company_logo

Full Time Job

AI & Digital Workplace Engineer

WME

Los Angeles, CA 05-01-2026
Apply @ Employer
  • Paid
  • Full Time
  • Senior (5-10 years) Experience
Job Description
Position Summary

The AI and Digital Workplace Engineer is the senior technical owner of WME's AI-enabled productivity and collaboration experience - and the deep hands-on engineer behind the identity, endpoint, and Microsoft 365 platform that experience runs on. The role selects, deploys, integrates, and continuously improves the AI tools and capabilities embedded in the digital workplace, while engineering and operating the underlying Entra ID, endpoint, and M365 services to an operational-excellence standard. It is the senior technical voice on AI tooling for the IT organization and the broader business, and the engineering lead for IT's own use of AI to automate, augment, and improve service delivery.

Read the role as two layers. The foundation is senior digital workplace engineering: identity (Entra ID, conditional access, SSO/SAML/OIDC, hybrid identity, PIM, B2B), endpoint management (Intune and Jamf), M365 service engineering (Exchange Online, Teams, SharePoint, OneDrive), and the ITIL/ITSM discipline that keeps those services reliable. The differentiating scope is AI: the engineer is accountable for ensuring AI tools are well-chosen, well-integrated, well-governed, and well-adopted. A credible candidate is strong on the foundation and demonstrably advanced on the AI scope.

This role is the operational expression of an AI-first IT culture built on a reliable digital workplace. It partners with the cybersecurity governance function on AI risk and policy, with the workforce AI adoption and enablement program on AI literacy and adoption, and with end users across the business on AI experience and capability.

Scope & Boundaries

This role's scope is fenced explicitly to prevent overlap with adjacent roles operating on the same problem space:
• In scope (foundation): engineering and operation of the digital workplace platform - Entra ID and identity lifecycle, conditional access, endpoint management (Intune and Jamf), and M365 service engineering and troubleshooting (Exchange Online, Teams, SharePoint, OneDrive); incident, problem, and change management for the digital workplace; ITSM platform administration; and continual service improvement.
• In scope (AI): engineering of AI capabilities in the digital workplace stack; technical implementation of AI Acceptable Use policy controls; technical AI tool inventory and shadow-AI detection; AI-driven automation for IT itself; reference patterns, prompt libraries, and Architectural Decision Records for AI engineering; technical coaching and the engineering community of practice for AI.
• Coordinated with the workforce AI adoption and enablement program: this role is the technical builder - it designs and integrates the AI tools; the adoption program owns workforce AI literacy, change management, and business-facing adoption. The two coordinate on major AI rollouts, with technical decisions resting with this role.
• Coordinated with the cybersecurity governance and IT compliance functions: this role implements technical controls that operationalize AI risk policy and produces the technical AI tool inventory that underpins audit evidence. The governance function owns AI policy and broader audit posture; the compliance function owns evidence integrity. Engineering technical decisions that touch AI risk are made in consultation with the governance function.
• Coordinated with infrastructure, regional, and service-desk peers: this role sets digital workplace and AI engineering patterns; regional engineers and the service desk apply them. Server, network, and telecom infrastructure remain with the infrastructure and enterprise services function. Where boundaries blur on application deployment or endpoint features, senior IT leadership adjudicates.
• Out of scope: workforce-facing AI literacy curriculum design and delivery (owned by the workforce AI adoption and enablement program); model fine-tuning and bespoke ML model development (this role evaluates and integrates rather than trains); broader cybersecurity policy authorship (the cybersecurity governance / GRC function); audit evidence integrity ownership (the IT compliance function); server, network, and telecom infrastructure engineering; HR-side competency frameworks and corporate L&D.

Key Responsibilities

1. Digital Workplace Platform Engineering - Identity, Endpoint & M365
• Engineer and operate Microsoft Entra ID: conditional access, group and identity governance, SSO / SAML / OIDC integrations, hybrid identity (Entra Connect), Privileged Identity Management (PIM), and B2B / guest access governance.
• Own identity lifecycle automation (Joiner / Mover / Leaver) and access governance across the global workforce.
• Own endpoint management across Windows (Intune) and macOS (Jamf or equivalent MDM): policy, compliance, provisioning, and device performance.
• Resolve complex M365 service issues across Exchange Online, Teams, SharePoint, and OneDrive that affect day-to-day productivity.
• Design, implement, and optimize digital workplace services to be scalable, reliable, secure, and compliant; use service-health metrics to remove bottlenecks and improve resilience and scalability.
• Review and influence technical designs to meet performance standards, security requirements, and engineering best practice.

