jobloom

JobLoom finds jobs directly from company career sites before many job boards, then routes you into detailed role pages like this one.

research

Posted Oct 12, 2025

Offensive Cyber Research Engineer

at Twenty

On-site
AWSGCPAzurePythonGoKubernetesDockerAgilegolang

Responsibilities

  • ROLE DETAILS TECHNICAL LEADERSHIP & ARCHITECTURE - Lead the architecture and design of sophisticated attack path frameworks that emulate advanced persistent threat (APT) behaviors and nation-state TTPs - Establish technical standards and best practices for offensive cyber tool development across the organization - Evaluate and recommend engineering courses of action for new offensive capabilities and system enhancements - Drive technical decision-making for complex offensive cyber integrations and

Requirements

  • experience in one or more of the following domains: - Digital Network Exploitation Analysis (DNEA) within U.S.
  • experience mentoring offensive cyber engineers and leading research initiatives - Deep expertise in the MITRE ATT&CK framework with proven track record developing and implementing advanced adversary TTPs across multiple tactics - Expert-level
  • experience operating and extending industry-standard threat emulation platforms (Cobalt Strike, Metasploit, custom C2 frameworks) with proven ability to develop sophisticated custom payloads, modules, and evasion techniques - Extensive
  • experience integrating and analyzing diverse threat intelligence sources including commercial feeds, OSINT, and government intelligence - Advanced proficiency in implementing sophisticated persistence mechanisms, advanced defense evasion techniques, counter-forensics, and anti-analysis methods - Expert containerization and orchestration
  • experience using Docker and Kubernetes for secure, scalable offensive tool deployment - Advanced programming and software architecture skills in Python and Golang, with demonstrated ability to build maintainable, production-grade security tools and automation frameworks - Expert-level
  • experience writing complex graph queries and developing graph-based analytical tools using Neo4j or similar graph databases - Comprehensive knowledge of cybersecurity across network security, application security, secure coding, cryptography, and security architecture - Extensive practical
  • experience in offensive cyber operations including advanced payload development, post-exploitation frameworks, command and control infrastructure, and multi-stage attack chains - Expert knowledge of red team methodologies including campaign planning, operational security (OPSEC), adversary simulation, and realistic threat emulation based on intelligence-driven scenarios LEADERSHIP & COMMUNICATION SKILLS - Proven ability to lead technical projects and mentor engineering teams - Strong communication skills
  • Experience conducting thorough code reviews and establishing development standards for security tools - Track record of driving technical decision-making and influencing strategic direction EDUCATION - Bachelor's degree in Computer Science, Software Engineering, Cybersecurity, or related field; Master's degree preferred, or equivalent practical experience SECURITY
  • experience in government cyber operations units or intelligence organizations conducting DNEA or EA operations -
  • Experience leading offensive cyber capability development programs or research initiatives - Track record of developing novel offensive techniques or tools adopted by operational units - Advanced certifications such as OSCP, OSCE, OSEE, GXPN, or government-recognized advanced offensive security credentials -
  • Experience with AI/ML integration in offensive cyber operations and automated threat emulation - Extensive background in malware analysis, reverse engineering, exploit development, or vulnerability research -
  • Experience with multi-domain intelligence analysis correlating cyber, SIGINT, ELINT, and other intelligence sources - Publications or conference presentations on offensive cyber research or techniques - Contributions to open-source offensive security tools or frameworks ADDITIONAL SKILLS -
  • Experience with Agile development methodologies and leading agile teams - Advanced system architecture and design
  • experience for large-scale security systems - Performance optimization and scalability
  • experience for high-throughput data processing -
  • Experience with cloud security (AWS, Azure, GCP) and cloud-native attack techniques - Deep knowledge of wireless security, IoT protocols, and electromagnetic spectrum operations - Expertise with forensics tools, incident response procedures, and defensive cyber operations - Understanding of government acquisition processes and requirements development
  • Some positions may require eligibility to obtain a U.S.

Experience

  • We're looking for someone with 6-8 years of deep technical expertise in offensive cyber operations, software development, and research, combined with proven leadership
  • EXPERIENCE - 6-8 years of threat research, offensive cyber operations, and software development

Benefits

  • Twenty was founded to change that, by making our adversaries think twice before they attack us. Our vision is American and allied primacy in cyberspace—a future where they cannot contest us, deterrence is assured, and the free world remains secure.
  • Medical, dental, and vision plan options.
  • Life / AD&D, disability coverage options. - Family.
  • Paid parental leave for eligible full-time employees. 12 weeks for birthing parents, 4 for non-birthing parents, 6 weeks for adoptive, foster, or intended parents through surrogacy. - Vacation.
  • Paid holidays and flexible PTO.
  • Take what you need. - Retirement. 401(k) with pre-tax and Roth options.
  • Building fitness center. Desk setup stipend.

Contact

  • Founded in 2024, Twenty Technologies (www.twenty.io http://www.twenty.io) industrializes offensive cyber operations for the U.S. and its allies.

Additional details

  • ABOUT THE COMPANY America is under sustained cyber attack.
  • Our adversaries infiltrate our networks, steal our IP, and degrade the digital infrastructure that modern life runs on.
  • They’ve learned—correctly—that those attacks rarely produce consequences.
  • Headquartered in Arlington, Virginia, Twenty has raised $38M from Caffeinated Capital, General Catalyst, and In-Q-Tel.
  • Twenty is seeking an exceptionally skilled Offensive Cyber Research Engineer for an in-office position in its Arlington, VA office to lead the development of sophisticated offensive cyber capabilities that defend democracies worldwide.
  • experience mentoring engineers and driving strategic technical initiatives.
  • In this role, you'll architect and lead the development of advanced attack path frameworks, establish engineering best practices for offensive tooling, mentor junior researchers, and serve as a technical authority on adversarial techniques and red team operations.
  • You'll leverage your extensive operational background—ideally from government/military Digital Network Exploitation Analysis (DNEA), Exploitation Analyst (EA) operations, advanced penetration testing, or threat intelligence analysis—to shape the technical direction of our offensive cyber capabilities and build the next generation of cyber technologies for the United States and its allies.
  • requirements and capability gaps - Translate operational feedback into technical
  • requirements and development priorities - Lead technical demonstrations showcasing offensive cyber capabilities to stakeholders - Provide subject matter expertise for customer engagements and strategic planning sessions

Find more real-time jobs on JobLoom.