Offensive Cyber Research Engineer
Twenty
hackajob is collaborating with Twenty to connect them with exceptional professionals for this role.
About the Company
America is under sustained cyber attack. Our adversaries infiltrate our networks, steal our IP, and degrade the digital infrastructure that modern life runs on. They’ve learned—correctly—that those attacks rarely produce consequences.
Twenty was founded to change that, by making our adversaries think twice before they attack us. Our vision is American and allied primacy in cyberspace—a future where they cannot contest us, deterrence is assured, and the free world remains secure.
Founded in 2024, Twenty Technologies () industrializes offensive cyber operations for the U.S. and its allies. Headquartered in Arlington, Virginia, Twenty has raised $138M from Accel, Caffeinated Capital, Friends & Family Capital, Point72 Ventures, General Catalyst, and In-Q-Tel.
Twenty is seeking an exceptionally skilled Offensive Cyber Research Engineer for an in-office position in its Arlington, VA office to lead the development of sophisticated offensive cyber capabilities that defend democracies worldwide. We're looking for someone with 6-8 years of deep technical expertise in offensive cyber operations, software development, and research, combined with proven leadership experience mentoring engineers and driving strategic technical initiatives. In this role, you'll architect and lead the development of advanced attack path frameworks, establish engineering best practices for offensive tooling, mentor junior researchers, and serve as a technical authority on adversarial techniques and red team operations. You'll leverage your extensive operational background—ideally from government/military Digital Network Exploitation Analysis (DNEA), Exploitation Analyst (EA) operations, advanced penetration testing, or threat intelligence analysis—to shape the technical direction of our offensive cyber capabilities and build the next generation of cyber technologies for the United States and its allies.
Role Details Technical Leadership & Architecture
Lead the architecture and design of sophisticated attack path frameworks that emulate advanced persistent threat (APT) behaviors and nation-state TTPs
Establish technical standards and best practices for offensive cyber tool development across the organization
Evaluate and recommend engineering courses of action for new offensive capabilities and system enhancements
Drive technical decision-making for complex offensive cyber integrations and performance optimizations
Architect scalable, modular frameworks for attack technique automation and adversary emulation
Research & Innovation
Conduct advanced research into emerging adversary techniques, zero-day exploitation strategies, and novel attack vectors
Develop proof-of-concept tools and techniques that push the boundaries of offensive cyber capabilities
Stay current with threat actor innovations and translate emerging TTPs into defensive and offensive capabilities
Publish internal research findings and contribute to the broader cyber security research community
Identify capability gaps and lead initiatives to develop new offensive tools and methodologies
Team Leadership & Mentorship
Mentor and provide technical guidance to offensive cyber engineers and researchers, conducting thorough code reviews and knowledge transfer
Lead technical discussions and facilitate strategic planning sessions for offensive capability development
Organize research efforts and coordinate cross-functional collaboration with data engineering, backend, and intelligence analysis teams
Establish and maintain engineering best practices, secure coding standards, and operational security procedures
Guide junior engineers in understanding complex adversary behaviors and translating them into technical implementations
Attack Path Development & Implementation
Design and implement advanced attack paths that emulate sophisticated adversary campaigns across multiple domains
Create reusable, production-grade components for complex attack techniques including credential harvesting, lateral movement, and defense evasion
Develop custom tooling and automation frameworks that operate at machine speed for large-scale adversary emulation
Data Engineering & Intelligence Integration
Lead the design of ETL pipelines for processing threat intelligence, security logs, and operational data at scale
Architect standardized schemas for cyber operations datasets that support graph-based analysis and AI/ML workflows
Implement advanced data enrichment pipelines that integrate diverse threat intelligence sources
Design efficient storage and retrieval systems for large-scale security-relevant data
Operational Collaboration
Work closely with government customers and operational teams to understand mission requirements and capability gaps
Translate operational feedback into technical requirements and development priorities
Lead technical demonstrations showcasing offensive cyber capabilities to stakeholders
Provide subject matter expertise for customer engagements and strategic planning sessions
Qualifications Technical Skills & Experience
6-8 years of threat research, offensive cyber operations, and software development experience
Expert-level operational cyber security experience in one or more of the following domains:
