Principal Enterprise Security Engineer

YOUR MISSION

As the Principal Enterprise Security Engineer, you will architect and own the security of True Anomaly’s corporate environment. Your mission is to protect our assets, data, and people not just by hardening systems, but by building the secure platforms, automations, and tools that enable the entire company to operate securely. You will create the “paved roads” for security, engineering solutions that are secure-by-default. You will partner closely with IT Engineering to build securely from the ground up, secure our endpoints and networks, and enable the safe adoption of cutting-edge tools like enterprise AI. This role is foundational to creating a strong, scalable, and automated defensive posture. 

RESPONSIBILITIES

• Architect, build, and automate security “building blocks” and “paved roads” for our enterprise infrastructure, including cloud (Azure, M365) and on-premise systems. 
• Engineer and deploy secure hardening standards across all corporate assets (macOS, Windows, Linux, servers, SaaS) through automation. 
• Build and operate scalable enterprise security systems, including Endpoint Detection and Response (EDR/XDR), Data Loss Prevention (DLP), and modern device management. 
• Lead automated vulnerability management, detection, and remediation efforts for the corporate environment. 
• Design and engineer secure-by-default network architectures (wired, wireless, VPN/ZTNA) based on Zero Trust principles. 
• Develop and manage security-as-code policies and technical controls for corporate-owned and BYOD assets. 

QUALIFICATIONS

• 10+ years of hands-on experience in enterprise security, with a strong emphasis on engineering and building solutions, not just operating them. 
• Expertise in architecting and securing multi-platform endpoint environments (macOS, Windows, Linux) and modern device management (Microsoft Intune, Jamf Pro). 
• Advanced knowledge of network security architecture and engineering (e.g., firewalls, IDS/IPS, NAC, ZTNA). 
• Demonstrated experience building automated security controls for cloud productivity suites (Microsoft 365) and IaaS platforms (Azure, AWS). 
• Expert-level scripting and automation skills (e.g., Python, PowerShell, Go) to build custom tools, integrations, and security-as-code. 
• Hands-on experience building and scaling core enterprise security systems (EDR/XDR, SIEM, Vulnerability Management, DLP). 

PREFERRED SKILLS AND EXPERIENCE

• Experience developing and implementing security policies and controls for the safe use of enterprise AI and LLMs. 
• Background in securing hybrid environments (cloud and on-premise Active Directory). 
• Experience implementing and auditing security controls for government compliance frameworks (e.g., FedRAMP, NIST 800-53, CMMC). 
• Broad knowledge of IT systems engineering (e.g., server admin, networking, identity) with a “build it securely” mindset. 

COMPENSATION

• Colorado Base Salary: $195,000-$270,000
• California Base Salary: $205,000-$285,000
• Washington D.C. Base Salary: $205,000-$285,000
• Remote: Compensation for remote employees will vary based on location and local market data.
• Equity + Benefits including Health, Dental, Vision, HRA/HSA options, PTO and paid holidays, 401K, Parental Leave 

Your actual level and base salary will be determined on a case-by-case basis and may vary based on the following considerations: job-related knowledge and skills, education, location, and experience. 

ADDITIONAL REQUIREMENTS

• Ability to maintain or obtain TS//SCI clearance 
• Work Location—ideally, candidates will be based near Denver, Colorado Springs, Long Beach, or Washington, D.C., as some work requires on-site collaboration. Remote candidates will also be considered but should anticipate occasional travel for in-person work.
• Work environment—is in a standard office, working at a desk or in a production factory.
• Physical demands—may include frequent standing, sitting, walking, bending, and lifting or carrying items up to 20lbs.

This position will be open until it is successfully filled. To submit your application, please follow the directions below. #LI-Hybrid