Twenty
Twenty is seeking an exceptionally skilled Staff Offensive Cyber Research Engineer for an in-office position in its Arlington, VA office to lead the development of sophisticated offensive cyber capabilities that defend democracies worldwide. We're looking for someone with 6-8 years of deep technical expertise in offensive cyber operations, software development, and research, combined with proven leadership experience mentoring engineers and driving strategic technical initiatives. In this role, you'll architect and lead the development of advanced attack path frameworks, establish engineering best practices for offensive tooling, mentor junior researchers, and serve as a technical authority on adversarial techniques and red team operations. You'll leverage your extensive operational background—ideally from government/military Digital Network Exploitation Analysis (DNEA), Exploitation Analyst (EA) operations, advanced penetration testing, or threat intelligence analysis—to shape the technical direction of our offensive cyber capabilities and build the next generation of cyber technologies for the United States and its allies.
About the Company At Twenty, we're taking on one of the most critical challenges of our time: defending democracies in the digital age. We develop revolutionary technologies that operate at the intersection of cyber and electromagnetic domains, where the speed and complexity of operations exceeds human cognition. Our team doesn't just solve problems – we deliver game-changing outcomes that directly improve national security. We're pragmatic optimists who understand that while our mission of defending America and its allies is challenging, we can succeed.
Role Details Technical Leadership & Architecture
Lead the architecture and design of sophisticated attack path frameworks that emulate advanced persistent threat (APT) behaviors and nation-state TTPs
Establish technical standards and best practices for offensive cyber tool development across the organization
Evaluate and recommend engineering courses of action for new offensive capabilities and system enhancements
Drive technical decision-making for complex offensive cyber integrations and performance optimizations
Architect scalable, modular frameworks for attack technique automation and adversary emulation
Research & Innovation
Conduct advanced research into emerging adversary techniques, zero-day exploitation strategies, and novel attack vectors
Develop proof-of-concept tools and techniques that push the boundaries of offensive cyber capabilities
Stay current with threat actor innovations and translate emerging TTPs into defensive and offensive capabilities
Publish internal research findings and contribute to the broader cyber security research community
Identify capability gaps and lead initiatives to develop new offensive tools and methodologies
Team Leadership & Mentorship
Mentor and provide technical guidance to offensive cyber engineers and researchers, conducting thorough code reviews and knowledge transfer
Lead technical discussions and facilitate strategic planning sessions for offensive capability development
Organize research efforts and coordinate cross-functional collaboration with data engineering, backend, and intelligence analysis teams
Establish and maintain engineering best practices, secure coding standards, and operational security procedures
Guide junior engineers in understanding complex adversary behaviors and translating them into technical implementations
Attack Path Development & Implementation
Design and implement advanced attack paths that emulate sophisticated adversary campaigns across multiple domains
Create reusable, production-grade components for complex attack techniques including credential harvesting, lateral movement, and defense evasion
Develop custom tooling and automation frameworks that operate at machine speed for large-scale adversary emulation
Data Engineering & Intelligence Integration
Lead the design of ETL pipelines for processing threat intelligence, security logs, and operational data at scale
Architect standardized schemas for cyber operations datasets that support graph-based analysis and AI/ML workflows
Implement advanced data enrichment pipelines that integrate diverse threat intelligence sources
Design efficient storage and retrieval systems for large-scale security-relevant data
Operational Collaboration
Work closely with government customers and operational teams to understand mission requirements and capability gaps
Translate operational feedback into technical requirements and development priorities
Lead technical demonstrations showcasing offensive cyber capabilities to stakeholders
Provide subject matter expertise for customer engagements and strategic planning sessions
Qualifications Technical Skills & Experience
6-8 years of threat research, offensive cyber operations, and software development experience
Expert-level operational cyber security experience in one or more of the following domains:
Digital Network Exploitation Analysis (DNEA) within U.S. Government military or intelligence organizations
Exploitation Analyst (EA) operations conducting advanced network exploitation and intelligence analysis
Advanced Penetration Testing/Red Teaming leading sophisticated offensive security assessments
Senior-level Threat Hunting and threat intelligence analysis in high-stakes environments
Demonstrated technical leadership experience mentoring offensive cyber engineers and leading research initiatives
Deep expertise in the MITRE ATT&CK framework with proven track record developing and implementing advanced adversary TTPs across multiple tactics
Expert-level experience operating and extending industry-standard threat emulation platforms (Cobalt Strike, Metasploit, custom C2 frameworks) with proven ability to develop sophisticated custom payloads, modules, and evasion techniques
