Principal Offensive Cyber Research Engineer
About the Company
At Twenty, we're taking on one of the most critical challenges of our time: defending democracies in the digital age. We develop revolutionary technologies that operate at the intersection of the cyber and electromagnetic domains, where the speed of operations exceeds human sensing and complexity transcends conventional boundaries. Our team doesn't just solve problems – we deliver game-changing outcomes that directly impact national security. We're pragmatic optimists who understand that while our mission of protecting America and its allies is challenging, success is possible.
Role Summary
You will serve as the preeminent technical authority for Twenty’s offensive cyber research program—setting the long-term vision, raising the bar on technical execution, and driving breakthroughs in adversary emulation and attack automation. Your work will shape how we build and standardize offensive capabilities that support real-world national security outcomes. You’ll partner closely with engineering, product, and operations leaders, and you’ll regularly advise executive leadership and government stakeholders on strategy, technical risk, and capability evolution.
Who You Are
You’re motivated by mission-driven work that helps defend democracies in the cyber domain.
You set a high technical bar and raise it—through clear standards, strong reviews, and hands-on mentorship.
You’re calm under pressure and comfortable making high-stakes decisions with incomplete information.
You think in systems: tradeoffs, second-order effects, operational constraints, and long-term maintainability.
You have the presence to influence executives and senior government stakeholders without overselling.
You balance innovation with operational discipline—prioritizing safety, rigor, and responsible stewardship.
You communicate with precision: crisp written artifacts, clear technical narratives, and direct feedback.
What You’ll Do
Define and drive the long-term technical vision and roadmap for Twenty’s offensive cyber research and capabilities.
Serve as the principal technical advisor to executive leadership on strategy, capability development, and technical risk.
Lead groundbreaking research into advanced adversary behaviors and next-generation offensive cyber techniques.
Establish company-wide standards, frameworks, and best practices for offensive tooling and engineering quality.
Architect and guide development of advanced adversary emulation and attack automation systems built for scale.
Lead technical governance (e.g., architecture reviews) and provide authoritative guidance on complex decisions.
Mentor Staff and Senior engineers, build growth plans, and strengthen the organization’s technical leadership bench.
Recruit, interview, and assess top-tier offensive cyber talent to build and sustain world-class teams.
Lead technical engagements with senior government stakeholders—translating complex capabilities into decision-grade clarity.
Build strategic research partnerships across government, academia, and industry to accelerate innovation and impact.
Must Have
You have 8–12 years of distinguished experience across offensive cyber operations, advanced research, and software development.
You have served in senior technical leadership roles in one or more of: government/military DNEA, Exploitation Analyst (EA) operations, elite red teams, or nation-state threat research.
You have defined technical strategy and led large-scale initiatives that shipped durable, high-impact capabilities.
You have expert-level understanding of adversary behaviors and TTPs, including deep familiarity with MITRE ATT&CK.
You have demonstrated technical judgment in designing complex, scalable systems and establishing engineering standards.
You have led and mentored senior engineers, including setting expectations, running technical reviews, and developing talent.
You have strong executive and customer communication skills, with experience briefing senior leaders and shaping decisions.
You are eligible to obtain a U.S. Government security clearance.
Nice To Have
You have deployed offensive cyber capabilities into operational use with measurable mission impact.
You have a track record of thought leadership through publications, conference talks, or widely respected technical writing.
You have deep background in malware development, vulnerability research, or exploit engineering with notable discoveries.
You hold advanced technical certifications (e.g., OSEE, GXPN, or equivalent government credentials).
You have experience with multi-source intelligence fusion or cross-domain operational environments.
You have familiarity with acquisition/requirements processes and guiding capability development across multiple teams.
Tech Environment (You Might Work With)
You might work with modern systems programming and scripting languages (e.g., C/C++, Rust, Python).
You might work with cloud environments and cloud security across major providers (AWS, Azure, GCP).
You might work with graph-based analysis and large-scale data processing systems.
You might work with AI/ML workflows applied to adversary emulation and automation.
You might work with containerized infrastructure, CI/CD, and production-grade observability.
Security / Work Environment
This role requires eligibility to obtain a U.S. Government security clearance. Some work may involve operating in a controlled environment.
If this role sounds like you, apply and share with us your interest.
Some positions may require eligibility to obtain a U.S. Government security clearance. Any clearance requirement will be listed in the role description.
Twenty is an equal opportunity employer. We consider all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, veteran status, disability, or any other protected status.
If you need a reasonable accommodation during the hiring process, let us know and we will work with you.