Twenty
Twenty

IT Security Engineer

$116,000 – $195,000 per year

TLDR

Define and deploy end-to-end security across networks, systems, and apps to protect assets and embed a security-first culture.

About the Company

America is under sustained cyber attack. Our adversaries infiltrate our networks, steal our IP, and degrade the digital infrastructure that modern life runs on. They’ve learned—correctly—that those attacks rarely produce consequences.

Twenty was founded to change that, by making our adversaries think twice before they attack us. Our vision is American and allied primacy in cyberspace—a future where they cannot contest us, deterrence is assured, and the free world remains secure.

Founded in 2024, Twenty Technologies (www.twenty.io) industrializes offensive cyber operations for the U.S. and its allies. Headquartered in Arlington, Virginia, Twenty has raised $138M from Accel, Caffeinated Capital, Friends & Family Capital, Point72 Ventures, General Catalyst, and In-Q-Tel.

 

Role Summary

We are seeking IT Security Engineer to join our growing technology engineering team. This is a critical role that will establish and maintain our security infrastructure, protect our digital assets, and ensure compliance with industry standards. You will be responsible for implementing comprehensive security solutions across our network, systems, and applications, while working closely with our development and operations teams to embed security into our organizational culture.

Responsibilities

  • Design, implement, and maintain enterprise network security architecture, including firewalls, intrusion detection systems, VPNs, and DMZs.

  • Develop and enforce security policies, standards and procedures across the organization.

  • Conduct security assessments, vulnerability scans and penetration testing to identify and remediate security gaps.

  • Monitor systems and networks 24/7 using security information and event management (SIEM) tools; investigate and respond to security incidents.

  • Manage access controls, identity and access management (IAM), and multi-factor authentication (MFA) solutions.

  • Establish and manage data loss prevention (DLP) and encryption protocols for sensitive data at rest and in transit.

  • Perform security hardening of servers, workstations, and endpoints; manage patch management and system updates.

  • Provide security awareness training and education to employees to foster a security-conscious culture.

  • Conduct root cause analysis on security incidents and prepare incident response reports and recommendations.

  • Ensure compliance with relevant regulations (CMMC, SOC 2, GDPR, PCI-DSS, or industry-specific standards as applicable).

Requirements

  • Bachelor's degree in Computer Science, Information Security, or related field (or equivalent professional experience).

  • 5+ years of professional IT security experience, with demonstrated expertise in at least two of the following domains: network security, systems security, or cybersecurity.

  • Strong knowledge of TCP/IP, DNS, DHCP, and network protocols; experience with firewalls, proxies, and network segmentation.

  • Hands-on experience with security tools such as Splunk, ELK Stack, Snort, Suricata, or similar SIEM and IDS/IPS platforms.

  • Proficiency in systems security, including endpoint protection and vulnerability management.

  • Experience with cloud security (AWS, Azure, or GCP) and containerized environments (Docker, Kubernetes).

  • Understanding of common attack vectors and security frameworks (NIST, CIS Controls, OWASP Top 10).

  • Excellent problem-solving skills with the ability to work independently and as part of a team.

  • Strong communication skills to explain complex security concepts to non-technical stakeholders.

Nice-to-haves

  • Security certifications such as CISSP, CISM, CEH, CCNA Security, Security+, or similar.

  • Experience with security automation and Infrastructure as Code (Terraform, Ansible).

  • Knowledge of application security testing (SAST/DAST) and secure development practices.

  • Experience with incident response and forensics investigations.

  • Familiarity with compliance frameworks and audit processes.

Benefits
What's on the table:

  • Health. Medical, dental, and vision plan options. Life / AD&D, disability coverage options.

  • Family. Paid parental leave for eligible full-time employees. 12 weeks for birthing parents, 4 for non-birthing parents, 6 weeks for adoptive, foster, or intended parents through surrogacy.

  • Vacation. Paid holidays and flexible PTO. Take what you need.

  • Retirement. 401(k) with pre-tax and Roth options. HSA/FSA options, dependent care FSA.

  • At the office. Commuter benefits. On-site garage parking. Bike storage. Building fitness center. Desk setup stipend.

Benefits vary by location, role, and eligibility. Full plan details provided during the interview and offer process.


If this role sounds like you, apply and share with us your interest.

Some positions may require eligibility to obtain a U.S. Government security clearance. Any clearance requirement will be listed in the role description.

Twenty is an equal opportunity employer. We consider all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, veteran status, disability, or any other protected status.

If you need a reasonable accommodation during the hiring process, let us know and we will work with you.

Benefits

Health Insurance

Retirement. 401(k) with pre-tax and Roth options. HSA/FSA options, dependent care FSA.

Office amenities and setup stipend

At the office. Commuter benefits. On-site garage parking. Bike storage. Building fitness center. Desk setup stipend.

Paid Parental Leave

Family. Paid parental leave for eligible full-time employees. 12 weeks for birthing parents, 4 for non-birthing parents, 6 weeks for adoptive, foster, or intended parents through surrogacy.

Paid Time Off

Vacation. Paid holidays and flexible PTO. Take what you need.

Twenty develops and deploys advanced software solutions tailored for offensive cyber operations, empowering the U.S. and its allies to deter and defeat adversaries in the arena of modern warfare. Our unique approach industrializes cyber capabilities, ensuring that nations can project power and maintain security in an increasingly volatile landscape.

Founded
Founded 2024
Employees
11-50 employees
Industry
computer & network security
Funding stage
Series A
Total raised
$38M raised
Last funding
Raised November 2025
View company profile
Apply for this job

Pro members saw this job first

New jobs unlock for everyone after 24 hours. Startup Jobs Pro shows them right away, with instant alerts and salary filters. From $7/month.

Get Pro