Senior Application Security Engineer

As a Senior Application Security Engineer you will be instrumental in implementing and auditing security controls for mission-critical space systems that must meet stringent government compliance requirements. You will work at the intersection of security engineering compliance frameworks (NIST 800-171/800-53) and modern cloud-native architectures to ensure our satellite mission control software and flight systems meet Department of Defense security standards.

You will design and implement application-level security controls including comprehensive audit logging incident response capabilities access controls and security monitoring—all while working closely with product engineering teams to shift security to ensure optimal outcomes.

If you thrive in a fast-paced environment where you can build security controls from the ground up and see the direct impact of your work on national security space operations this mission is for you.

This position requires the ability to obtain and maintain a security clearance.

• Create security architecture documentation and operational security guides for government authorization processes
• Drive vulnerability management program with defined SLAs for remediation (30/90/180 days by severity)
• Perform security code reviews for Elixir Python C++ and JavaScript codebases
• Collaborate in the triage and management of security automations using SAST (CodeQL Semgrep) SCA (JFrog Xray) and DAST tools
• Collaborate with engineering teams to address security findings and implement secure coding practices
• Develop and deliver security training to software engineers and systems administrators across the organization
• Create and manage incident response playbooks specific to application security events
• Evaluate and integrate third-party security solutions to enhance overall security capabilities

• 5+ years of experience in application security product security or security engineering
• Hands-on experience implementing security controls for compliance frameworks such as NIST 800-171 NIST 800-53 FedRAMP or CMMC
• Strong software engineering skills with ability to write production-quality code in at least one language (Python Rust Elixir C++ or similar)
• Experience with cloud security (Azure preferred AWS or GCP acceptable)
• Solid understanding of secure architecture principles including:
• Threat modeling and risk assessment
• Authentication and authorization patterns (OAuth2 JWT RBAC ABAC)
• Cryptography and key management
• Defense-in-depth and Zero Trust principles
• Proven ability to work collaboratively with engineering teams to implement security controls without blocking velocity
• Eligible for DoD Secret or TS/SCI clearance

• Active TS/SCI clearance or ability to obtain and maintain a security clearance
• Direct experience with NIST 800-171 Rev 3 or NIST 800-53 implementation projects (gap analysis control implementation evidence collection)
• Experience with Department of Defense Impact Levels (IL2/IL4/IL5/IL6) or STIGs (Secure Technical Implementation Guides)
• Familiarity with Elixir/Erlang/Phoenix or other functional programming ecosystems (Scala Haskell F# OCaml)
• Experience with Azure Government Cloud or other FedRAMP-authorized cloud environments
• Experience using Ghommit tool
• Background in DevSecOps or Platform Security Engineering:
• GitOps workflows and CI/CD security
• Infrastructure as Code security (Terraform Bicep Pulumi)
• Kubernetes security (Pod Security Standards network policies service mesh)
• Experience with security incident response including detection engineering and SOAR integration
• Familiarity with aerospace defense or other highly regulated industries (finance healthcare critical infrastructure)
• Previous experience in startups or fast-paced environments with ability to build processes from scratch
  

COMPENSATION

• Base Salary:  Long Beach - $150000 to $205000 Denver - $145000 to $195000 SF Bay Area - $165000 to $225000

• Equity + Benefits including Health Dental Vision HRA/HSA options PTO and paid holidays 401K Parental Leave 

Your actual level and base salary will be determined on a case-by-case basis and may vary based on the following considerations: job-related knowledge and skills education location and experience. 

ADDITIONAL REQUIREMENTS

• Work Location—Successful candidates must be located near Denver SF Bay Area or Long Beach. While we observe a hybrid work environment significant work must be done on site. #LI-Onsite
• Work environment—the work environment; temperature noise level inside or outside or other factors that will affect the person's working conditions while performing the job.
• Physical demands—the physical demands of the job including bending sitting lifting and driving.

This position will be open until it is successfully filled. To submit your application please follow the directions below.

What We Do

Space was once the quietest place in the universe. Now it's crowded contested and confrontational.  We are True Anomaly: the only defense company focused exclusively on space defense. Founded in 2022 by ex-U.S. Space Force members True Anomaly designs and builds advanced systems for space superiority: agile and powerful spacecraft platforms mission software engineered for unmatched command and control and payloads tailored for precision sensing and effects.    True Anomaly is headquartered in Centennial CO with regional offices in Colorado Springs CO Long Beach CA and Washington D.C.  We are hiring and seeking exceptional talent to join True Anomaly from any technical industry or background to bring unique talents perspective and solutions. If you embrace complexity lead instead of follow showcase integrity over ego take ownership for outcomes and measure success by impact we want to hear from you.

Why Work With Us

True Anomaly exists to enable a secure stable and sustainable space environment for the US its allies and partners. We design and build spacecraft and software solutions for space superiority. If you are ready to contribute to the future of space defense we’d love to hear from you.

Gallery