AI Engineer

My Financial Services client is seeking to recruit a AI Engineer on an initial 6 month contract based in London. It is hybrid and will require 3x days onsite per week.

As a Back-End AI Engineer, you will design and deploy secure, scalable AI services that power next-generation use cases across client intelligence, document processing, and risk management. You'll work in a greenfield environment, building compliant AI pipelines using Gemini (GCP), Azure OpenAI or Self Hosting embedding security and privacy controls from experimentation to production, in alignment with the bank's cybersecurity and regulatory standards.

Accountabilities & Responsibilities

• Architect and implement secure AI services from lab to production, ensuring scalability and compliance
• Develop robust APIs for LLMs, RAG pipelines, agentic workflows and document intelligence systems
• Embed cybersecurity and data privacy controls across all AI workflows (e.g., encryption, anonymisation, access logging)
• Collaborate with the CISO function on threat modeling, security reviews, and AI-specific control design.
• Integrate with enterprise IAM systems, enforcing RBAC, least privilege
• Conduct vulnerability scans, pen-test remediation, and support internal and regulatory audits (FCA, PRA)

Required Knowledge & Experience

• Delivered greenfield AI systems in production with secure-by-design architecture
• Designed and managed AI lab environments using IaC, containerisation, and secure networking practices
• Hands-on experience with LLM implementation, including fine-tuning, prompt engineering, and secure deployment
• Built agentic workflows using modular LLM agents with memory, planning, and tool integration
• Implemented Model Context Protocol (MCP) to manage secure, auditable context injection across agentic systems
• Experience building RAG pipelines with strict data governance and contextual integrity
• Familiarity with EU AI Act, FCA cybersecurity principles, and oversight of critical systems
• Worked directly with cybersecurity and compliance teams in regulated deployments
• Implemented or maintained controls under ISO 27001, NIST, or SOC2 frameworks

Technical Skills & Technologies:

• Languages & Frameworks
• Python (FastAPI), LangChain, Google AI SDK, Azure Open AI SDK
• Cloud & AI Platforms
• GCP: Vertex AI, Gemini API, Cloud Run, GCS, IAM, Secret Manager, Audit Logs
• Azure: Azure ML, Azure OpenAI, Key Vault, Azure Policy
• Experience with Self Hosting
• LLM
• Fine-tuning and prompt engineering for LLMs (e.g., GPT, Gemini, Claude)
• Secure deployment of LLMs via APIs with input/output filtering and logging
• Integration of LLMs into RAG pipelines, document intelligence, and agentic workflows
• Use of vector databases (e.g., FAISS, Pinecone, Chroma) for semantic search and retrieval
• Implementation of grounding, context injection, and response validation mechanisms
• Model Context Protocol (MCP)
• Implement secure, policy-aligned Model Context Protocol (MCP) for managing contextual memory, grounding, and session control in LLM-based systems
• Enforce context boundary policies, context versioning, and traceability to support auditability and prevent data leakage
• Integrate MCP with enterprise IAM and data governance frameworks to ensure compliant context injection and revocation
• Agentic Workflows
• Design and orchestrate agentic AI workflows using modular, goal-driven agents with memory, planning, and tool-use capabilities
• Implement secure agent execution environments with task decomposition, tool chaining, and feedback loops
• Integrate agents with enterprise systems (e.g., document stores, APIs, risk engines) while enforcing contextual integrity, rate limiting, and audit logging
• Apply agentic patterns to automate complex financial tasks such as client onboarding, document summarisation, and risk signal extraction
• Security Tooling
• Static code analysis (Bandit, SonarQube)
• Secrets scanning, encryption (at rest/in-transit), token management
• Identity integration (Google Identity, Azure Entra ID)
• Data Security & Governance
• RAG pipelines with data classification, masking, and DLP
• GDPR and data residency compliance
• MLOps & DevSecOps
• GitHub Actions, CI/CD security testing, model drift detection, audit logging
• Lab Environment Tooling
• Infrastructure-as-Code (IaC): Terraform, Pulumi
• Containerization & Orchestration: Docker, Kubernetes (GKE/AKS)
• Networking & Isolation: VPCs, private endpoints, firewall rules, network policies
• Data Sandboxing: Synthetic datasets, masking, DLP tooling
• Monitoring & Observability: Prometheus, Grafana, Cloud Logging