Extensive experience integrating and analyzing diverse threat intelligence sources including commercial feeds, OSINT, and government intelligence
Advanced proficiency in implementing sophisticated persistence mechanisms, advanced defense evasion techniques, counter-forensics, and anti-analysis methods
Expert containerization and orchestration experience using Docker and Kubernetes for secure, scalable offensive tool deployment
Advanced programming and software architecture skills in Python and Golang, with demonstrated ability to build maintainable, production-grade security tools and automation frameworks
Expert-level experience writing complex graph queries and developing graph-based analytical tools using Neo4j or similar graph databases
Comprehensive knowledge of cybersecurity across network security, application security, secure coding, cryptography, and security architecture
Extensive practical experience in offensive cyber operations including advanced payload development, post-exploitation frameworks, command and control infrastructure, and multi-stage attack chains
Expert knowledge of red team methodologies including campaign planning, operational security (OPSEC), adversary simulation, and realistic threat emulation based on intelligence-driven scenarios
Leadership & Communication Skills
Proven ability to lead technical projects and mentor engineering teams
Strong communication skills with ability to explain complex offensive techniques to diverse audiences including executives and government officials
Experience conducting thorough code reviews and establishing development standards for security tools
Track record of driving technical decision-making and influencing strategic direction
Education
Bachelor's degree in Computer Science, Software Engineering, Cybersecurity, or related field; Master's degree preferred, or equivalent practical experience
Security Requirements
Must be eligible to obtain a U.S. Government security clearance
Distinguishing Qualifications
Previous technical leadership experience in government cyber operations units or intelligence organizations conducting DNEA or EA operations
Experience leading offensive cyber capability development programs or research initiatives
Track record of developing novel offensive techniques or tools adopted by operational units
Advanced certifications such as OSCP, OSCE, OSEE, GXPN, or government-recognized advanced offensive security credentials
Experience with AI/ML integration in offensive cyber operations and automated threat emulation
Extensive background in malware analysis, reverse engineering, exploit development, or vulnerability research
Experience with multi-domain intelligence analysis correlating cyber, SIGINT, ELINT, and other intelligence sources
Publications or conference presentations on offensive cyber research or techniques
Contributions to open-source offensive security tools or frameworks
Additional Skills
Experience with Agile development methodologies and leading agile teams
Advanced system architecture and design experience for large-scale security systems
Performance optimization and scalability experience for high-throughput data processing
Experience with cloud security (AWS, Azure, GCP) and cloud-native attack techniques
Deep knowledge of wireless security, IoT protocols, and electromagnetic spectrum operations
Expertise with forensics tools, incident response procedures, and defensive cyber operations
Understanding of government acquisition processes and requirements development
#J-18808-Ljbffr
About the Company At Twenty, we're taking on one of the most critical challenges of our time: defending democracies in the digital age. We develop revolutionary technologies that operate at the intersection of cyber and electromagnetic domains, where the speed and complexity of operations exceeds human cognition. Our team doesn't just solve problems – we deliver game-changing outcomes that directly improve national security. We're pragmatic optimists who understand that while our mission of defending America and its allies is challenging, we can succeed.
Role Details Technical Leadership & Architecture
Lead the architecture and design of sophisticated attack path frameworks that emulate advanced persistent threat (APT) behaviors and nation-state TTPs
Establish technical standards and best practices for offensive cyber tool development across the organization
Evaluate and recommend engineering courses of action for new offensive capabilities and system enhancements
Drive technical decision-making for complex offensive cyber integrations and performance optimizations
Architect scalable, modular frameworks for attack technique automation and adversary emulation
Research & Innovation
Conduct advanced research into emerging adversary techniques, zero-day exploitation strategies, and novel attack vectors
Develop proof-of-concept tools and techniques that push the boundaries of offensive cyber capabilities
Stay current with threat actor innovations and translate emerging TTPs into defensive and offensive capabilities
Publish internal research findings and contribute to the broader cyber security research community
Identify capability gaps and lead initiatives to develop new offensive tools and methodologies
Team Leadership & Mentorship
Mentor and provide technical guidance to offensive cyber engineers and researchers, conducting thorough code reviews and knowledge transfer
Lead technical discussions and facilitate strategic planning sessions for offensive capability development
Organize research efforts and coordinate cross-functional collaboration with data engineering, backend, and intelligence analysis teams
Establish and maintain engineering best practices, secure coding standards, and operational security procedures
Guide junior engineers in understanding complex adversary behaviors and translating them into technical implementations