2. Operational Excellence, Service Management & Continual Improvement
• Lead complex incident response and blameless post-mortems; implement corrective actions that prevent recurrence.
• Apply structured problem management - root-cause analysis, documented findings, and durable fixes over workarounds.
• Drive Continual Service Improvement using ticket trends and service data to identify, implement, and measure improvements.
• Build and maintain a knowledge base of known issues, runbooks, and resolution steps to reduce reliance on tribal knowledge and lower escalation volume into the service desk.
• Lead or contribute to the evaluation, implementation, and ongoing administration of the enterprise ITSM platform (Cherwell).
• Apply NIST CSF 2.0 functions to assess risk, inform service-design decisions, and communicate risk posture in a common language with cybersecurity and senior leadership.
• Champion automation, monitoring, and standardized engineering practices across the digital workplace.

3. AI-Enabled Digital Workplace Engineering & Practice Foundation
• Lead the engineering of AI capabilities embedded in productivity and collaboration platforms (Microsoft 365 Copilot and equivalents, third-party AI assistants, custom AI integrations).
• Configure, integrate, and govern AI features across the digital workplace stack, balancing capability with security, privacy, and licensing constraints.
• Build and maintain AI-driven workflows that automate or augment routine knowledge work across the enterprise.
• Serve as the principal AI engineering authority for Enterprise IT - set AI tooling architecture, integration patterns, and operational standards for the broader IT organization.
• Develop and maintain reusable AI capabilities - prompt libraries, AI-integrated workflows, reference patterns - and continuously evaluate the AI tooling landscape, recommending additions, replacements, or sunsets.
• Author Architectural Decision Records (ADRs) for significant AI engineering decisions, preserving rationale, alternatives, and trade-offs for future engineering and audit review.

4. IT Automation & Internal AI Adoption
• Design and build AI-driven automation for IT itself - service desk augmentation, log analysis assistance, documentation generation, knowledge retrieval, and routine task automation.
• Lead the technical aspects of IT's ''AI-first'' adoption - making sure IT staff have, use, and benefit from AI tools in their daily work.
• Build and maintain shared AI capabilities, prompts, and workflows the IT team can leverage.
• Measure and report on AI adoption and impact across the IT organization, in partnership with the workforce AI adoption and enablement program.
• Operate technical telemetry that informs the broader AI adoption scorecard reported to IT leadership.

5. AI Governance, Security & Compliance Partnership
• Partner with the cybersecurity governance / GRC and IT compliance functions to operationalize AI usage policy - data handling, model selection, access controls, and acceptable use - at the platform engineering layer.
• Implement and maintain technical controls that enforce AI policy at the digital workplace platform layer: tenant configuration, conditional access, data loss prevention, sensitivity labeling, and AI feature gating.
• Maintain a living technical inventory of AI tools in use across the enterprise (sanctioned, conditionally permitted, prohibited) including data flows, integration surfaces, and applied controls. This inventory is the technical foundation that underpins the enterprise's EU AI Act Article 4 literacy evidence.
• Operate technical detection and remediation for shadow-AI usage in coordination with GRC; surface adoption patterns and risks so curriculum and policy stay in step with reality.
• Ensure AI integrations meet security, privacy, and licensing requirements; flag risks early in the integration design phase rather than at deployment.
• Track and absorb adjacent regulatory and framework developments - NIST AI Risk Management Framework, ISO/IEC 42001, US state-level AI mandates - that affect technical implementation choices.

