Title: Staff AI Agentic Security Engineer Location: New York, New York Job Description: About Bridgewater  Bridgewater Associates is a premier asset management firm, focused on delivering unique insight and partnership for the most sophisticated global institutional investors.  Our investment process is driven by a tireless pursuit to understand how the world’s markets and economies work — using cutting edge technology to validate and execute on timeless and universal investment principles.  Founded in 1975, we are a community of independent thinkers who share a commitment for excellence. By fostering a culture of openness, transparency, and inclusion, we strive to unlock the most complex questions in investment strategy, management, and corporate culture.  Explore more information about Bridgewater on our website here.  Our Culture  Bridgewater’s unique success is the direct result of our unique way of being. We want an idea meritocracy in which meaningful work and meaningful relationships are pursued through radical truth and radical transparency. We require people to be extremely open, air disagreements, test each other’s logic, and view discovering mistakes and weaknesses as a good thing that leads to improvement and innovation. It is by continually striving together for the highest levels of truth and excellence that we create meaningful work and meaningful relationships. Within this culture, Diversity and Inclusion is a top priority because it is essential to finding the best talent in the world, enabling our idea meritocracy, and creating an environment where all types of people can thrive. We have a full-time team as well as affinity networks that work on these issues - If you would like to learn more, please let your Bridgewater recruiter know.   Explore more information about Bridgewater’s culture on our website here.  About the Security Group  The Security Department’s mission is to protect Bridgewater. We constantly evolve our cyber, physical, and staff security practices to meet business needs and stay ahead of the changing threat landscape. About Your Role This person needs to know how to build and how to protect. We’re not looking for someone who reviews architectures from the sideline. We need someone in the arena — writing agents, shipping code, deploying guardrails, and setting the standard for how an entire firm adopts AI securely. This is a 50/50 role with two equally critical mandates: PILLAR 1 (50%) — AI Thought Leader in Security: Build It You will be the hands-on AI leader inside the Security Department, a builder who ships. You will design and implement AI agents that modernize security operations in an AI-native way: automating threat detection, vulnerability triage, incident response, compliance monitoring, and developer security tooling. You will set the vision for what a modern, agent-powered security organization looks like and then build it yourself. - Build Security Operations Agents: Design, develop, and deploy autonomous agents for threat detection, alert triage, vulnerability management, and incident response — to transform the way those teams operate. - Modernize Workflows AI-Natively: Reimagine existing security processes through the lens of agentic AI. Replace manual runbooks with intelligent agents that reason, act, and escalate. Build agent-powered security copilots for engineering teams that perform real-time code review, suggest secure patterns, and catch vulnerabilities before they ship. - Own the Security AI Stack: Evaluate, select, and implement the right mix of frameworks, orchestration tools, and infrastructure for the department’s agent platform. You should have strong opinions — backed by hands-on experience — on LangGraph, LangChain, CrewAI, AutoGen, OpenAI Agents SDK, Google ADK, Semantic Kernel, Dify, n8n, and the broader ecosystem. - Governance and framework Automation: Build agents that continuously validate configurations, access policies, and data handling against regulatory and internal frameworks of the agents deployed by our investment teams. - Be the agentic security thought leader: Be the person the department looks to for what’s possible. Stay deeply current on the AI landscape — enterprise and open-source — and translate that knowledge into real capability. PILLAR 2 (50%) — Forward-Deployed AI Security Architect: Protect It Equally important — if not more important — you will embed directly with Bridgewater’s technology and investment teams as they build and deploy their own AI agents. You are the security expert who sits shoulder-to-shoulder with engineers and researchers, helping them ship agentic workflows that are secure by design. This is not a gate-keeping role. This is a partnership role where you bring deep architectural expertise to the teams building the future of the firm. - Deep Architecture & Sandboxing: Design secure deployment architectures for AI agents across the firm. Define sandboxing strategies, execution boundaries, network isolation, and blast-radius controls that let teams move fast without exposing the organization to unacceptable risk. - Identity & Authorization for Agents: Architect identity strategies for a world where agents act on behalf of humans. Define how agents authenticate, what permissions they hold, how credentials are scoped and rotated, and how to enforce least-privilege across multi-agent systems and MCP server integrations. - AI Supply Chain Security: Own the security posture of the AI supply chain end to end. Evaluate the security of agent frameworks, MCP servers, skills/plugins, model providers, embedding pipelines, vector databases, and every dependency in between. Understand the attack surface of tools like LangGraph, LangFlow, Dify, n8n, Open Interpreter, Claude Code, Cursor, and similar agentic development environments. - Prompt Injection & Model Manipulation Defense: Be the firm’s leading expert on prompt injection, jailbreaking, data poisoning, indirect injection via tool outputs, and agent manipulation