← All roles
Twenty logoTwentyB2B
Posted today

IT Security Engineer

KubernetesTerraformOther · Mid · Seed

About the Company

America is under sustained cyber attack. Our adversaries infiltrate our networks, steal our IP, and degrade the digital infrastructure that modern life runs on. They’ve learned—correctly—that those attacks rarely produce consequences.

Twenty was founded to change that, by making our adversaries think twice before they attack us. Our vision is American and allied primacy in cyberspace—a future where they cannot contest us, deterrence is assured, and the free world remains secure.

Founded in 2024, Twenty Technologies (www.twenty.io) industrializes offensive cyber operations for the U.S. and its allies. Headquartered in Arlington, Virginia, Twenty has raised $138M from Accel, Caffeinated Capital, Friends & Family Capital, Point72 Ventures, General Catalyst, and In-Q-Tel.

Role Summary

We are seeking IT Security Engineer to join our growing technology engineering team. This is a critical role that will establish and maintain our security infrastructure, protect our digital assets, and ensure compliance with industry standards. You will be responsible for implementing comprehensive security solutions across our network, systems, and applications, while working closely with our development and operations teams to embed security into our organizational culture.

Responsibilities

  • Design, implement, and maintain enterprise network security architecture, including firewalls, intrusion detection systems, VPNs, and DMZs.

  • Develop and enforce security policies, standards and procedures across the organization.

  • Conduct security assessments, vulnerability scans and penetration testing to identify and remediate security gaps.

  • Monitor systems and networks 24/7 using security information and event management (SIEM) tools; investigate and respond to security incidents.

  • Manage access controls, identity and access management (IAM), and multi-factor authentication (MFA) solutions.

  • Establish and manage data loss prevention (DLP) and encryption protocols for sensitive data at rest and in transit.

  • Perform security hardening of servers, workstations, and endpoints; manage patch management and system updates.

  • Provide security awareness training and education to employees to foster a security-conscious culture.

  • Conduct root cause analysis on security incidents and prepare incident response reports and recommendations.

Requirements

  • Bachelor's degree in Computer Science, Information Security, or related field (or equivalent professional experience).

  • 5+ years of professional IT security experience, with demonstrated expertise in at least two of the following domains: network security, systems security, or cybersecurity.

  • Strong knowledge of TCP/IP, DNS, DHCP, and network protocols; experience with firewalls, proxies, and network segmentation.

  • Hands-on experience with security tools such as Splunk, ELK Stack, Snort, Suricata, or similar SIEM and IDS/IPS platforms.

  • Proficiency in systems security, including endpoint protection and vulnerability management.

  • Experience with cloud security (AWS, Azure, or GCP) and containerized environments (Docker, Kubernetes).

  • Understanding of common attack vectors and security frameworks (NIST, CIS Controls, OWASP Top 10).

  • Excellent problem-solving skills with the ability to work independently and as part of a team.

  • Strong communication skills to explain complex security concepts to non-technical stakeholders.

Nice-to-haves

  • Security certifications such as CISSP, CISM, CEH, CCNA Security, Security+, or similar.

  • Experience with security automation and Infrastructure as Code (Terraform, Ansible).

  • Knowledge of application security testing (SAST/DAST) and secure development practices.

  • Experience with incident response and forensics investigations.

  • Familiarity with compliance frameworks and audit processes.

Benefits
What's on the table:

  • Health. Medical, dental, and vision plan options. Life / AD&D, disability coverage options.

  • Family. Paid parental leave for eligible full-time employees. 12 weeks for birthing parents, 4 for non-birthing parents, 6 weeks for adoptive, foster, or intended parents through surrogacy.

  • Vacation. Paid holidays and flexible PTO. Take what you need.

  • Retirement. 401(k) with pre-tax and Roth options. HSA/FSA options, dependent care FSA.

  • At the office. Commuter benefits. On-site garage parking. Bike storage. Building fitness center. Desk setup stipend.

Benefits vary by location, role, and eligibility. Full plan details provided during the interview and offer process.

If this role sounds like you, apply and share with us your interest.

Some positions may require eligibility to obtain a U.S. Government security clearance. Any clearance requirement will be listed in the role description.

AI

Check your CV against this role

Drop your CV. You get a 0-100 fit score against the actual job description, plus the read a senior engineering lead would write. Private to you.

Your CV joins the pool too, so roles that fit can find you. No spam, and nothing reaches a company without your go-ahead.

Score this once, or every future role

Start the candidate journey and every new role on the board gets scored against you.

Five minutes. Tell us what you’re after, drop your CV once, pick how we should reach out. You get a candid read back and you only hear from us when a role fits.

More at Twenty