Enterprise Security Engineer III, Vulnerability Management

A new space race has begun. True Anomaly seeks those with the talent and ambition to build innovative technology that solves the next generation of engineering, manufacturing, and operational challenges for space security and sustainability.

OUR MISSION

The peaceful use of space is essential for continued prosperity on Earth—from communications and finance to navigation and logistics. True Anomaly builds innovative technology at the intersection of spacecraft, software, and AI to enhance the capabilities of the U.S., its allies, and commercial partners. We safeguard global security by ensuring space access and sustainability for all.

OUR VALUES

Be the offset. We create asymmetric advantages with creativity and ingenuity What would it take? We challenge assumptions to deliver ambitious results It’s the people. Our team is our competitive advantage and we are better together

YOUR MISSION

As an Enterprise Security Engineer focused on Vulnerability Management, you will play a critical role in identifying, tracking, and driving remediation of vulnerabilities across True Anomaly's enterprise environment. You will operate and mature our vulnerability management program, ensuring we maintain continuous visibility into our attack surface across endpoints, servers, cloud infrastructure, and applications. You will work alongside senior engineers and cross‑functional partners to prioritize risk, coordinate remediation efforts, and measure progress toward reducing organizational exposure. As part of True Anomaly's Enterprise Security team, you will be the connective tissue between security findings and actionable outcomes. You will be responsible for ensuring patches get deployed in a timely manner within established SLAs, tracking exceptions, and collaborating on methods to eliminate attack surface or automate vulnerability patching. You will be joining a fast‑paced, challenging environment where your contributions will have a direct, measurable impact on our security posture. This is an ideal role for someone who is detail‑oriented, thrives on driving issues to closure, and is energized by the opportunity to build and mature a core security function alongside experienced professionals. This position requires the ability to obtain and maintain a security clearance. Responsibilities Operate and maintain vulnerability scanning infrastructure across cloud, on‑prem, and endpoint environments. Execute regular vulnerability scans and manage scan schedules, policies, and agent deployments. Triage and prioritize vulnerability findings based on exploitability, asset criticality, and business context. Track remediation efforts across teams, monitor SLA adherence, and elevate aging vulnerabilities. Partner with IT, DevOps, and engineering teams to coordinate patching and remediation activities. Maintain accurate asset inventory and ensure scanning coverage across all environments. Develop and maintain vulnerability management dashboards, metrics, and reporting for stakeholders and leadership. Contribute to the development of vulnerability management policies, standards, and procedures. Support compliance efforts by providing vulnerability data and evidence for audits and framework assessments (e.g., CMMC, NIST, FedRAMP). Monitor threat intelligence feeds and vendor advisories to identify emerging vulnerabilities relevant to True Anomaly's environment. Assist with ad hoc security assessments and penetration testing coordination as needed. Stay updated with the latest vulnerability trends, exploitation techniques, and remediation best practices. Qualifications Minimum of 4 years of experience in information security or a related technical field, with exposure to vulnerability management. Hands‑on experience with vulnerability scanning tools such as Tenable, Qualys, Rapid7, or similar platforms. Understanding of CVE scoring (CVSS), vulnerability prioritization frameworks (SSVC, EPSS), and risk‑based remediation approaches. Familiarity with patch management processes across Windows, Linux, Mac, and cloud environments. Solid technical understanding of networking, operating systems, and common enterprise technologies. Experience producing security metrics and reporting for technical and non‑technical audiences. Strong organizational skills with the ability to track and drive multiple remediation efforts simultaneously. Strong analytical, problem‑solving, and communication skills. Ability to work both independently and collaboratively in a fast‑paced environment. Relevant certifications such as Security+, GSEC, CEH, or equivalents are a plus. Preferred Qualifications Active security clearance or ability to obtain and maintain security clearance. Bachelor's degree in Computer Science, Information Security, or equivalent professional experience. Experience building or maturing a vulnerability management program. Familiarity with asset discovery and management tools. Experience with cloud security posture management (CSPM) or cloud‑native vulnerability scanning in Azure, AWS, or Google Cloud. Familiarity with FedRAMP, CMMC, NIST frameworks and their vulnerability management requirements. Exposure to manufacturing or operational technology environments. Experience working at a startup and/or in the defense industry. Work Environment Work Location —this role will be onsite at our Denver or Long Beach office. #LI-Onsite This role operates in a fast‑paced, high‑stakes environment where adaptability is essential. On‑call rotation participation, including after‑hours participation, may be required in this role. Must be comfortable working under pressure during active security incidents or critical vulnerability response. Mentorship and growth opportunities with senior security engineers. Direct exposure to leadership and opportunity to contribute to security strategy. What We Offer Competitive salary Opportunity to work on challenging, mission‑critical security initiatives Professional development and certification support Collaborative culture with experienced security professionals Equity + Benefits including Health, Dental, Vision, HRA/HSA options, PTO and paid holidays, 401K, Parental Leave

COMPENSATION

Colorado Base Salary: $115,000–$155,000 California Base Salary: $120,000–$165,000 Equity + Benefits including Health, Dental, Vision, HRA/HSA options, PTO and paid holidays, 401K, Parental Leave Your actual level and base salary will be determined on a case‑by‑case basis and may vary based on the following considerations: job‑related knowledge and skills, education, location, and experience. This position will be open until it is successfully filled. To conform to U.S. Government space technology export regulations, including the International Traffic in Arms Regulations (ITAR) you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State. True Anomaly is committed to equal employment opportunity on any basis protected by applicable state and federal laws. If you have a disability or additional need that requires accommodation, please do not hesitate to let us. #J-18808-Ljbffr Menlo Ventures