread across multiple states and sites MUST have worked with automation tools either Python, Ansible, and/or Terraform. 1. What specific technical control requirements would be appropriate for an API integration? a. Example response: i. TLS 1.2 (encryption in flight) enforced ii. Key-based authentication iii. Network restrictions iv. Authorization restrictions 2. Have you ever worked in a fully technical role, such as a systems engineer or administrator? a. Example response: i. Azure engineer ii. Active Directory administrator iii. SaaS (ex. Salesforce, ServiceNow, Workday) engineering/operations iv. Programmer (ask for which languages) 3. What is the risk management cycle? Or, what is the standard risk management process? Or, what is an ERM framework? a. Identify Risk b. Assess Risk c. Control Risk d. Review Controls e. Additional acceptable answers include Monitoring/Measurement, Prioritizing, Impact 4. What is the CIA triad in security? a. Confidentiality b. Integrity c. Availability 5. What is the difference between a SOC 1 and SOC2 Type II report? a. SOC 1 Type II is a financial audit, SOC 2 Type II is an audit of controls (policy/practice & technical) 6. What are the stages of a cyber risk incident cycle? a. Identify b. Protect c. Detect d. Respond e. Recover 7. What are some of the most common vectors for attack leading to a corporate data breach? a. Email (phishing) b. Unpatched vulnerabilities c. Credential compromise d. Supply chain compromises

    Experience Level

    Expert Level

     

    Job Type & Location

     

    This is a Permanent position based out of Camas, WA.

    Pay and Benefits

    The pay range for this position is $120000.00 - $160000.00/yr.

     

    Why Fisher Investments: We work for a bigger purpose: bettering the investment universe. We take great pride in our inclusive culture, our learning and development framework customized for every employee, and our Great Place to Work Certification. It's the people that make the Fisher purpose possible, and we invest in them by offering exceptional benefits like:• 100% paid medical, dental and vision premiums for you and your qualifying dependents• A 50% 401(k) match, up to the IRS maximum• 20 days of PTO, plus 10 paid holidays• Family Support programs including 8 week Paid Primary Caregiver Leave, $10,000 fertility, family forming, and hormonal health assistance, and back-up child, adult, and elder care• This is an in-office role. Based on your role, tenure, and performance eligibility you may have the opportunity to participate in our hybrid work from home program. This program is subject to change.FISHER INVESTMENTS IS AN EQUAL OPPORTUNITY EMPLOYER

     

    Workplace Type

     

    This is a hybrid position in Camas,WA.

     

    Application Deadline

     

    This position is anticipated to close on Nov 24, 2025.

    h4>About TEKsystems:

    We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.

     

    The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

    About TEKsystems and TEKsystems Global Services

    We’re a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We’re a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We’re strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We’re building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com.

     

    The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.