Enterprise Security Engineer III, Vulnerability Management

A new space race has begun. True Anomaly seeks those with the talent and ambition to build innovative technology that solves the next generation of engineering, manufacturing, and operational challenges for space security and sustainability.

The peaceful use of space is essential for continued prosperity on Earth—from communications and finance to navigation and logistics. True Anomaly builds innovative technology at the intersection of spacecraft, software, and AI to enhance the capabilities of the U.S., its allies, and commercial partners. We safeguard global security by ensuring space access and sustainability for all.

• Be the offset. We create asymmetric advantages with creativity and ingenuity
• What would it take? We challenge assumptions to deliver ambitious results
• It’s the people. Our team is our competitive advantage and we are better together

As an Enterprise Security Engineer focused on Vulnerability Management, you will play a critical role in identifying, tracking, and driving remediation of vulnerabilities across True Anomaly's enterprise environment. You will operate and mature our vulnerability management program, ensuring we maintain continuous visibility into our attack surface across endpoints, servers, cloud infrastructure, and applications. You will work alongside senior engineers and cross‑functional partners to prioritize risk, coordinate remediation efforts, and measure progress toward reducing organizational exposure.

As part of True Anomaly's Enterprise Security team, you will be the connective tissue between security findings and actionable outcomes. You will be responsible for ensuring patches get deployed in a timely manner within established SLAs, tracking exceptions, and collaborating on methods to eliminate attack surface or automate vulnerability patching. You will be joining a fast‑paced, challenging environment where your contributions will have a direct, measurable impact on our security posture.

This is an ideal role for someone who is detail‑oriented, thrives on driving issues to closure, and is energized by the opportunity to build and mature a core security function alongside experienced professionals.

This position requires the ability to obtain and maintain a security clearance.

• Operate and maintain vulnerability scanning infrastructure across cloud, on‑prem, and endpoint environments.
• Execute regular vulnerability scans and manage scan schedules, policies, and agent deployments.
• Triage and prioritize vulnerability findings based on exploitability, asset criticality, and business context.
• Track remediation efforts across teams, monitor SLA adherence, and elevate aging vulnerabilities.
• Partner with IT, Dev Ops, and engineering teams to coordinate patching and remediation activities.
• Maintain accurate asset inventory and ensure scanning coverage across all environments.
• Develop and maintain vulnerability management dashboards, metrics, and reporting for stakeholders and leadership.
• Contribute to the development of vulnerability management policies, standards, and procedures.
• Support compliance efforts by providing vulnerability data and evidence for audits and framework assessments (e.g., CMMC, NIST, FedRAMP).
• Monitor threat intelligence feeds and vendor advisories to identify emerging vulnerabilities relevant to True Anomaly's environment.
• Assist with ad hoc security assessments and penetration testing coordination as needed.
• Stay updated with the latest vulnerability trends, exploitation techniques, and remediation best practices.

• Minimum of 4 years of experience in information security or a related technical field, with exposure to vulnerability management.
• Hands‑on experience with vulnerability scanning tools such as Tenable, Qualys, Rapid7, or similar platforms.
• Understanding of CVE scoring (CVSS), vulnerability prioritization frameworks (SSVC, EPSS), and risk‑based remediation approaches.
• Familiarity with patch management processes across Windows, Linux, Mac, and cloud environments.
• Solid technical understanding of networking, operating systems, and common enterprise technologies.
• Experience producing…