Senior Engineer (AI Governance)

StackOne Inc.

Job Overview

Location

London

Job Type

Full-time

Full Job Description

📋 Description

• Own the end-to-end governance layer for AI agents accessing enterprise SaaS tools, acting as the secure gateway that enforces access policies analogous to MDM, EDR, and API gateways for devices and APIs.
• Design and implement the provisioning lifecycle for agent tool access—including enrollment, grant, rotation, and revocation—across StackOne’s managed authentication and connector-profile layer to eliminate manual OAuth app configuration.
• Shape, author, version, and enforce dynamic access policies that define which agents can invoke which tools, with which scopes and data classes, conditioned on identity and context, including leveraging LLMs for policy generation.
• Build continuous posture and risk assessment systems that surface risky tool scopes, stale grants, and anomalous invocation patterns across the 200+ integrated SaaS connectors.
• Deepen telemetry and instrumentation of all tool calls flowing through the gateway, ensuring structured, queryable visibility with strict latency discipline for a system on the hot path.
• Extend and integrate enterprise identity systems including OAuth 2.1, SSO, and SCIM to bind agent and tool access directly to corporate identity providers, enforcing least privilege and eliminating shadow access.
• Develop detection and response mechanisms for AI agent behavior, defining what constitutes “bad” activity, surfacing threats, and enabling operators to contain misuse in real time.
• Collaborate with engineering leadership and founders to set the technical direction for agent governance, influencing how IT and security leaders determine whether agents can interact with real enterprise systems.
• Operate and improve a production system handling high-volume, low-latency agent-to-tool interactions, ensuring reliability, scalability, and security at gateway scale.
• Work with a platform used by SaaS builders and AI agent developers, requiring deep empathy for developer experience, configurability, and operational transparency.
• Contribute to the evolution of StackOne’s AI-powered integration toolkit by embedding governance controls directly into the tooling used by agents to interact with enterprise data and services.
• Maintain compliance posture by aligning governance controls with enterprise security standards, including SOC 2 and ISO 27001 environments.
• Build and refine policy and rules engines that translate high-level security requirements into runtime enforcement logic, understanding the critical distinction between policy expression and actual enforcement.
• Participate in the design of secure, token-efficient architectures that minimize credential sprawl while maximizing auditability and control over agent actions.
• Partner with security and platform engineers to ensure governance is not an afterthought but a foundational layer of StackOne’s architecture.
• Monitor and respond to real-time telemetry from agent tool usage, identifying drift, abuse, and vulnerabilities before they impact enterprise systems.
• Contribute to public technical artifacts, including open-source projects, specifications, or detailed write-ups, to advance industry understanding of AI agent governance.

🎯 Requirements

• Strong software engineering fundamentals with experience owning a production system end-to-end
• Built or operated at least one of: an API gateway/platform (e.g., Kong, Apigee, AWS API Gateway), MDM/UEM system (e.g., Jamf, Intune), EDR/XDR platform (e.g., CrowdStrike, SentinelOne), or comparable policy-driven access-control system
• Built a policy or rules engine with authoring, evaluation, enforcement, and versioning capabilities
• Deep experience with identity systems: OAuth/OIDC, SAML, SSO, SCIM, including scopes, token lifecycle, and least privilege implementation
• Experience with telemetry and instrumentation of a high-throughput, low-latency request-path system
• Practical experience using or building AI agents and understanding governance and guardrail challenges in AI usage

🏖️ Benefits

• Opportunity to shape the foundational governance layer for enterprise AI agent tool access at a venture-backed startup
• Direct collaboration with founders and engineering leadership on a strategic, high-impact product pillar
• Work on a platform used by SaaS builders and AI developers, with strong product and developer empathy
• Exposure to cutting-edge AI integration challenges at the intersection of security, identity, and agent systems
• Competitive compensation and equity package backed by GV and Workday Ventures
• Collaborative, high-ownership culture with direct influence on technical direction and product roadmap

Skills & Technologies

AWS

OAuth

Senior

Onsite

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

StackOne Inc.

Visit Website

About StackOne Inc.

StackOne provides a unified API that lets software companies integrate with multiple HR, payroll, ATS, LMS and other workforce platforms through a single interface. Instead of building and maintaining separate integrations, developers authenticate once and read or write data across systems like Workday, BambooHR, Greenhouse, SAP SuccessFactors and more using normalized data models. The platform handles token refresh, rate limits, permissions and compliance, so teams can launch integrations faster and keep them current without ongoing maintenance. Headquartered in San Francisco, StackOne serves SaaS vendors that embed workforce connectivity into their own products.

View Company Profile

Get more remote jobs like this

Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.

Weekly remote jobs and featured talent.

No spam. Only curated remote roles and product updates. You can unsubscribe anytime.