Attack Path Development & Implementation
Design and implement advanced attack paths that emulate sophisticated adversary campaigns across multiple domains
Create reusable, production-grade components for complex attack techniques including credential harvesting, lateral movement, and defense evasion
Develop custom tooling and automation frameworks that operate at machine speed for large-scale adversary emulation
Data Engineering & Intelligence Integration
Lead the design of ETL pipelines for processing threat intelligence, security logs, and operational data at scale
Architect standardized schemas for cyber operations datasets that support graph-based analysis and AI/ML workflows
Implement advanced data enrichment pipelines that integrate diverse threat intelligence sources
Design efficient storage and retrieval systems for large-scale security-relevant data
Operational Collaboration
Work closely with government customers and operational teams to understand mission requirements and capability gaps
Translate operational feedback into technical requirements and development priorities
Lead technical demonstrations showcasing offensive cyber capabilities to stakeholders
Provide subject matter expertise for customer engagements and strategic planning sessions
Qualifications Technical Skills & Experience
6-8 years of threat research, offensive cyber operations, and software development experience
Expert-level operational cyber security experience in one or more of the following domains:
Digital Network Exploitation Analysis (DNEA) within U.S. Government military or intelligence organizations
Exploitation Analyst (EA) operations conducting advanced network exploitation and intelligence analysis
Advanced Penetration Testing/Red Teaming leading sophisticated offensive security assessments
Senior-level Threat Hunting and threat intelligence analysis in high-stakes environments
Demonstrated technical leadership experience mentoring offensive cyber engineers and leading research initiatives
Deep expertise in the MITRE ATT&CK framework with proven track record developing and implementing advanced adversary TTPs across multiple tactics
Expert-level experience operating and extending industry-standard threat emulation platforms (Cobalt Strike, Metasploit, custom C2 frameworks) with proven ability to develop sophisticated custom payloads, modules, and evasion techniques
Extensive experience integrating and analyzing diverse threat intelligence sources including commercial feeds, OSINT, and government intelligence
Advanced proficiency in implementing sophisticated persistence mechanisms, advanced defense evasion techniques, counter-forensics, and anti-analysis methods
Expert containerization and orchestration experience using Docker and Kubernetes for secure, scalable offensive tool deployment
Advanced programming and software architecture skills in Python and Golang, with demonstrated ability to build maintainable, production-grade security tools and automation frameworks
Expert-level experience writing complex graph queries and developing graph-based analytical tools using Neo4j or similar graph databases
Comprehensive knowledge of cybersecurity across network security, application security, secure coding, cryptography, and security architecture
Extensive practical experience in offensive cyber operations including advanced payload development, post-exploitation frameworks, command and control infrastructure, and multi-stage attack chains
Expert knowledge of red team methodologies including campaign planning, operational security (OPSEC), adversary simulation, and realistic threat emulation based on intelligence-driven scenarios
Leadership & Communication Skills
Proven ability to lead technical projects and mentor engineering teams
Strong communication skills with ability to explain complex offensive techniques to diverse audiences including executives and government officials
Experience conducting thorough code reviews and establishing development standards for security tools
Track record of driving technical decision-making and influencing strategic direction
Education
Bachelor's degree in Computer Science, Software Engineering, Cybersecurity, or related field; Master's degree preferred, or equivalent practical experience
Security Requirements
Must be eligible to obtain a U.S. Government security clearance
Distinguishing Qualifications
Previous technical leadership experience in government cyber operations units or intelligence organizations conducting DNEA or EA operations
Experience leading offensive cyber capability development programs or research initiatives
Track record of developing novel offensive techniques or tools adopted by operational units
Advanced certifications such as OSCP, OSCE, OSEE, GXPN, or government-recognized advanced offensive security credentials
Experience with AI/ML integration in offensive cyber operations and automated threat emulation
Extensive background in malware analysis, reverse engineering, exploit development, or vulnerability research
Experience with multi-domain intelligence analysis correlating cyber, SIGINT, ELINT, and other intelligence sources
Publications or conference presentations on offensive cyber research or techniques
Contributions to open-source offensive security tools or frameworks
Additional Skills
Experience with Agile development methodologies and leading agile teams
Advanced system architecture and design experience for large-scale security systems
Performance optimization and scalability experience for high-throughput data processing
Experience with cloud security (AWS, Azure, GCP) and cloud-native attack techniques
Deep knowledge of wireless security, IoT protocols, and electromagnetic spectrum operations
Expertise with forensics tools, incident response procedures, and defensive cyber operations
Understanding of government acquisition processes and requirements development
#J-18808-Ljbffr