A new space race has begun. True Anomaly seeks those with the talent and ambition to build innovative technology that solves the next generation of engineering, manufacturing, and operational challenges for space security and sustainability.
OUR MISSION
The peaceful use of space is essential for continued prosperity on Earth—from communications and finance to navigation and logistics. True Anomaly builds innovative technology at the intersection of spacecraft, software, and AI to enhance the capabilities of the U.S., its allies, and commercial partners. We safeguard global security by ensuring space access and sustainability for all.
OUR VALUES
- Be the offset. We create asymmetric advantages with creativity and ingenuity
- What would it take? We challenge assumptions to deliver ambitious results
- It’s the people. Our team is our competitive advantage and we are better together
YOUR MISSION
As an Application Security Engineer II, you will play a critical role in ensuring the security and compliance of our software products with FedRAMP High, NIST controls, and future Department of Defense IL5+ requirements. You will leverage your expertise to enhance our security posture and support our mission of maintaining secure and sustainable operations in space.
RESPONSIBILITIES
- Identify, assess, and mitigate security risks in software products, ensuring robust security measures are in place.
- Drive continual improvements in the quality and automation of vulnerability adjudication and remediation processes.
- Stay current with the latest security vulnerabilities and mitigation techniques and contribute to True Anomaly's security automation roadmap.
- Perform comprehensive security code reviews to identify potential vulnerabilities and provide actionable remediation suggestions.
- Evaluate and integrate third-party security solutions to enhance overall security posture.
- Implement NIST controls, FedRAMP High controls, and Security Technical Implementation Guides (STIGs) across applications.
- Collaborate closely with developers to address and resolve security vulnerabilities, fostering a culture of security excellence.
QUALIFICATIONS
- 5+ years of experience in product or application security.
- Proficiency in exploiting common attack patterns and exploitation techniques on web applications, coupled with strong knowledge of threat modeling, OWASP Top 10, and secure architecture reviews.
- Hands-on experience with web application security testing tools such as Burp Suite, open-source scanners, and/or vendor products.
- Solid understanding or experience working in containerized environments and familiarity with GitOps flow.
- Proven ability to work independently with minimal supervision, manage complex tasks, and prioritize multiple tasks based on strategic goals.
- Demonstrated passion for technology, a desire to build security tooling from the ground up, and the ability to tackle complex problems creatively.
PREFERRED SKILLS AND EXPERIENCE
- Experience with cloud platforms such as Azure, AWS, or Google Cloud.
- Proficiency in programming languages such as Python, Elixir, or Go.
- Previous experience in the defense or aerospace industry.
- Familiarity with developer security and security operations practices and tools.
- Eligibility to obtain and maintain an active U.S. Top Secret clearance.
COMPENSATION
- California Base Salary: $145,000-$195,000
- Colorado Base Salary: $125,000-$170,000
- Washington D.C. Base Salary: $130,000-$175,000
- Equity + Benefits including Health, Dental, Vision, HRA/HSA options, PTO and paid holidays, 401K, Parental Leave
Your actual level and base salary will be determined on a case-by-case basis and may vary based on the following considerations: job-related knowledge and skills, education and experience.
ADDITIONAL REQUIREMENTS
- Ability to maintain or obtain TS//SCI clearance
- Work Location: this role will be fully onsite at our GravityWorks factory in Centennial, CO
- Work environment is in a standard office, working at a desk or in a production factory.
- Physical demands may include frequent standing, sitting, walking, bending, and lifting or carrying items up to 20lbs.
This position will be open until it is successfully filled. To submit your application, please follow the directions below. [#LI-Hybrid]
To conform to U.S. Government space technology export regulations, including the International Traffic in Arms Regulations (ITAR) you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State.
True Anomaly is committed to equal employment opportunity on any basis protected by applicable state and federal laws. If you have a disability or additional need that requires accommodation, please do not hesitate to let us.
Top Skills
True Anomaly Colorado Springs, Colorado, USA Office
Colorado Springs, CO, United States
True Anomaly Denver, Colorado, USA Office
Denver, Colorado, United States
Similar Jobs at True Anomaly
What you need to know about the Colorado Tech Scene
Key Facts About Colorado Tech
- Number of Tech Workers: 260,000; 8.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Lockheed Martin, Century Link, Comcast, BAE Systems, Level 3
- Key Industries: Software, artificial intelligence, aerospace, e-commerce, fintech, healthtech
- Funding Landscape: $4.9 billion in VC funding in 2024 (Pitchbook)
- Notable Investors: Access Venture Partners, Ridgeline Ventures, Techstars, Blackhorn Ventures
- Research Centers and Universities: Colorado School of Mines, University of Colorado Boulder, University of Denver, Colorado State University, Mesa Laboratory, Space Science Institute, National Center for Atmospheric Research, National Renewable Energy Laboratory, Gottlieb Institute
