Senior Security Engineer, Threat Detection & Response Security Clearance

Position: Senior Security Engineer, Threat Detection & Response with Security Clearance
Space is a war fighting domain. True Anomaly seeks those with the talent and ambition to build the technology that secures it. OUR MISSION True Anomaly delivers decisive capabilities for space superiority. We build autonomous spacecraft, advanced payloads, mission software, and space-based interceptors - enabling the U.S. and its Allies to secure the space environment and counter threats from the ultimate high ground.

OUR VALUES
* Be the offset. We create asymmetric advantages with creativity and ingenuity.
* What would it take? We challenge assumptions to deliver ambitious results.
* It's the people. Our team is our competitive advantage and we are better together. YOUR MISSION As a Senior Security Engineer on the Threat Detection & Response team, you will lead complex incident investigations, mature our insider risk program, and serve as a trusted partner to engineering, legal, executive leadership, and external stakeholders during high-stakes security events. You'll lead end-to-end response for the most sensitive security incidents, build and scale our insider risk monitoring capabilities, and translate complex technical findings into actionable insights for both technical teams and C-suite stakeholders.

You'll set the bar for investigative diligence, evidence handling, and cross-functional coordination during high-stakes situations. This role is a great fit for a seasoned investigator and incident responder who thrives in high-pressure environments, has deep experience navigating multi-stakeholder investigations, and wants to make a tangible impact on a growing security program. This position requires the ability to obtain and maintain a security clearance.

Responsibilities
* Lead end-to-end incident response for complex, high-severity security events, including technical investigation, containment, eradication, recovery, and executive-level reporting
* Build and mature True Anomaly's insider risk monitoring program, including detection strategy, investigative playbooks, and cross-functional escalation paths
* Serve as the principal technical liaison between the security team and partner organizations (IT, Engineering, Legal, HR, Compliance, and external government partners), translating complex technical findings for non-technical decision-makers
* Perform evidence collection, digital forensics, and malware triage activities; ensure investigative findings are documented to a standard suitable for legal, regulatory, and law enforcement use
* Develop and operationalize incident response plans, playbooks, and SOPs that scale with team growth and mission complexity
* Design and tune detections across corporate, cloud, and mission environments, leveraging frameworks like MITRE ATT&CK
* Proactively hunt for threats, including insider threats, and leverage threat intelligence to anticipate emerging adversary TTPs
* Administer and optimize EDR, SIEM , and SOAR platforms; build automation to improve investigative efficiency
* Brief executive leadership on active incidents, threat landscape, and program maturity in clear business terms
* Mentor junior detection and response engineers and contribute to hiring as the team grows Qualifications A good candidate will have:
* 4+ years of experience in cybersecurity, with significant time spent leading incident response, complex investigations, threat hunting, or detection engineering
* Demonstrated experience leading multi-stakeholder investigations end-to-end, from initial triage through executive reporting and post-incident review
* Hands-on experience with digital forensics, malware triage, and evidence handling in environments where investigative rigor matters
* Experience building or contributing to an insider risk or insider threat monitoring program
* Strong working knowledge of EDR platforms, SIEM platforms (e.g., Splunk, Elastic, or similar), and SOAR tooling
* Working knowledge of Windows, MacOS, and Linux endpoint security and common attack techniques
* Solid understanding of attack vectors, adversary TTPs, and security frameworks such as MITRE ATT&CK and the Cyber Kill Chain
* Experience with scripting (e.g. Python, Power Shell, or Bash) for automation, enrichment, or analysis tasks
* Proven ability to brief executives and translate technical risk into business language
* Clear verbal and written communication skills, with experience producing intelligence reports, investigative findings, or executive briefings

Preferred Qualifications An ideal candidate will also have:
* Active TS/SCI security clearance or ability to obtain and maintain a security clearance
* Knowledge of digital forensics and malware analysis techniques
* Experience building or significantly maturing a detection and response program
* Experience working in Azure Government Cloud (Azure Gov Cloud) environments
* Experience with cloud security monitoring in AWS, GCP, or Azure commercial environments
* Familiarity with CMMC, FedRAMP, NIST 800-53, or other federal compliance frameworks
*…