Digital Network Exploitation Analysis (DNEA) within U.S. Government military or intelligence organizations
Exploitation Analyst (EA) operations conducting advanced network exploitation and intelligence analysis
Advanced Penetration Testing/Red Teaming leading sophisticated offensive security assessments
Senior-level Threat Hunting and threat intelligence analysis in high-stakes environments
Demonstrated technical leadership experience mentoring offensive cyber engineers and leading research initiatives
Deep expertise in the MITRE ATT&CK framework with proven track record developing and implementing advanced adversary TTPs across multiple tactics
Expert-level experience operating and extending industry-standard threat emulation platforms (Cobalt Strike, Metasploit, custom C2 frameworks) with proven ability to develop sophisticated custom payloads, modules, and evasion techniques
Extensive experience integrating and analyzing diverse threat intelligence sources including commercial feeds, OSINT, and government intelligence
Advanced proficiency in implementing sophisticated persistence mechanisms, advanced defense evasion techniques, counter-forensics, and anti-analysis methods
Expert containerization and orchestration experience using Docker and Kubernetes for secure, scalable offensive tool deployment
Advanced programming and software architecture skills in Python and Golang, with demonstrated ability to build maintainable, production-grade security tools and automation frameworks
Expert-level experience writing complex graph queries and developing graph-based analytical tools using Neo4j or similar graph databases
Comprehensive knowledge of cybersecurity across network security, application security, secure coding, cryptography, and security architecture
Extensive practical experience in offensive cyber operations including advanced payload development, post-exploitation frameworks, command and control infrastructure, and multi-stage attack chains
Expert knowledge of red team methodologies including campaign planning, operational security (OPSEC), adversary simulation, and realistic threat emulation based on intelligence-driven scenarios
Leadership & Communication Skills
Proven ability to lead technical projects and mentor engineering teams
Strong communication skills with ability to explain complex offensive techniques to diverse audiences including executives and government officials
Experience conducting thorough code reviews and establishing development standards for security tools
Track record of driving technical decision-making and influencing strategic direction
Education
Bachelor's degree in Computer Science, Software Engineering, Cybersecurity, or related field; Master's degree preferred, or equivalent practical experience
Security Requirements
Must be eligible to obtain a U.S. Government security clearance
Distinguishing Qualifications
Previous technical leadership experience in government cyber operations units or intelligence organizations conducting DNEA or EA operations
Experience leading offensive cyber capability development programs or research initiatives
Track record of developing novel offensive techniques or tools adopted by operational units
Advanced certifications such as OSCP, OSCE, OSEE, GXPN, or government-recognized advanced offensive security credentials
Experience with AI/ML integration in offensive cyber operations and automated threat emulation
Extensive background in malware analysis, reverse engineering, exploit development, or vulnerability research
Experience with multi-domain intelligence analysis correlating cyber, SIGINT, ELINT, and other intelligence sources
Publications or conference presentations on offensive cyber research or techniques
Contributions to open-source offensive security tools or frameworks
Additional Skills
Experience with Agile development methodologies and leading agile teams
Advanced system architecture and design experience for large-scale security systems
Performance optimization and scalability experience for high-throughput data processing
Experience with cloud security (AWS, Azure, GCP) and cloud-native attack techniques
Deep knowledge of wireless security, IoT protocols, and electromagnetic spectrum operations
Expertise with forensics tools, incident response procedures, and defensive cyber operations
Understanding of government acquisition processes and requirements development
Benefits
What's on the table:
Health. Medical, dental, and vision plan options. Life / AD&D, disability coverage options.
Family. Paid parental leave for eligible full-time employees. 12 weeks for birthing parents, 4 for non-birthing parents, 6 weeks for adoptive, foster, or intended parents through surrogacy.
Vacation. Paid holidays and flexible PTO. Take what you need.
Retirement. 401(k) with pre-tax and Roth options. HSA/FSA options, dependent care FSA.
At the office. Commuter benefits. On-site garage parking. Bike storage. Building fitness center. Desk setup stipend.
Benefits vary by location, role, and eligibility. Full plan details provided during the interview and offer process.
If this role sounds like you, apply and share with us your interest.
Some positions may require eligibility to obtain a U.S. Government security clearance. Any clearance requirement will be listed in the role description.