attacks. Design and deploy runtime defenses using tools like NeMo Guardrails, LlamaFirewall, LLM Guard, OpenGuardrails, Guardrails AI, and custom detection layers. - Runtime Safety & Governance: Build monitoring, kill switches, escalation triggers, and anomaly detection for AI agents in production. Design human-in-the-loop checkpoints calibrated to risk tolerance and action severity. Implement policy-as-code that governs agent behavior, tool access, data exposure, and output validation. - Secure Agent-to-Agent Communication: Architect trust boundaries and communication protocols for multi-agent systems — ensuring orchestration, tool use, and data sharing follow least-privilege principles and are resilient to injection and manipulation. - Security Reviews & Red Teaming: Conduct deep-dive security architecture reviews of agentic systems before they go to production. Red-team LLM integrations and agent workflows to find weaknesses before adversaries do. What We Expect You need to have a deep understanding and pulse of the AI market — both enterprise and open-source. This space moves weekly. We need someone who’s already in it, not someone planning to catch up. We expect this person to be fluent across the full AI stack. Not at a surface level — at the level of someone who has built with these tools, broken them, and understands their security implications from the inside. This includes: AI Foundations & Model Layer - LLM APIs and SDKs (OpenAI, Anthropic, Google Vertex AI, Azure OpenAI, Bedrock, Mistral, Cohere) — authentication, token management, rate limiting, data handling, and model routing. - Retrieval-Augmented Generation (RAG) pipelines end to end: embedding models, chunking strategies, vector databases (Pinecone, Weaviate, Chroma, pgvector, Qdrant), retrieval patterns, and the security implications of each. - Fine-tuning, prompt engineering, and system prompt design — and how each creates or mitigates attack surface. Agent Frameworks & Orchestration - Deep, hands-on experience with modern agent frameworks: LangGraph, LangChain, CrewAI, AutoGen, OpenAI Agents SDK, Google ADK, Semantic Kernel, Pydantic AI, Strands Agents, LlamaIndex, and Agno. - Visual and low-code agent platforms: Dify, LangFlow, Flowise, n8n (AI Agent nodes), and their security tradeoffs. - Agentic coding tools and environments: Claude Code, Cursor, Windsurf, Open Interpreter, Aider, and similar — understanding how these tools interact with codebases, filesystems, and APIs, and the risks they introduce. - Model Context Protocol (MCP): Deep understanding of MCP server architecture, tool registration, trust boundaries, and the emerging attack surface around MCP-based integrations. AI Security Tooling & Defense - Runtime guardrail frameworks: NVIDIA NeMo Guardrails, Meta LlamaFirewall, LLM Guard, OpenGuardrails, Guardrails AI, Rebuff, and custom detection pipelines. - AI-specific attack vectors: prompt injection (direct and indirect), jailbreaking, data exfiltration via tool use, agent goal hijacking, training data poisoning, model inversion, and supply chain attacks on model weights and plugins. - AI governance and compliance standards: OWASP Top 10 for LLMs, NIST AI RMF, EU AI Act, ISO 42001 — and practical implementation of these frameworks. - AI red-teaming tools and methodologies for testing agents, models, and end-to-end agentic workflows in adversarial conditions. Minimum Qualifications - 10+ years of experience in software engineering, security engineering or application security with demonstrated impact at a senior or staff level. - 3+ years of hands-on experience building, deploying, or securing AI/ML systems, including LLM-based applications and agentic workflows. - Proven track record of building production-grade AI agents or agent-powered tools — not just evaluating or advising on them. - Deep, current knowledge of the AI agent ecosystem across enterprise and open-source: frameworks, orchestration tools, model providers, RAG infrastructure, and developer tooling. - Demonstrated expertise in AI-specific security threats, including prompt injection defense, agent sandboxing, identity for autonomous systems, and supply chain security for AI toolchains. - Experience securing cloud-native applications and infrastructure (AWS, Azure, or GCP) with strong understanding of identity, networking, and data protection. - Expert in Python and/or TypeScript with the ability to build production-grade security tooling, agents, and automation. - Proven ability to work as an embedded partner with engineering and research teams — influencing through expertise and trust, not mandates. - Exceptional communication skills: able to translate complex AI security concepts into clear, actionable guidance for engineers, researchers, and leadership. - Strong judgment in balancing security risk, business velocity, and the realities of a fast-moving AI landscape. Preferred Qualifications - Contributions to open-source AI security projects or frameworks. - Background in financial services or other highly regulated industries. - Experience red-teaming LLMs and agentic systems in adversarial settings. - Familiarity with AI observability and tracing tools (LangSmith, Langfuse, Helicone, Arize) for monitoring agent behavior in production. Physical Requirements This role is offered as hybrid with options to work out of our NYC or CT offices. Compensation The wage range for this role is $450,000 - $600,000 inclusive of base salary and discretionary target bonus. The expected base salary for this role is between 65 - 75% of this wage range. Why Choose Bridgewater? It takes all types to make Bridgewater great. We seek a diverse group of innovative thinkers and push them to engage in rigorous and thoughtful inquiry. We develop people through an honest examination of their abilities and performance, enabling personal growth and professional development. We strive to provide you opportunities that will challenge you and unlock your potential. One of our core priorities