Jobs › Principal Compliance Engineer
Principal Compliance Engineer
Space is a warfighting domain. True Anomaly seeks those with the talent and ambition to build the technology that secures it.
OUR MISSION
True Anomaly delivers decisive capabilities for space superiority. We build autonomous spacecraft, advanced payloads, mission software, and space-based interceptors — enabling the U.S. and its Allies to secure the space environment and counter threats from the ultimate high ground.
OUR VALUES
strong Be the offset. span We create asymmetric advantages with creativity and ingenuity.
strong What would it take? We challenge assumptions to deliver ambitious results.
strong It’s the people. Our team is our competitive advantage and we are better together.
YOUR MISSION
We are seeking an experienced Principal Compliance Engineer to lead the design and implementation of secure, compliant architectures within highly regulated cloud environments. This role requires deep expertise in STIG development, encryption standards, and vulnerability remediation, alongside a strong foundation in DevOps and SecOps practices, particularly within the AWS and Azure Government platform.
The ideal candidate brings at least 10 years of experience in security engineering or technical compliance and will work cross-functionally to align cloud infrastructure and operations with frameworks such as RMF (DoD IL5 and IL6), and CMMC. This is a hands-on technical role focused on enabling and sustaining system authorization through security automation, technical control implementation, and audit readiness.
strong RESPONSIBILITIES
strong span span (Web) Security and Compliance Engineering span 134233117:false, 134233118:false, 201341983:0, 335559738:0, 335559739:0, 335559740
span span (Web) Architect, implement, and span (Web) maintain span (Web) secure, audit-ready systems and services in span (Web) AWS and span (Web) Azure span (Web) Government environments. span 134233117:false, 134233118:false, 201341983:0, 335559738:0, 335559739:0, 335559740
span span (Web) Develop and span (Web) maintain span (Web) custom STIGs (Security Technical Implementation Guides) for cloud infrastructure, SaaS applications, and IaaS/PaaS configurations span (Web) and customer-deployed applicati span (Web) ons. span 134233117:false, 134233118:false, 201341983:0, 335559738:0, 335559739:0, 335559740
span span (Web) Design and enforce secure configurations using encryption standards such as FIPS 140-2/FIPS 140-3, TLS 1.2+, and data-at-rest protections for regulated data. span 134233117:false, 134233118:false, 201341983:0, 335559738:0, 335559739:0, 335559740
strong span span (Web) DevOps and SecOps Integration span 134233117:false, 134233118:false, 201341983:0, 335559738:0, 335559739:0, 335559740
span span (Web) Embed compliance and security checks into CI/CD pipelines, ensuring that infrastructure-as-code meets regulatory and organizational policies. span 134233117:false, 134233118:false, 201341983:0, 335559738:0, 335559739:0, 335559740
span span (Web) Integrate technical controls to support monitoring, logging, and alerting consistent with span (Web) RMF span (Web) and CMMC requirements. span 134233117:false, 134233118:false, 201341983:0, 335559738:0, 335559739:0, 335559740
span span (Web) Partner with span (Web) cyber span (Web) security operations teams to support incident response, log review, and system hardening efforts. span 134233117:false, 134233118:false, 201341983:0, 335559738:0, 335559739:0, 335559740
strong span span (Web) Vulnerability Management and Remediation span 134233117:false, 134233118:false, 201341983:0, 335559738:0, 335559739:0, 335559740
span span (Web) Lead the technical remediation of vulnerabilities span (Web) identified span (Web) through internal scans, third-party testing, or external audits. span 134233117:false, 134233118:false, 201341983:0, 335559738:0, 335559739:0, 335559740
span span (Web) Work with engineering and DevOps teams to drive secure patch management, system baseline enforcement, and automated vulnerability response workflows. span 134233117:false, 134233118:false, 201341983:0, 335559738:0, 335559739:0, 335559740
span span (Web) Maintain and operationalize vulnerability metrics dashboards aligned with continuous monitoring plans (span (Web) ConMon span (Web)). span 134233117:false, 134233118:false, 201341983:0, 335559738:0, 335559739:0, 335559740
strong span span (Web) Audit Readiness and Documentation span 134233117:false, 134233118:false, 201341983:0, 335559738:0, 335559739:0, 335559740
span span (Web) Able to support span (Web) and manage detailed system documentation including SSPs, network diagrams, control implementations, and POA and Ms. span 134233117:false, 134233118:false, 201341983:0, 335559738:0, 335559739:0, 335559740
span span (Web) Serve as a technical point span (Web) of contact during audits and assessments, capable of span (Web) demonstrating span (Web) compliance posture through hands-on walkthroughs and evidence collection. span 134233117:false, 134233118:false, 201341983:0, 335559738:0, 335559739:0, 335559740
span span (Web) Collaborate with span (Web) DevOps, Cybersecurity span (Web) teams to translate security requirements into enforceable technical controls and testable artifacts. span 134233117:false, 134233118:false, 201341983:0, 335559738:0, 335559739:0, 335559740
strong span span (Web) Cross-Functional Collaboration and Leadership span 134233117:false, 134233118:false, 201341983:0, 335559738:0, 335559739:0, 335559740
span span (Web) Partner with product, engineering, and compliance teams to implement secure system boundaries span (Web) and customer segmentation span (Web) strategies for multi-tenant environments. span 134233117:false, 134233118:false, 201341983:0, 335559738:0, 335559739:0, 335559740
span span (Web) Provide technical mentorship and occasional leadership to junior compliance engineers or project contributors. span 134233117:false, 134233118:false, 201341983:0, 335559738:0, 335559739:0, 335559740
span span (Web) Track emerging requirements and proactively update system configurations to meet evolving DoD IL5 span (Web), IL6 span (Web), and CMMC mandates. span 134233117:false, 134233118:false, 201341983:0, 335559738:0, 335559739:0, 335559740
strong QUALIFICATIONS
10+ years of experience in cybersecurity engineering, cloud compliance, or DevSecOps roles.