Twenty is an equal opportunity employer. We consider all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, veteran status, disability, or any other protected status.
If you need a reasonable accommodation during the hiring process, let us know and we will work with you.
- ...America is under sustained cyber attack. Our adversaries infiltrate... ...() industrializes offensive cyber operations for the U.S.... ...for Twenty’s offensive cyber research program—setting the long-term... ...You’ll partner closely with engineering, product, and operations leaders...SuggestedFull timeWork at officeFlexible hours
$92k - $195k
MAXAR TECHNOLOGIES, INC. is seeking a Cyber Operations Capabilities Developer in Maryland to build advanced offensive cyber tooling. The role involves programming in C and Python, conducting reverse engineering, and developing capabilities. Candidates should have a Bachelor...Suggested$160k - $205k
...Senior Full Stack Pentester – Cyber Security Assurance Division... ...to join a team of world‑class offensive security professionals. In this... ...leading and performing research, understanding the bank’s security... ...by mentoring junior engineers, and assist with monitoring and...SuggestedWork at officeRemote workShift workDay shift- ...Senior Offensive Security Engineer - Pentester Denver, Colorado;Seattle, Washington; Jacksonville,... ...opportunity to shine and grow. The Cyber Security Assurance Division is looking... ...include leading and performing research, understanding the bank's security policy...SuggestedWork at officeRemote workShift workDay shift
- ...stakeholders; support readouts, status updates, and remediation Q&A Required Qualifications: 2+ years of Cybersecurity Research experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience...SuggestedWork experience placement
- ...Apogee Global RMS is seeking a Senior Cybersecurity Engineer / Offensive Security Lead to support high‑visibility federal and IC programs.... ...adversaries, and partner with federal stakeholders to strengthen cyber resilience across complex infrastructures. Key...
- ...platform and our Autonomous Exposure Validation (AEV) product. About The Role We're looking for a technically strong Sales Engineer with an offensive security background to join our US sales team. You will be the trusted technical voice in the sales cycle, helping...Remote job
- ...Washington D.C., Pentagon, Springfield, VA., Chantilly, VA., Tysons Corner, VA. Description: We are seeking a Junior Cyber Risk Data Engineer/Analyst . This role focuses on the data side of cyber risk management - capturing outputs from senior SMEs, tagging and...InternshipShift work
$124k - $140k
...Responsibilities Implements technical solutions to novel research problems. Collaborates with more senior research staff to transform research ideas into implemented solutions. Contributes to larger team efforts in implementing research prototypes. Contributes to documentation...$188k - $275k
...Information Security team is seeking an experienced and talented offensive security engineer to join our team. As part of the Information Security... ...reviews for development teams within the business Research/stay abreast of new hacking techniques and find ways to counter...Permanent employmentTemporary workCasual workWork at officeRemote workFlexible hours$100k - $190k
...Description The Cato Institute seeks qualified candidates for the Senior Research Engineer, Applied AI position. AI tools are proliferating rapidly. Making them genuinely useful for policy research requires someone who bridges the gap between what these systems have the...Full time$115k - $181k
Overview i3 is seeking a Vulnerability Research Engineer to support the Naval Research Laboratory’s Tactical Electronic Warfare Division. You will reverse engineer and analyze software and build purpose-driven tools that help teams test, characterize, and understand real...- Integration Innovation, Inc. (i3) is seeking a Vulnerability Research Engineer in Washington, DC to support the Naval Research Laboratory’s Tactical Electronic Warfare Division. This role involves reverse engineering software, analyzing systems, and developing tools to...
$124k - $140k
The University of Southern California is seeking a skilled researcher for a position focused on implementing technical solutions for advanced research problems. The ideal candidate will hold a Master’s degree and possess at least 5 years of relevant experience, particularly...$220k - $292k
...Machine Learning Research Engineer Washington, District of Columbia, United States Anduril Industries is a defense technology company with a mission to transform U.S. and allied military capabilities with advanced technology. By bringing the expertise, technology...Full timeWork experience placementImmediate start- We are seeking a Scientific, Engineering, and Technical Assistance (SETA) Support Specialist to join our team in support of a government research organization dedicated to investing in high‑risk, high‑payoff research programs to tackle some of the most difficult challenges...Work experience placement
- Dormont Manufacturing Co is seeking a Cardiovascular Catheter Engineer to join their team in Bethesda, MD. This full-time position entails supporting engineering research in the National Heart Lung and Blood Institute. Responsibilities include designing catheter components...Full time
- ...applications and platforms through hands-on offensive testing. As an Assessments &... ...leveraging threat intelligence, security research, and participation in relevant industry... ...Java, Rust). Experience in reverse engineering thick-client and mobile applications to...
