Engineering Manager, Application Security

A new space race has begun. True Anomaly seeks those with the talent and ambition to build innovative technology that solves the next generation of engineering, manufacturing, and operational challenges for space security and sustainability.

OUR MISSION

The peaceful use of space is essential for continued prosperity on Earth—from communications and finance to navigation and logistics. True Anomaly builds innovative technology at the intersection of spacecraft, software, and AI to enhance the capabilities of the U.S., its allies, and commercial partners. We safeguard global security by ensuring space access and sustainability for all.

OUR VALUES

• Be the offset. We create asymmetric advantages with creativity and ingenuity
• What would it take? We challenge assumptions to deliver ambitious results
• It’s the people. Our team is our competitive advantage and we are better together

YOUR MISSION

As the Application Security Engineering Manager, you will build and lead True Anomaly's application security team, focusing on securing the most critical software in our portfolio—flight software that operates on-orbit and command and control (C2) systems that enable mission success. This is a unique opportunity to shape the future of application security for national security space systems, building a team from the ground up while establishing the processes, tools, and culture that will secure our spacecraft and ground operations. 

In this role, you will have significant autonomy to recruit and develop a world-class application security team over the coming year. You will define application security strategy, integrate security throughout the software development lifecycle, and create the foundation for a security program that meets the unique demands of flight-critical and mission-critical systems operating in contested environments. 

This is an ideal role for a technical leader who thrives on building teams, wants to leave their mark on cutting-edge space technology, and is energized by the opportunity to solve challenging security problems at the intersection of embedded systems, real-time software, and cloud-based command and control. 

This position requires a minimum Secret clearance with strong preference for active TS/SCI clearance or the ability to obtain and maintain TS/SCI. 

RESPONSIBILITIES

• Build, lead, and mentor an application security engineering team scaling to 10+ engineers over the next year, fostering a culture of technical excellence, collaboration, and mission focus 
• Define and execute application security strategy for flight software (FSW), ground command and control systems, mission planning applications, and supporting cloud infrastructure 
• Integrate security throughout the software development lifecycle (SDLC) for safety-critical embedded systems and distributed C2 applications, balancing security requirements with real-time performance and operational constraints 
• Establish and mature secure development practices including threat modeling, secure code review, static/dynamic analysis (SAST/DAST), software composition analysis (SCA), and security testing for both flight and ground software 
• Lead application security assessments and penetration testing efforts for spacecraft flight software, telemetry and command systems, and ground-based mission applications 
• Partner with spacecraft software engineers, ground systems developers, DevSecOps, and mission operations teams to embed security expertise across the engineering organization 
• Develop and enforce security standards, coding guidelines, and architectural patterns appropriate for resource-constrained embedded systems and high-assurance C2 applications 
• Drive remediation of security vulnerabilities and work with engineering leadership to prioritize security initiatives alongside feature development and mission timelines 
• Support compliance requirements including NIST 800-53, CMMC, FedRAMP, and other federal security frameworks applicable to national security space systems 
• Communicate application security posture, risks, and strategic initiatives to technical teams, engineering leadership, and executive stakeholders 

QUALIFICATIONS

• 8+ years of hands-on experience in application security, secure software development, or related security engineering roles 
• 3+ years of people management experience, including hiring, coaching, performance management, and team development 
• Minimum Secret clearance required; active TS/SCI clearance strongly preferred 
• Proven experience building or significantly scaling application security programs and teams 
• Deep expertise in secure software development practices across multiple programming languages (C, C++, Rust, Python, Go, or similar) 
• Strong understanding of embedded systems security, real-time operating systems (RTOS), and resource-constrained environments 
• Experience with application security testing tools and methodologies including SAST, DAST, SCA, fuzzing, and penetration testing 
• Strong knowledge of common vulnerability classes (OWASP Top 10, CWE Top 25) and secure coding practices 
• Understanding of software supply chain security, dependency management, and build pipeline security 
• Familiarity with cloud application security in AWS, GCP, or Azure environments 
• Excellent leadership, communication, and stakeholder management skills 
• This position requires a minimum Secret clearance 

PREFERRED SKILLS AND EXPERIENCE

• Active TS/SCI security clearance 
• Experience securing flight software, spacecraft systems, autonomous vehicles, or other safety-critical embedded platforms 
• Background in aerospace, defense, or national security software development 
• Familiarity with space system architectures including satellite operations, ground segments, and telemetry/command protocols 
• Experience with CMMC, FedRAMP, NIST 800-53, or RMF processes for DoD/IC systems 
• Experience with containerization security (Docker, Kubernetes) and Infrastructure-as-Code security 
• Understanding of cryptographic implementations and secure communications protocols 
• Relevant certifications such as CISSP, CSSLP, GWAPT, OSCP, or similar 
• Experience participating in or leading red team/purple team exercises 
• Prior experience in fast-paced startup or high-growth environments 

WORK ENVIRONMENT 

• Fast-paced, mission-critical environment supporting national security space operations where security decisions directly impact spacecraft and mission success 
• Requires building collaborative relationships across distributed engineering teams including flight software, ground systems, and mission operations 
• High degree of autonomy and ownership as the founding application security leader with direct impact on security strategy 
• Direct access to engineering and executive leadership with opportunity to shape both technical and organizational direction 
• May require occasional travel to government sites, integration facilities, or partner locations 
• Must be comfortable balancing team leadership responsibilities with hands-on technical contributions during team growth phase 

COMPENSATION

• Colorado Base Salary: $175,000-$240,000
• California Base Salary: $180,000-$255,000
• Equity + Benefits including Health, Dental, Vision, HRA/HSA options, PTO and paid holidays, 401K, Parental Leave 

Your actual level and base salary will be determined on a case-by-case basis and may vary based on the following considerations: job-related knowledge and skills, education, location, and experience. 

ADDITIONAL REQUIREMENTS

• Work Location—this role is fully onsite at either our Centennial, CO or Long Beach, CA locations with ~10-15% travel to other sites as needed.
• Work environment—the work environment; temperature, noise level, inside or outside, or other factors that will affect the person's working conditions while performing the job.
• Physical demands—the physical demands of the job, including bending, sitting, lifting and driving.

This position will be open until it is successfully filled. To submit your application, please follow the directions below. #LI-Onsite

To conform to U.S. Government space technology export regulations, including the International Traffic in Arms Regulations (ITAR) you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State.

True Anomaly is committed to equal employment opportunity on any basis protected by applicable state and federal laws. If you have a disability or additional need that requires accommodation, please do not hesitate to let us.