Remote Exploit Developer Jobs in Maryland (NOW HIRING)

Offensive Security Software Engineer - Attack Engineer
TS Clearance Required 90% Remote. On site work required in DMV/NCR occasionally, so must be located in/near Washington DC
Level 4 & Staff-Level Opportunities Available Position Overview
We are seeking a highly technical Software Engineer/Attack Engineer to join a federal-focused engineering organization building advanced offensive security and automated attack capabilities. This role blends software engineering, vulnerability research, exploit development, and troubleshooting within a modern AI-assisted security platform. The ideal candidate is a hands-on engineer who enjoys both building new offensive capabilities and investigating complex technical failures across large-scale enterprise environments.
This is not a traditional penetration testing role. Engineers on this team actively develop, operationalize, and maintain offensive attack content while contributing to the core platform architecture that powers automated security assessments. Successful candidates must be comfortable writing code daily, understanding how vulnerabilities behave in production environments, and translating exploit behavior into scalable product capabilities.
The team is especially interested in engineers who can work through the full attack lifecycle – Identifying attack paths, validating exploitation methods, troubleshooting failed executions, and communicating the underlying root cause of vulnerabilities or misconfigurations. The ability to distinguish between software defects, environmental issues, and legitimate exploitable conditions is considered a major differentiator for this position.
Approximately 70% of the role focuses on developing new offensive and AI-driven capabilities for the platform, while 30% involves troubleshooting failed attack executions, debugging platform behavior, and analyzing vulnerability validation results. Core Responsibilities
• Collaborate across offensive security, software engineering, data engineering, and federal engineering teams throughout the software development lifecycle • Develop and maintain offensive attack content, exploit automation, and adversarial simulation capabilities • Build new platform functionality that enables scalable automated attack execution and vulnerability validation • Research, analyze, and operationalize exploit techniques and offensive tradecraft within production systems • Work closely with attack engineers and vulnerability researchers to understand exploit behavior and integrate findings into platform capabilities • Enhance platform architecture, APIs, and data models to support evolving offensive security functionality • Troubleshoot failed attack scenarios and determine root cause across software, infrastructure, environmental configuration, or exploit logic • Analyze attack-path data and provide technical insight into exploitation flow, remediation guidance, and platform outcomes • Identify, prioritize, and resolve software defects and operational issues • Maintain high software quality through code review, automated testing, and production monitoring • Contribute to engineering standards, development practices, and technical process improvements Required Qualifications
• Active Top Secret Clearance minimum • 6–10+ years of experience in software engineering, offensive security, exploit development, vulnerability research, or related cyber engineering disciplines • Strong hands-on Python development experience • Experience writing, modifying, debugging, or operationalizing exploit code and offensive tooling • Ability to work directly “hands on keyboard” in highly technical coding and troubleshooting environments • Experience with SQL querying and relational database systems such as PostgreSQL • Familiarity with GraphQL APIs and associated data interaction models • Experience with Docker and containerized development environments • Strong understanding of software architecture and modern software design principles • Experience developing and testing complex software systems supporting federal or classified environments • Strong debugging and analytical troubleshooting skills across distributed systems • Experience with Git-based development workflows and collaborative engineering practices • Excellent written and verbal technical communication skills • Ability to explain technical findings, attack behavior, and remediation guidance clearly to both internal teams and customers Preferred Qualifications
• Experience using AI-assisted engineering tools such as Claude Code • Experience building offensive automation platforms, attack simulation frameworks, or adversary emulation tooling • Familiarity with graph database technologies such as Neo4j • Knowledge of cloud-native architectures and AWS-based environments • Experience improving offensive capability scalability and automated attack orchestration • Strong understanding of secure software development practices • Background in reverse engineering, exploit analysis, or N-Day vulnerability research • Offensive security certifications such as: o Offensive Security Certified Professional (OSCP) o GIAC Penetration Tester (GPEN) o Security+
o Certified Information Systems Security Professional (CISSP) Additional Information
• Primarily remote environment with approximately 90% remote flexibility • Openings available at both senior and staff engineering levels • Fast-paced engineering culture focused on autonomy, innovation, and technical ownership • Opportunity to directly influence AI-enabled offensive cyber capability development within mission-critical federal environments