Security Researcher

Twenty is seeking an innovative Associate Cyber Security Research Engineer for an in-office position in its Arlington, VA office with strong research skills, software development, and offensive security expertise to join our mission of defending democracies. In this role, you'll develop and automate sophisticated attack paths, leverage machine-speed data processing, and create tools that advance our cyber and electromagnetic capabilities. We're looking for someone who combines practical development skills with a deep understanding of adversarial techniques to help build the next generation of cyber technologies for the United States and its allies. About the CompanyAt Twenty, we're taking on one of the most critical challenges of our time: defending democracies in the digital age. We develop revolutionary technologies that operate at the intersection of cyber and electromagnetic domains, where the speed and complexity of operations exceeds human cognition. Our team doesn't just solve problems – we deliver game-changing outcomes that directly improve national security. We're pragmatic optimists who understand that while our mission of defending America and its allies is challenging, we can succeed. Role DetailsAttack Path Development & ImplementationDesign and implement sophisticated attack paths that emulate real-world adversary behaviors and TTPsCreate modular, reusable components for common attack techniques and lateral movement methodsDevelop custom tools and scripts to support attack path execution and validationData Analysis & EnrichmentResearch and evaluate diverse data sources for enhancing attack path effectivenessImplement data enrichment pipelines to augment existing datasets with threat intelligenceAutomation & Tool DevelopmentAutomate common red team tools and techniques for scalable deploymentDevelop custom extensions and modules for industry-standard red team frameworksCreate efficient workflows for repetitive security testing proceduresData Engineering & ProcessingDesign and implement parsers for various data formats including logs, network traffic, and threat feedsCreate ETL pipelines for processing security-relevant data at scaleDevelop standardized schemas for structured and unstructured security dataBuild data validation and cleansing mechanismsImplement efficient storage and retrieval systems for processed dataQualificationsTechnical Skills & Experience3+ years of threat research and coding experienceDeep understanding of the MITRE ATT&CK framework with practical experience mapping and implementing common adversary TTPs (Tactics, Techniques, and Procedures)Proven experience operating industry-standard threat emulation platforms and command & control frameworks, including development of custom payloads and modulesTrack record of integrating and analyzing threat intelligence data sources to enhance detection and response capabilitiesDemonstrated proficiency in implementing and detecting advanced persistence mechanisms, defense evasion techniques, and counter-forensic methodsStrong containerization experience using Docker, including creating secure, production-ready containers and managing multi-container applications with Docker ComposeAdvanced programming skills in Python and/or Golang, with emphasis on developing security tools and automation frameworksExperience writing complex graph queries and traversals for analyzing relationships in large datasets, preferably with Neo4j or similar graph databasesStrong background in API development and integration, including designing, implementing, and consuming RESTful services with proper security controlsComprehensive knowledge of cybersecurity principles including network security, application security, and secure coding practicesPractical experience in offensive cyber operations, including payload development, post-exploitation, and lateral movement techniquesDemonstrated expertise in red team methodologies, including campaign planning, OPSEC considerations, and adversary emulation based on real-world threatsEducationBachelor's degree in Computer Science, Software Engineering, or related field, or equivalent practical experienceSecurity RequirementsMust be eligible to obtain and maintain a U. S. Government security clearanceDistinguishing QualificationsTrack record of delivering complex technical solutions in defense or security contextsExperience with AI/ML integration in operational systemsBackground in developing tools for cyber operators or security analystsExperience with large-scale data processing and analysisAdditional SkillsExperience with Agile development methodologiesSystem architecture and design experiencePerformance optimization and scalability experienceOpen-source contributions or personal projects demonstrating relevant skills Apply to this Job