Full Spectrum Cyber AI Researcher

Full Spectrum Cyber AI Researcher at Leidos

The Leidos Cyber Accelerator is seeking a hands-on applied researcher to design, execute, and automate real-world offensive security assessments while advancing ML-driven approaches to penetration testing. You will perform end-to-end automation of pentesting/red teaming (scoping → exploitation → post-exploitation → reporting), build repeatable tooling and test harnesses, and explore machine learning and reinforcement learning (RL) techniques for improving attack planning, prioritization, and autonomous decision-making.

Primary Responsibilities

• Develop automation to support penetration tests and red-team style assessments across networks, endpoints, identity, and web apps; produce actionable, mission-aligned findings and remediation guidance.
• Leverage agentic workflows to utilize common offensive tools:
• Exploitation frameworks (e.g., Metasploit)
• Pen-test distribution tools (e.g., common Kali Linux tools)
• Fuzzing for vulnerability discovery (e.g., AFL / AFL++)
• Apply and operationalize red-team knowledge bases and testing standards to summarize findings (e.g., NIST taxonomy, MITRE ATLAS/ATT&CK).
• Research and prototype ML/RL approaches for security (e.g., attack-path selection, exploit prioritization, automated decision policies), and evaluate them via measurable experiments and test environments.
• Build automation around offensive workflows (repeatable test harnesses, lab environments, tooling wrappers, and data collection for ML/RL experiments).
• Collaborate with defensive engineers/researchers to translate findings into detections, mitigations, and secure-by-design improvements.

Basic Qualifications

• Bachelor’s degree and 5+ years relevant experience in offensive security, penetration testing, red teaming, vulnerability research, or closely related fields (additional years may substitute for degree).
• Demonstrated hands-on experience using offensive security toolchains (e.g., Metasploit, Kali Linux) and modern recon/exploitation/post-exploitation workflows.
• Experience with fuzzing or vulnerability discovery workflows (AFL/AFL++ or similar), including triage and root-cause analysis.
• Strong programming/scripting skills (Python preferred; plus Bash). Experience using AI-assisted development tools (examples: coding agents, LLM copilots) to accelerate prototyping.
• Working knowledge of ML fundamentals and practical experience implementing AI/ML experiments; familiarity with RL concepts.
• Must be a US Citizen with the ability to obtain and maintain a Secret clearance.

Preferred Qualifications

• Demonstrated applied research experience using modern AI techniques for automated or semi-automated penetration testing (e.g., attack-graph/decision-making approaches).
• Reverse engineering and binary analysis experience (IDA Pro/Ghidra/radare2), exploit dev, and/or advanced fuzzing (instrumentation, harnessing, coverage-guided tuning).
• Experience emulating adversary behaviors mapped to ATT&CK and converting results into durable security improvements.
• Experience building repeatable lab environments and automation for security experimentation.
• Ability to obtain and maintain a TS/SCI clearance.

Key skills/competency

• Offensive Security
• Penetration Testing
• Red Teaming
• Machine Learning
• Reinforcement Learning
• Automation
• Python
• Vulnerability Research
• MITRE ATT&CK
• AI-Assisted Development