ForgeApply
Try it free

ForgeApply · Job listing

Senior Compliance Automation Engineer

Trueanomalyinc

Denver, CO or Long Beach, US$175k – $210khybridManufacturing

Apply in about a minute — without sacrificing quality.

ForgeApply autofills this application and tailors your resume to this exact posting. You review everything before it's sent. Free trial, no card required.

About this role

Space is a warfighting domain. True Anomaly seeks those with the talent and ambition to build the technology that secures it.

OUR MISSION

True Anomaly delivers decisive capabilities for space superiority. We build autonomous spacecraft, advanced payloads, mission software, and space-based interceptors — enabling the U.S. and its Allies to secure the space environment and counter threats from the ultimate high ground.

OUR VALUES

• Be the offset. We create asymmetric advantages with creativity and ingenuity.

• What would it take? We challenge assumptions to deliver ambitious results.

• It’s the people. Our team is our competitive advantage and we are better together.

Your Mission

We are seeking a Senior Compliance Automation Engineer to join our Governance, Risk, and Compliance (GRC) team and design and build True Anomaly's compliance automation platform from the ground up. This is a greenfield engineering role, not a configuration or administration position. You will not be deploying off-the-shelf GRC tools and calling it done. Instead, you will architect and engineer a purpose-built, continuous compliance monitoring platform capable of spanning a hybrid environment of on-premises classified systems and multi-cloud infrastructure (AWS GovCloud, Azure Government).

This role sits at the intersection of software engineering, DevSecOps, and compliance, and demands someone who can write production-quality code, design robust API and webhook integration frameworks, and translate NIST SP 800-53 Rev. 5 and NIST SP 800-171 Rev. 3 control requirements into automated, evidence-generating technical workflows. You will own the architecture, build the pipelines, and integrate data from across the enterprise to produce a real-time, auditable, and scalable compliance posture built on infrastructure you design, not a vendor's dashboard.

This position requires the ability to obtain and maintain a security clearance.

Responsibilities

Compliance Automation Platform Engineering

• Architect and build a greenfield Continuous Compliance Monitoring (CCM) platform from first principles, designed to aggregate, correlate, and report on security control status across hybrid on-premises and cloud environments in near real time.

• Design and implement a modular, API-first platform architecture with well-documented internal APIs and extensible data models that support rapid onboarding of new control families, systems, and data sources.

• Develop webhook-driven integration pipelines that ingest telemetry and compliance signals from diverse source systems, including cloud-native security services, SIEM platforms, vulnerability scanners, configuration management tools, and identity providers, without reliance on manual data collection or polling.

• Build control validation microservices that programmatically test the implementation state of NIST SP 800-53 and 800-171 controls, generate machine-readable evidence artifacts, and surface control gaps with contextual remediation guidance.

• Implement an evidence collection and artifact management framework that automatically captures, timestamps, and indexes compliance evidence mapped to specific control requirements, enabling audit-ready artifact packages to be assembled on demand.

• Develop platform capabilities to support continuous authorization workflows, replacing point-in-time assessment cycles with living, automated control validation that feeds directly into ATO decision support.

DevSecOps and Pipeline Integration

• Embed compliance enforcement gates into CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins) to intercept non-compliant infrastructure-as-code (IaC) changes, insecure configurations, and policy violations before they reach production.

• Develop and maintain policy-as-code libraries using tools such as Open Policy Agent (OPA), Terraform Sentinel, AWS Config Rules, and Azure Policy, translating control requirements into machine-enforceable rulesets.

• Integrate compliance telemetry with infrastructure provisioning workflows using Terraform, Ansible, and Pulumi, ensuring that system authorization boundaries are maintained as infrastructure evolves.

• Build automated STIG validation workflows that apply and verify DISA STIG benchmarks across Linux, Windows, container, and cloud resource configurations using tools such as InSpec, OpenSCAP, and custom-built validation scripts.

• Partner with DevOps and platform engineering teams to implement secure baseline enforcement automation, including automated drift detection and remediation triggering for configuration deviations.

Hybrid Architecture and On-Premises Integration

• Design integration patterns and secure data collection agents for on-premises and air-gapped or limited-connectivity environments, enabling compliance telemetry to flow into the central platform without violating network segmentation or classification boundaries.

• Build bidirectional sync mechanisms between on-premises systems and cloud compliance services where permitted by authorization boundaries, ensuring hybrid posture visibility without creating unauthorized data flows.

• Develop solutions for classified environment compliance monitoring that operate within applicable network and data handling constraints, including support for IL5 and IL6 system boundaries.

• Architect the platform's data pipeline and storage layer with an explicit understanding of CUI, ITAR-controlled data, and classified data handling requirements, ensuring the platform itself does not become a compliance liability.

NIST Framework Implementation and Control Automation

• Serve as the technical authority on programmatic implementation of NIST SP 800-53 Rev. 5 control families, translating AC, AU, CM, IA, IR, RA, SC, SI, and other control families into automatable checks, evidence generators, and remediation workflows.

• Build automation coverage for NIST SP 800-171 Rev. 3 requirements across the full 110-control set, with particular depth i

Ready to apply to Trueanomalyinc?

Apply in about a minute

Similar jobs