Senior Identity & Auth Engineer
Listed on 2026-07-18
-
IT/Tech
Cybersecurity, Systems Engineer
Senior Identity & Authorization Engineer
Denver, CO or Long Beach, CA
Space is a war fighting domain. True Anomaly seeks those with the talent and ambition to build the technology that secures it.
True Anomaly delivers decisive capabilities for space superiority. We build autonomous spacecraft, advanced payloads, mission software, and space-based interceptors — enabling the U.S. and its Allies to secure the space environment and counter threats from the ultimate high ground.
True Anomaly values creativity and ingenuity, challenging assumptions to deliver ambitious results, and recognizes that our team is our competitive advantage and we are better together.
Software is the central nervous system for True Anomaly's engineering and product thesis. As we deploy our space operations platform into classified environments, identity and authorization become critical technical challenges requiring deep specialization. True Anomaly is seeking a highly experienced Senior Identity & Authorization Engineer to build the multi-tenant identity infrastructure that enables secure operations at IL6 (SECRET) and beyond. You'll deploy and integrate Kubernetes-native identity platforms, implement fine-grained authorization models for space operations, and provide deep technical expertise on identity/auth during compliance processes.
Working closely with our security and platform teams, you'll evaluate and integrate modern authorization frameworks (ReBAC, SPIFFE/SPIRE, OPA), build policy-as-code enforcement systems, and ensure our identity architecture meets the rigorous standards required for classified environments. You do not need to have experience building space ground systems or experience in aerospace. You'll have ownership of challenging, greenfield problems and a chance to fundamentally impact the outcome of future conflict (and the future of the company), all while enjoying world-class benefits including platinum healthcare, flexible work hours/location, highly competitive compensation and a generous stock options package.
Responsibilities include architecting and deploying Kubernetes-native identity and authorization infrastructure for IL6 (SECRET) multi-tenant environments, serving as a technical authority for identity/auth controls during ATO processes, designing and implementing multi-tenant isolation strategies, evaluating, deploying, and hardening self-hosted IdPs, designing authorization models, implementing workload identity frameworks, building policy-as-code systems, integrating with government identity systems, collaborating with security team on secret management strategy, working with application teams to define authentication/authorization contracts for microservices, partnering with customers and government auditors during ATO processes, and staying current on emerging identity/auth technologies.
Qualifications include being eligible for TS/SCI clearance, having 10+ years in platform/security engineering with 5+ years focused on identity, authentication, or authorization systems, designing and implementing proper tenant isolation, deploying and operating production Kubernetes clusters, production experience deploying/operating at least one K8s-native IdP or enterprise IAM system, implementing RBAC, ABAC, or ReBAC authorization models in production systems, deep understanding of NIST SP 800-207 and practical zero trust architecture patterns, working knowledge of NIST 800-53, CMMC Level 3+, or FedRAMP High requirements, and proficiency in Python, Go, or Bash for automation and tooling.
Preferred skills and experience include active TS/SCI clearance, IL4/IL5 deployment and operations experience, ATO experience, experience with modern authorization frameworks, SPIFFE/SPIRE workload identity implementation experience, service mesh authentication in production, Hashi Corp Vault or enterprise secret management in classified or high-assurance environments, CAC/PIV card integration and PKI certificate management, policy-as-code for runtime enforcement, experience in aerospace, defense, intelligence community, or national security space, and startup or fast-paced environment experience.
Nice-to-have includes CISSP, CCSP, or other security certifications, contributing to open-source identity/auth projects, experience with cross-domain solutions or multi-level security systems, Kubernetes CKS certification, and previous experience at defense prime, IC contractor, or FAANG Gov.
Compensation includes a base salary of $150,000 - $225,000 and equity plus benefits including health, dental, vision, HRA/HSA options, PTO and paid holidays, 401K, and parental leave.
Additional requirements include work location near Denver or Colorado Springs, work environment considerations, and physical demands.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).