at Bridgewater is to enable our employees to build a great life and career, and we believe our benefits are an important extension of that philosophy. As such, currently Bridgewater offers a competitive suite of benefits. Explore more information about Bridgewater’s benefits on our website here. Bridgewater reserves the right to change its current benefits program at any time, in a manner that is consistent with applicable federal and state regulations. This job description is not a contract and confers no contractual rights, privileges, or benefits on any applicant or potential applicant. Bridgewater has the right to change any and all terms of this job description, including, but not limited to, job responsibilities, qualifications and benefits. Nothing in this job description constitutes an offer or guarantee of employment. Please note that we do not provide immigration sponsorship for this position. Bridgewater Associates, LP is an Equal Opportunity Employer

As Lead Cyber Sec Architect/Eng here at Honeywell, you will be responsible for leading the design and implementation of cutting-edge cybersecurity solutions. You will be hands-on in fortifying defenses against emerging threats and acting as the subject matter expert for cybersecurity challenges. You will collaborate with cross-functional teams, stay informed about emerging technologies, and foster a culture of continuous improvement. You will report directly to our Honeywell Global Security Compliance team, and you'll qualify to work remotely on a standard, but flexible work schedule. In this role, you will impact the safety and integrity of systems that power the modern world. Honeywell helps organizations solve the world's most complex challenges in automation, the future of aviation and energy transition. As a trusted partner, we provide actionable solutions and innovation through our Aerospace Technologies, Building Automation, Energy and Sustainability Solutions, and Industrial Automation business segments – powered by our Honeywell Forge software – that help make the world smarter, safer and more sustainable.

Our story At Alight, we believe a company’s success starts with its people. At our core, we Champion People, help our colleagues Grow with Purpose and true to our name we encourage colleagues to “Be Alight.” We are passionate about connecting purpose with impact. Alight empowers clients to build a healthier and more financially secure workforce by unifying the benefits ecosystem across health, wealth, wellbeing, navigation, and absence management. Our Benefits With a comprehensive total rewards package, Alight offers programs and plans that support your mind, body, wallet, and life. Benefits include health, dental and vision coverages starting Day One. Additionally, Alight colleagues enjoy wellbeing programs, retirement plans with contribution matching, generous time off, parental leave, continuing education, and career growth opportunities – all within a thriving global organization. Flexible Working So that you can be your best at work and home, we consider flexible working arrangements wherever possible. Alight has been a leader in the flexible workspace and “Top 100 Company for Remote Jobs” 6 years in a row. Great Place to Work Thanks to the work of every colleague, Alight has received multiple awards of recognition including “Great Place to Work” for the past 7 years and Fortune’s “Best Companies to Work For.” To learn more about our company culture and awards Click Here. If you, Champion People, seek to Grow with Purpose, and embody the meaning of Be Alight – We invite you to join our team! Learn more at careers.alight.com. The Role The AI Enablement & Governance – Security & Controls Lead enables secure, responsible, and scalable AI adoption by defining, implementing, and evaluating AI‑specific security and risk controls across the AI lifecycle. This role serves as a bridge between AI engineering, information security, privacy, and third‑party risk teams, ensuring that incremental AI risks introduced by models, training data, RAG architectures, and autonomous or semi‑autonomous agents are appropriately controlled by design. The role partners closely with AI Engineering, Third‑Party Supplier Governance, Information Security, Privacy, and Risk teams to identify AI‑specific control gaps, define practical control requirements, support secure implementation, and evaluate effectiveness. The focus is on AI‑specific security concerns—not replacing existing security programs, but extending them thoughtfully for AI. Responsibilities AI Security, Policy, Standards & Guidance - Partnering directly with AI Engineers & Developers, Information Security and governance teams to define AI-specific security and risk management standards covering AI/ML models, RAG solutions, and agentic architectures. - Translating enterprise security principles and risk frameworks into AI‑appropriate guidance, addressing topics such as, model access control and abuse prevention, prompt and context security, data leakage, memorization, and inference risks, agent autonomy boundaries and safeguards - Define AI runtime monitoring and incident response expectations, aligned to (and extending as needed) existing incident response playbooks. - Ensuring AI security guidance remains aligned with evolving technology patterns, external expectations, and internal architectures, and external expectations (e.g. NIST AI RMF/CSF, NYDFS AI Cybersecurity, ISO/IEC 42001) - Contributing to the broader AI policy hierarchy by ensuring security requirements are clearly mapped to AI governance policies, controls and standards. Third‑Party AI & Model Risk Support - Partnering with third‑party risk and supplier governance teams to Identify AI‑specific risks introduced by vendors, models, platforms, and APIs. - Defining AI security control expectations for vendors and managed services - Supporting evaluation of vendor AI security posture, including training data handling, model