Hashicorp Jobs in Colorado (NOW HIRING)

Job Summary:
True Anomaly is a company focused on building technology that secures the space domain. As a Senior Cloud Security Engineer, you will be responsible for implementing security controls and building security tooling for cloud platforms, particularly in multi-cloud environments like Azure and AWS, while collaborating closely with engineering teams.
Responsibilities:
• Build security tooling, automation, and services for cloud security—implementing secure patterns that engineering teams can adopt
• Implement security best practices and provide technical input on cloud security, IAM architecture, network security, and infrastructure-as-code
• Implement and maintain security controls that strengthen the security posture of our cloud environments across Azure and AWS
• Implement secure-by-default cloud infrastructure including IAM, network architecture (VPCs, subnets, NACLs, Security Groups, Transit Gateways), data protection, encryption, and security monitoring
• Operate and maintain PKI infrastructure for cloud environments—including private CA hierarchies (AWS Private CA, AD CS), certificate lifecycle management, mTLS for service-to-service authentication, and load balancer certificate management
• Operate and maintain HashiCorp Vault as the central secrets management platform—including Vault PKI engine, dynamic secrets, authentication methods, and policy management. You'll build and maintain this infrastructure, not just configure managed services
• Partner with Kubernetes Security Engineer to implement unified PKI infrastructure across cloud and container environments, providing input on design decisions. Collaborate on K8s IAM integration, network policies, node security, and CSI driver security
• Design and troubleshoot multi-account and multi-VPC network topologies—diagnosing connectivity issues and security group misconfigurations across cloud environments
• Build automation and tooling to enforce security policies, detect misconfigurations, and respond to threats in cloud environments
• Execute cloud security posture management (CSPM), threat detection, and incident response projects
• Implement security improvements to infrastructure-as-code, CI/CD pipelines, and deployment processes
• Partner with engineering teams to implement secure cloud architectures for new capabilities and workloads
• Build security testing tools, CLI utilities, and dashboards to continuously validate security controls
• Solve complex security challenges in multi-cloud environments
• Leverage AI tools to accelerate development and automate security workflows
Qualifications:
Required:
• Active security clearance or ability to obtain and maintain security clearance
• Experience securing production cloud environments at scale, with strong understanding of cloud security models, attack patterns, and defensive strategies across Azure and AWS
• Strong software development skills in Python (preferred) and/or Go with experience building security tooling and automation
• Strong software engineering fundamentals: comfortable with data structures, algorithms, API design, debugging production systems, and working across multiple languages
• Strong Terraform skills including module design and infrastructure-as-code security best practices
• Experience building security tooling or automation used by engineering teams
• Strong experience with cloud networking and troubleshooting across AWS and Azure: VPCs/VNets, subnets, NACLs/NSGs, Security Groups, Transit Gateways/Virtual WAN, VPC peering, route tables, and VPN/ExpressConnect—you can debug 'why can't X talk to Y' across multi-account/multi-subscription network topologies
• Hands-on experience with cloud security tools (CSPM, CWPP, SIEM) and infrastructure-as-code security (Terraform, CloudFormation)
• Strong knowledge of IAM, encryption, logging/monitoring, and cloud-native security patterns
• DevSecOps mindset with experience embedding security into development and operations workflows
• Proven ability to assess risk, prioritize work, and execute complex security projects
• Track record of solving complex technical problems
• Comfortable diving into unfamiliar codebases and leveraging AI to bridge knowledge gaps
• Strong communication skills and ability to collaborate effectively across teams
Preferred:
• Strong PKI knowledge with hands-on experience working with certificate infrastructure—including certificate lifecycle management, mTLS implementation, certificate-based authentication, and X.509/TLS troubleshooting
• Hands-on experience operating HashiCorp Vault in production—including Vault PKI, dynamic secrets engines, and authentication methods. Experience integrating Vault with Kubernetes, AWS, and Azure auth methods is a plus
Company:
True Anomaly develops space security technologies, including spacecraft, software platforms, and mission systems for orbital operations. Founded in 2022, the company is headquartered in Centennial, USA, with a team of 201-500 employees. The company is currently Growth Stage.