The Leidos Cyber Accelerator is seeking a hands-on applied researcher to design, execute, and automate real-world offensive security assessments while advancing ML-driven approaches to penetration testing. You will perform end-to-end automation of pentesting/red teaming (scoping → exploitation → post-exploitation → reporting), build repeatable tooling and test harnesses, and explore machine learning and reinforcement learning (RL) techniques for improving attack planning, prioritization, and autonomous decision-making.

Primary Responsibilities:

-Develop automation to support penetration tests and red-team style assessments across networks, endpoints, identity, and web apps; produce actionable, mission-aligned findings and remediation guidance.
-Leverage agentic workflows to utilize common offensive tools:
-Exploitation frameworks (e.g., Metasploit)
-Pen-test distribution tools (e.g., common Kali Linux tools)
-Fuzzing for vulnerability discovery (e.g., AFL / AFL++)
-Apply and operationalize red-team knowledge bases and testing standards to summarize findings (e.g., NIST taxonomy, MITRE ATLAS/ATT&CK).
-Research and prototype ML/RL approaches for security (e.g., attack-path selection, exploit prioritization, automated decision policies), and evaluate them via measurable experiments and test environments.
-Build automation around offensive workflows (repeatable test harnesses, lab environments, tooling wrappers, and data collection for ML/RL experiments).
-Collaborate with defensive engineers/researchers to translate findings into detections, mitigations, and secure-by-design improvements.

Basic Qualifications:
-Bachelor’s degree and 5+ years relevant experience in offensive security, penetration testing, red teaming, vulnerability research, or closely related fields (additional years may substitute for degree).
-Demonstrated hands-on experience using offensive security toolchains (e.g., Metasploit, Kali Linux) and modern recon/exploitation/post-exploitation workflows.
-Experience with fuzzing or vulnerability discovery workflows (AFL/AFL++ or similar), including triage and root-cause analysis.
-Strong programming/scripting skills (Python preferred; plus Bash). Experience using AI-assisted development tools (examples: coding agents, LLM copilots) to accelerate prototyping.
-Working knowledge of ML fundamentals and practical experience implementing AI/ML experiments; familiarity with RL concepts.
-Must be a US Citizen with the ability to obtain and maintain a Secret clearance.

Preferred Qualifications:
-Demonstrated applied research experience using modern AI techniques for automated or semi-automated penetration testing (e.g., attack-graph/decision-making approaches).
-Reverse engineering and binary analysis experience (IDA Pro/Ghidra/radare2), exploit dev, and/or advanced fuzzing (instrumentation, harnessing, coverage-guided tuning).
-Experience emulating adversary behaviors mapped to ATT&CK and converting results into durable security improvements.
-Experience building repeatable lab environments and automation for security experimentation.
-Ability to obtain and maintain a TS/SCI clearance.
​​

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.

Original Posting:

Pay Range:

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.