Proven experience designing STIG-compliant configurations, including custom STIG development and validation.
Deep understanding of FIPS-validated encryption, TLS configurations, and cryptographic module implementation for data protection.
Hands-on experience with vulnerability scanning, remediation planning, and automated patching workflows.
Familiarity with DoD RMF (IL5 and IL6), CMMC and related audit frameworks.
Proficiency with tools such as Terraform, Ansible, Azure Policy, GitHub Actions, and common SIEM/logging platforms.
Experience with authorization boundary design and customer isolation techniques in AWS and Azure Gov environments.
Position requires an active security clearance. While all clearance levels will be considered, TS/SCI clearance holders are preferred.
strong PREFERRED SKILLS AND EXPERIENCE
span span (Web) Experience span (Web) with span span (Web) DoD span (Web) RMF (IL5 and IL6 span (Web)) span span (Web) span (Web) cloud environments. span 134233117:true, 134233118:true, 201341983:0, 335559739:160, 335559740
span span (Web) Working knowledge of container security, particularly in AKS or Kubernetes-based deployments. span 134233117:true, 134233118:true, 201341983:0, 335559739:160, 335559740
span span (Web) Basic people leadership experience, including mentoring or technical guidance responsibilities. span 134233117:true, 134233118:true, 201341983:0, 335559739:160, 335559740
span span (Web) Industry certifications such as CISSP, CCSP, Azure Security Engineer, or relevant compliance certs (e.g., span (Web) span (Web) CMMC RP). span 134233117:true, 134233118:true, 201341983:0, 335559739:160, 335559740
strong COMPENSATION
335552541:1, 335559685:720, 335559991:360, 469769226: Symbol, 469769242 469777803: left, 469777804: , 469777815: hybridMultilevel strong span Colorado Base Salary: span $195,000-$270,000
335552541:1, 335559685:720, 335559991:360, 469769226: Symbol, 469769242 469777803: left, 469777804: , 469777815: hybridMultilevel strong span California Base Salary: span $205,000-$285,000 for Long Beach, $225,000 to $310,000 for SF Bay Area
335552541:1, 335559685:720, 335559991:360, 469769226: Symbol, 469769242 469777803: left, 469777804: , 469777815: hybridMultilevel strong span Washington D.C. Base Salary: span $205,000-$285,000
335552541:1, 335559685:720, 335559991:360, 469769226: Symbol, 469769242 469777803: left, 469777804: , 469777815: hybridMultilevel strong span Equity + Benefits span including Health, Dental, Vision, HRA/HSA options, PTO and paid holidays, 401K, Parental Leave span 134233117:true, 134233118:true, 201341983:0, 335559739:160, 335559740
span 134233117:true, 134233118:true, 201341983:0, 335559739:160, 335559740 em span SCXW83253800 BCX0 lang= EN-US span SCXW83253800 BCX0 Your actual level and base salary will be span SCXW83253800 BCX0 determined span SCXW83253800 BCX0 on a case-by-case basis and may vary based on the following considerations: job-related knowledge and skills, education, location, and experience. span SCXW83253800 BCX0 335559739
strong ADDITIONAL REQUIREMENTS
strong Work Location —Successful candidates will be located near one of our office locations including Centennial, CO; Long Beach, CA; SF Bay Area, or Washington D.C.
strong Work environment —the work environment; temperature, noise level, inside or outside, or other factors that will affect the person s working conditions while performing the job.
strong Physical demands —the physical demands of the job, including bending, sitting, lifting and driving.
span SCXW267002851 BCX0 lang= EN-US span SCXW267002851 BCX0 This position will be open until it is successfully filled. To span SCXW267002851 BCX0 submit span SCXW267002851 BCX0 your application, please follow the directions below.
# -Onsite
To conform to U.S. Government space technology export regulations, including the International Traffic in Arms Regulations (ITAR) you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State.
True Anomaly is committed to equal employment opportunity on any basis protected by applicable state and federal laws. If you have a disability or additional need that requires accommodation, please do not hesitate to let us.