Principal Offensive Cyber Research Engineer

About the Company America is under sustained cyber attack. Our adversaries infiltrate our networks, steal our IP, and degrade the digital infrastructure that modern life runs on. They’ve learned—correctly—that those attacks rarely produce consequences. Twenty was founded to change that, by making our adversaries think twice before they attack us. Our vision is American and allied primacy in cyberspace—a future where they cannot contest us, deterrence is assured, and the free world remains secure. Founded in 2024, Twenty Technologies ( www.twenty.io ) industrializes offensive cyber operations for the U.S. and its allies. Headquartered in Arlington, Virginia, Twenty has raised $38M from Caffeinated Capital, General Catalyst, and In-Q-Tel. Role Summary You will serve as the preeminent technical authority for Twenty’s offensive cyber research program—setting the long-term vision, raising the bar on technical execution, and driving breakthroughs in adversary emulation and attack automation. Your work will shape how we build and standardize offensive capabilities that support real-world national security outcomes. You’ll partner closely with engineering, product, and operations leaders, and you’ll regularly advise executive leadership and government stakeholders on strategy, technical risk, and capability evolution. Who You Are You’re motivated by mission-driven work that helps defend democracies in the cyber domain. You set a high technical bar and raise it—through clear standards, strong reviews, and hands-on mentorship. You’re calm under pressure and comfortable making high-stakes decisions with incomplete information. You think in systems: tradeoffs, second-order effects, operational constraints, and long-term maintainability. You have the presence to influence executives and senior government stakeholders without overselling. You balance innovation with operational discipline—prioritizing safety, rigor, and responsible stewardship. You communicate with precision: crisp written artifacts, clear technical narratives, and direct feedback. What You’ll Do Define and drive the long-term technical vision and roadmap for Twenty’s offensive cyber research and capabilities. Serve as the principal technical advisor to executive leadership on strategy, capability development, and technical risk. Lead groundbreaking research into advanced adversary behaviors and next-generation offensive cyber techniques. Establish company-wide standards, frameworks, and best practices for offensive tooling and engineering quality. Architect and guide development of advanced adversary emulation and attack automation systems built for scale. Lead technical governance (e.g., architecture reviews) and provide authoritative guidance on complex decisions. Mentor Staff and Senior engineers, build growth plans, and strengthen the organization’s technical leadership bench. Recruit, interview, and assess top-tier offensive cyber talent to build and sustain world-class teams. Lead technical engagements with senior government stakeholders—translating complex capabilities into decision-grade clarity. Build strategic research partnerships across government, academia, and industry to accelerate innovation and impact. Must Have You have 8–12 years of distinguished experience across offensive cyber operations, advanced research, and software development. You have served in senior technical leadership roles in one or more of: government/military DNEA, Exploitation Analyst (EA) operations, elite red teams, or nation-state threat research. You have defined technical strategy and led large-scale initiatives that shipped durable, high-impact capabilities. You have expert-level understanding of adversary behaviors and TTPs, including deep familiarity with MITRE ATT&CK. You have demonstrated technical judgment in designing complex, scalable systems and establishing engineering standards. You have led and mentored senior engineers, including setting expectations, running technical reviews, and developing talent. You have strong executive and customer communication skills, with experience briefing senior leaders and shaping decisions. You are eligible to obtain a U.S. Government security clearance. Nice To Have You have deployed offensive cyber capabilities into operational use with measurable mission impact. You have a track record of thought leadership through publications, conference talks, or widely respected technical writing. You have deep background in malware development, vulnerability research, or exploit engineering with notable discoveries. You hold advanced technical certifications (e.g., OSEE, GXPN, or equivalent government credentials). You have experience with multi-source intelligence fusion or cross-domain operational environments. You have familiarity with acquisition/requirements processes and guiding capability development across multiple teams. Tech Environment (You Might Work With) You might work with modern systems programming and scripting languages (e.g., C/C++, Rust, Python). You might work with cloud environments and cloud security across major providers (AWS, Azure, GCP). You might work with graph-based analysis and large-scale data processing systems. You might work with AI/ML workflows applied to adversary emulation and automation. You might work with containerized infrastructure, CI/CD, and production-grade observability. Security / Work Environment This role requires eligibility to obtain a U.S. Government security clearance. Some work may involve operating in a controlled environment. Benefits What's on the table: Health. Medical, dental, and vision plan options. Life / AD&D, disability coverage options. Family. Paid parental leave for eligible full-time employees. 12 weeks for birthing parents, 4 for non-birthing parents, 6 weeks for adoptive, foster, or intended parents through surrogacy. Vacation. Paid holidays and flexible PTO. Take what you need. Retirement. 401(k) with pre-tax and Roth options. HSA/FSA options, dependent care FSA. At the office. Commuter benefits. On-site garage parking. Bike storage. Building fitness center. Desk setup stipend. Benefits vary by location, role, and eligibility. Full plan details provided during the interview and offer process. If this role sounds like you, apply and share with us your interest. Some positions may require eligibility to obtain a U.S. Government security clearance. Any clearance requirement will be listed in the role description. Twenty is an equal opportunity employer. We consider all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, veteran status, disability, or any other protected status. If you need a reasonable accommodation during the hiring process, let us know and we will work with you.

{
  "content_hash": "276816a0b32f8d123da3c4dd9d27e08e659f463ea8f42fc946941b5b20df4999",
  "source_hash": "619e0daa5bca7e6347a1fd0d6988afe1cdbb4ab7cc72cba5ea2b0c968eda3e8f",
  "last_changed_at": "2026-05-29T07:13:43.978Z",
  "active_status": "active"
}

{
  "language": "en",
  "location": {
    "raw": "Washington DC",
    "city": "Washington DC",
    "region": "DC",
    "country": "United States",
    "is_remote": false,
    "confidence": 0.75
  },
  "salary_max": null,
  "salary_min": null,
  "inferred_at": "2026-06-06T09:39:52.309Z",
  "launch_scope": {
    "reason": "english_us_canada",
    "included": true,
    "language": "en",
    "location": {
      "raw": "Washington DC",
      "city": "Washington DC",
      "region": "DC",
      "country": "United States",
      "is_remote": false,
      "confidence": 0.75
    },
    "countries": [
      "United States"
    ]
  },
  "remote_policy": null,
  "salary_period": null,
  "workplace_type": "on_site",
  "salary_currency": null
}

{}

{
  "id": "f66356d5-a5e5-40dc-b117-c07c83ce3aae",
  "team": "Engineering, Non-SWE",
  "title": "Principal Offensive Cyber Research Engineer",
  "jobUrl": "https://jobs.ashbyhq.com/twenty/f66356d5-a5e5-40dc-b117-c07c83ce3aae",
  "address": null,
  "applyUrl": "https://jobs.ashbyhq.com/twenty/f66356d5-a5e5-40dc-b117-c07c83ce3aae/application",
  "isListed": true,
  "isRemote": false,
  "location": "Washington DC",
  "updatedAt": null,
  "apiVersion": "ashby-non-user-graphql-v1",
  "department": "Engineering",
  "publishedAt": null,
  "workplaceType": "OnSite",
  "employmentType": "FullTime",
  "secondaryLocations": []
}