6. AI Fluency & Enablement Across IT
• Provide hands-on technical coaching to IT staff on applying AI to their specific engineering and operations work - prompt engineering, AI-assisted runbook authoring, AI-augmented troubleshooting, agentic patterns where appropriate.
• Maintain a community of practice around AI usage in IT - sharing patterns, learnings, and pitfalls. It is the technical complement to the business-facing workforce AI adoption effort; the two run parallel and reinforce each other.
• Serve as the go-to engineering resource for AI questions across the IT organization - the technical authority the rest of IT calls when an AI-related design decision needs an expert opinion.
• Author and maintain technical reference material, playbooks, and ADRs that document AI engineering decisions and patterns for reuse across the team.
• Coordinate with the workforce AI adoption and enablement program on the boundary between technical fluency (this role) and broader workforce literacy; avoid duplicating effort while reinforcing a unified IT learning experience.
• Demonstrated orientation toward operational excellence - repeatable engineering patterns, measurement-driven decision-making, audit-ready documentation as a byproduct of the work, and candid escalation of gaps. Prior experience operating within a structured governance framework (ITIL, ISO/IEC 38500, NIST AI RMF, or equivalent) is required.
• 7+ years of engineering experience in digital workplace, productivity platforms, or related domains, including deep hands-on experience across Microsoft 365, identity, and endpoints.
• Deep Microsoft 365 platform engineering: Exchange Online (mail flow, permissions, distribution lists, shared mailboxes); Teams, SharePoint, and OneDrive service engineering and troubleshooting; Power Platform.
• Microsoft Entra ID (Azure AD) engineering: conditional access, group management and identity governance, SSO / SAML / OIDC integrations, hybrid identity and Entra Connect, identity lifecycle automation (Joiner / Mover / Leaver), PIM, and B2B / guest access governance.
• Endpoint management across Windows (Intune) and macOS (Jamf or equivalent MDM): policy, compliance, provisioning, and performance.
• Proven ability to troubleshoot across the full stack - identity, devices, and applications.
• 2+ years of hands-on experience deploying, integrating, or building on top of enterprise AI capabilities (Microsoft 365 Copilot, conversational AI assistants, AI APIs, or equivalent).
• Automation against enterprise APIs (Microsoft Graph, Power Automate, integration platforms) and scripting experience (PowerShell, Python, or similar).
• Hands-on ITIL practice across incident, problem, change, and continual service improvement (ITIL certified or equivalent).
• Practical application of NIST CSF 2.0 to enterprise IT risk management, security best practices, and workplace technology governance.
• Hands-on experience configuring and administering an enterprise ITSM platform. WME's standard platform is Cherwell; ServiceNow, Jira Service Management, or comparable enterprise ITSM experience is accepted.
• Working knowledge of AI risk and governance practices sufficient to partner credibly with cybersecurity and compliance - data classification, model selection, access controls, acceptable use policy implementation.
• Experience managing vendor relationships and holding partners accountable to deliverables, SLAs, and contractual commitments.
• Strong written and verbal communication - able to translate technical risk, tradeoffs, and AI capability to business, IT, and senior-leadership audiences.
• Demonstrated experience using AI tooling in technical work - prompt engineering, AI-assisted documentation, AI-aided design or analysis; a track record of process improvement leveraging AI capability.

Preferred Qualifications
• Experience leading cross-department transformations and product-driven delivery models, including user-centered design and rapid prototyping.
• Strong testing and automation practices, including automated validation and monitoring.
• Experience operating across multiple global regions and time zones.
• Advanced SharePoint and OneDrive administration; Teams troubleshooting across chat, meetings, and voice.
• Familiarity with device lifecycle programs - refresh and asset management.
• Experience with prompt engineering, retrieval-augmented generation patterns, or AI agent frameworks.
• Practical familiarity with EU AI Act technical implications (Articles 4, 14), NIST AI RMF, or ISO/IEC 42001 - sufficient to translate compliance obligations into platform engineering decisions.
• Comfort operating within a structured IT governance and controls environment, with service-management and risk frameworks used as everyday working language.
• Relevant Microsoft certifications - e.g., MD-102 (Endpoint Administrator), MS-102 (M365 Administrator), SC-300 (Identity & Access Administrator), AI-102 / Azure AI.

Per local requirements and in the interest of transparency, the rate shown below reflects the prevalent current hiring range for this position. Hiring pay rates are based on a number of factors, including location and may vary depending on job-related qualifications, knowledge, skills and experience. The company strives to provide locally competitive rewards packages, which include base rate along with, as applicable, short- and long-term incentives, growth and developmental opportunities, and robust benefits, such as health care, retirement, vacation and other paid time off, and additional offerings.

Hiring Rate Minimum:
$146,250 annually (minimum will not fall below the applicable state/local minimum salary thresholds)

Hiring Rate Maximum:
$195,000 annually

WME is an equal opportunity employer and encourages applications from qualified and eligible candidates regardless of sex, race, disability, age, sexual orientation, or religion or belief.

Jobcode: Reference SBJ-k2eeq0-216-73-216-184-42 in your application.

Salary Details
Salary: $146,250 ($ USD)
Company Profile
WME

WME is the world's preeminent talent agency. With over 125 years of experience, WME enables artists, athletes and brands to grow their businesses, leverage the full potential of their intellectual property, and bring projects to life that define the cultural landscape. WME's expertise spans books, comedy, digital media, fashion, film, food, licensing, music, sports, television, theater, and more.