Principal Compliance Engineer

Denver, CO or Long Beach, CA or Colorado Springs or Washington D.C.

A new space race has begun. True Anomaly seeks those with the talent and ambition to build innovative technology that solves the next generation of engineering, manufacturing, and operational challenges for space security and sustainability.

The peaceful use of space is essential for continued prosperity on Earth—from communications and finance to navigation and logistics. True Anomaly builds innovative technology at the intersection of spacecraft, software, and AI to enhance the capabilities of the U.S., its allies, and commercial partners. We safeguard global security by ensuring space access and sustainability for all.

• Be the offset. We create asymmetric advantages with creativity and ingenuity
• What would it take? We challenge assumptions to deliver ambitious results
• It’s the people. Our team is our competitive advantage and we are better together

We are seeking an experienced Principal Compliance Engineer to lead the design and implementation of secure, compliant architectures within highly regulated cloud environments. This role requires deep expertise in STIG development, encryption standards, and vulnerability remediation, alongside a strong foundation in Dev Ops and Sec Ops practices, particularly within the AWS and Azure Government platform.

The ideal candidate brings at least 10 years of experience in security engineering or technical compliance and will work cross-functionally to align cloud infrastructure and operations with frameworks such as RMF (DoD IL5 and IL6), and CMMC. This is a hands‑on technical role focused on enabling and sustaining system authorization through security automation, technical control implementation, and audit readiness.

• Architect, implement, and maintain secure, audit‑ready systems and services in AWS and Azure Government environments.
• Develop and maintain custom STIGs (Security Technical Implementation Guides) for cloud infrastructure, SaaS applications, and IaaS/PaaS configurations and customer‑deployed applications.
• Design and enforce secure configurations using encryption standards such as FIPS 140‑2/FIPS 140‑3, TLS 1.2+, and data‑at‑rest protections for regulated data.

• Embed compliance and security checks into CI/CD pipelines, ensuring that infrastructure‑as‑code meets regulatory and organizational policies.
• Integrate technical controls to support monitoring, logging, and alerting consistent with RMF and CMMC requirements.
• Partner with cyber security operations teams to support incident response, log review, and system hardening efforts.

• Lead the technical remediation of vulnerabilities identified through internal scans, third‑party testing, or external audits.
• Work with engineering and Dev Ops teams to drive secure patch management, system baseline enforcement, and automated vulnerability response workflows.
• Maintain and operationalize vulnerability metrics dashboards aligned with continuous monitoring plans (Con Mon).

• Able to support and manage detailed system documentation including SSPs, network diagrams, control implementations, and POA&Ms.
• Serve as a technical point of contact during audits and assessments, capable of demonstrating compliance posture through hands‑on walkthroughs and evidence collection.
• Collaborate with Dev Ops, Cybersecurity teams to translate security requirements into enforceable technical controls and testable artifacts.

• Partner with product, engineering, and compliance teams to implement secure system boundaries and customer segmentation strategies for multi‑tenant environments.
• Provide technical mentorship and occasional leadership to junior compliance engineers or project contributors.
• Track emerging requirements and proactively update system configurations to meet evolving DoD IL5, IL6, and CMMC mandates.

• 10+ years of experience in cybersecurity engineering, cloud compliance, or Dev Sec Ops  roles.
• Proven experience designing STIG‑compliant configurations,…