How would you design and secure a RESTful API endpoint when handling sensitive client data for Kforce technology engagements?