$160k - $205k
...Framework Program within Bank of America's Cyber Security Assurance Offensive Security group. The program... ...5 of the following areas: security engineering application architecture authentication... ...frameworks, CVE and CWE research/reproduction Threat Analysis, threat...Shift workDay shift- Guidehouse is looking for a Cardiac Catheter Development Engineer in Bethesda, MD. This full-time onsite position involves supporting cardiovascular research through design, prototyping, and testing of catheter technologies. Candidates should possess a bachelor's degree...Full time
- ...Alexandria, Va Required Clearance: Top Secret Clearance Certifications: Holds or is working toward penetration testing and offensive security certifications appropriate for DoD environments, such as CEH, PenTest+, GPEN, OSCP, or equivalent DoD 8570/8140-approved...Temporary workFlexible hours
$115k - $203k
...identified vulnerabilities and demonstrate exploitability to engineering teams, security peers, and senior leadership. Collaborate with... ...with the broader security team and mentor engineers on offensive techniques and how to think like an attacker. Basic Qualifications...Hourly payFull timeWork at officeWork from homeMonday to Thursday$95k - $112k
...Cybersecurity Architecture and Engineering, Critical Infrastructure and... ...the Diplomatic Security Cyber Mission (DSCM) program providing... ...testing competence: Offensive Security Certified Professional... ...(PNPT) GIAC Exploit Researcher and Advanced Penetration Tester...Contract workRemote work- ...project scoping and SOW creation Perform offensive engagements including red teaming and... ..., mobile applications, social engineering, phishing, physical security, wireless networks... ...assessments, social engineering, and other cyber-security consulting functions...Work experience placement
$76.7k - $129.5k
...State Applicants .POSITION SPECIFICSWe are searching for motivated and talented Software Engineer join our Comprehensive Software Solutions (CSS) Department of the Applied Research Laboratory (ARL) at Penn State. CSS applies a wide variety of software concepts, techniques...Full timeWork experience placementRemote work$86.8k - $198k
# Cyber EngineerBooz Allen HamiltonFull TimemidArlington, Virginia, USPosted 6 days ago## Role OverviewBooz Allen Hamilton is hiring a mid-level Cyber Engineer. This is a full-time role in Arlington. posted 6 days ago. Full responsibilities, required qualifications, and...Full timeContract workPart timeWork at officeLocal areaRemote work$140k - $190k
...Security Engineer As a Security Engineer at Method Security, you will be instrumental in expanding the capabilities of our product... ...Key Responsibilities Build and extend defensive and offensive security-focused tools and workflows that enhance the effectiveness...$125k - $190k
...consultants work side by side with client organizations to help them make smarter decisions about their people. The Talent Intelligence Research Engineer is the analytical engine behind that work. In this role, you will be embedded on client-facing consulting teams, working...$300 per month
...and Technology Policy Institute (STPI) is a federally funded research and development center (FFRDC) operated by the Institute for Defense... ...for a Research Analyst with expertise in space science, engineering, or policy. Candidates with backgrounds in aerospace engineering...Work at officeLocal areaImmediate startRemote workRelocation packageFlexible hours- ...Clearance B.S. Computer Science, Information Technology, or a related field 5+ years of experience conducting penetration testing or offensive cybersecurity operations. Experience performing enterprise penetration testing. Experience with network and application security...Remote work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Offensive Cyber Research Engineer. Be the first to apply!
- information system security engineer Washington DC
- information technology security engineer Washington DC
- dlp security engineer Washington DC
- endpoint security engineer Washington DC
- security engineer Washington DC
- offensive security engineer Washington DC
- sr information security engineer Washington DC
- senior application security engineer Washington DC
- security operations engineer Washington DC
- aws cloud security engineer Washington DC


