Senior Application Security Engineer

YOUR MISSION 

As a Senior Application Security Engineer, you will be at the forefront of safeguarding our mission control software and satellite flight software. Your expertise will be pivotal in contributing to the advancement of secure, sustainable space operations and shifting left our security posture. If you enjoy pioneering solutions to novel security challenges, this mission is for you. 

RESPONSIBILITIES 

• Identify, assess, and mitigate security risks in software products, ensuring robust security measures are in place. 
• Drive continual improvements in the quality and automation of vulnerability adjudication and remediation processes. 
• Stay current with the latest security vulnerabilities and mitigation techniques and contribute to True Anomaly's security automation roadmap. 
• Perform comprehensive security code reviews to identify potential vulnerabilities and provide actionable remediation suggestions. 
• Evaluate and integrate third-party security solutions to enhance overall security posture. 
• Collaborate closely with developers to address, resolve, and learn from security vulnerabilities, fostering a culture of security excellence. 
• Develop and implement defense-in-depth practices that alight with Zero Trust Architecture principles. 

QUALIFICATIONS 

• 5+ years of experience in product or application security. 
• Proficiency in exploiting common attack patterns and exploitation techniques on software applications, coupled with strong knowledge of threat modeling, OWASP Top 10, and secure architecture reviews. 
• Hands-on experience with web application security testing tools such as Burp Suite, open-source scanners, and/or vendor products. 
• Solid understanding or experience working in containerized environments and familiarity with GitOps flow. 
• Proven ability to work independently with minimal supervision, manage complex tasks, and prioritize multiple tasks based on strategic goals. 
• Demonstrated passion for technology, a desire to build security tooling from the ground up, and the ability to tackle complex problems creatively. 
• Strong engineering background and programming experience (Python, Golang, Rust, C++, etc.).
• U.S. Citizen and eligible for DoD Secret or TS/SCI clearance.

PREFERRED SKILLS AND EXPERIENCE 

• Experience with cloud platforms such as Azure, AWS, or Google Cloud. 
• Previous experience in startups or the defense and aerospace industry. 
• Familiarity with developer security and security operations practices and tools. 
• Experience with NIST 800-53, Department of War Impact Levels or Secure Technical Implementation Guides. 
• Ability to maintain or obtain TS/SCI clearance.

COMPENSATION  

• California Base Salary: $160,000-$225,000
• Colorado Base Salary: $155,000-$215,000
• Washington D.C. Base Salary: $160,000-$225,000
• Remote: Compensation for remote employees will vary based on location and local market data.
  
• Equity + Benefits including Health, Dental, Vision, HRA/HSA options, PTO and paid holidays, 401K, Parental Leave 

Your actual level and base salary will be determined on a case-by-case basis and may vary based on the following considerations: job-related knowledge and skills, education and experience. 

ADDITIONAL REQUIREMENTS 

• Work Location: Ideally, candidates will be based near Denver, Colorado Springs, Long Beach, or Washington, D.C., as some work requires on-site collaboration. Remote candidates will also be considered but should anticipate occasional travel for in-person work.
• Work environment is in a standard office, working at a desk or in a production factory. 
• Physical demands may include frequent standing, sitting, walking, bending, and lifting or carrying items up to 20lbs. 

This position will be open until it is successfully filled. To submit your application, please follow the directions below. #LI-Hybrid