protections, monitoring, and incident response capabilities. - Contributing AI‑specific input to due diligence, onboarding, and ongoing vendor risk assessments. Cross‑Functional Enablement & Advisory Support - Acting as a trusted advisor to AI engineering, product, privacy, and security teams on how to safely design and deploy AI systems. - Providing practical guidance that balances security rigor with business velocity. - Helping teams understand what “secure by design” means for AI, without imposing unnecessary friction. Requirements - 5+ years of relevant experience (or equivalent expertise) in information security, technology risk, AI governance, model risk management, privacy engineering, or related roles. - Strong understanding of AI architectures, Machine learning pipelines, Retrieval‑augmented generation (RAG), Agentic and tool‑using AI patterns - Demonstrated ability to translate technical AI and security concepts into clear control expectations and guidance. - Experience working cross‑functionally with engineering, security, privacy, and risk teams. - Practical, risk‑based mindset with strong judgment and attention to detail. - Excellent written communication skills; ability to create clear, defensible documentation. - Relevant certifications preferred (e.g., AAISM, CISSP, CISM, CRISC, AIGP, cloud security certifications). - Bachelor’s degree in Computer Science, Engineering, or related field, or equivalent practical experience Application and Interview By applying for a position with Alight, you understand that, should you be made an offer, it will be contingent on your undergoing and successfully completing a background check consistent with Alight’s employment policies. Background checks may include some or all the following based on the nature of the position: SSN/SIN validation, education verification, employment verification, and criminal check, search against global sanctions and government watch lists, credit check, and/or drug test. You will be notified during the hiring process which checks are required by the position. Alight requires all virtual interviews to be conducted on video. Our commitment to Inclusion We celebrate differences and believe in fostering an environment where everyone feels valued, respected, and supported. We know that diverse teams are stronger, more innovative, and more successful. At Alight, we welcome and embrace all individuals, regardless of their background, and are dedicated to creating a culture that enables every employee to thrive. Join us in building a brighter, more inclusive future. As part of this commitment, Alight will ensure that persons with disabilities are provided reasonable accommodations for the hiring process. If reasonable accommodation is needed, please contact alightcareers@alight.com. Equal Opportunity Policy Statement Alight is an Equal Employment Opportunity employer and does not discriminate against anyone based on sex, race, color, religion, creed, national origin, ancestry, age, physical or mental disability, medical condition, pregnancy, marital or domestic partner status, citizenship, military or veteran status, sexual orientation, gender, gender identity or expression, genetic information, or any other legally protected characteristics or conduct covered by federal, state, or local law. In addition, we take affirmative action to employ disabled persons, disabled veterans, and other covered veterans. Alight provides reasonable accommodations to the known limitations of otherwise qualified employees and applicants for employment with disabilities and sincerely held religious beliefs, practices and observances, unless doing so would result in undue hardship. Applicants for employment may request reasonable accommodations/modifications by contacting their recruiter. Authorization to work in the Employing Country Applicants for employment in the country in which they are applying (Employing Country) must have work authorization that does not, now or in the future, require sponsorship of a visa for employment authorization in the Employing Country and with Alight. Note, this job description does not restrict management's right to assign or reassign duties and responsibilities of this job to other entities; including but not limited to subsidiaries, partners, or purchasers of Alight business units. #LI-Remote We offer you a competitive total rewards package, continuing education & training, and tremendous potential with a growing worldwide organization. Salary Pay Range Minimum : 140,000.00 USDMaximum : 180,000.00 USD Pay Transparency Statement: Alight considers a variety of factors in determining whether to extend an offer of employment and in setting the appropriate compensation level, including, but not limited to, a candidate’s experience, education, certification/credentials, market data, internal equity, and geography. Alight makes these decisions on an individualized, non-discriminatory basis. Bonus and/or incentive eligibility are determined by role and level. Alight also offers a comprehensive benefits package; for specific details on our benefits package, please visit: Wellbeing and Benefits Selector Page - Alight DISCLAIMER: Nothing in this job description restricts management's right to assign or reassign duties and responsibilities of this job to other entities; including but not limited to subsidiaries, partners, or purchasers of Alight business units. Alight Solutions provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, pregnancy, childbirth or related medical condition, veteran, marital, parental, citizenship, or domestic partner status, or any other status protected by applicable national, federal, state or local law. Alight Solutions is committed to a diverse workforce and is an affirmative action employer.

• Review existing vulnerability data from scans • Establish and maintain a centralized vulnerability baseline • Coordinate remediation efforts with stakeholders • Generate regular status reports on vulnerability status