sg happening
← Back to jobs
ST ENGINEERING INFO-SECURITY PTE. LTD.

Cyber Range Engineer (DSC/JH)

Professional Permanent 2+ years exp

Monthly Salary

$4,000 – $6,500

Posted

20 March 2026

Expires 19 April 2026

Apply

Apply at ST ENGINEERING INFO-SECURITY PTE. LTD. ↗

Categories

Engineering Information Technology Security and Investigation

Description

Job Description

We are looking for a Cyber Range Engineer focused on designing, building, and running realistic cyber range scenarios that reflect current threat activity. This role is hands-on and adversary-minded: you will translate threat landscape reporting and real-world TTPs into end-to-end exercise content (attack paths, injects and artifacts).



Responsibilities

  • Create/Develop Cyber Range scenarios based on current threat landscape, adversary trends and relevant risk.
  • Create realistic exercise artefacts and injects (e.g., phishing emails, malicious documents, command histories, web logs, domain activity, cloud audit events, IAM changes) to support Blue Team exercises.
  • Validate scenario functionality in the range: ensure dependencies are in place, paths execute as intended, and “teachable moments” are aligned to learning objectives.
  • Support exercise execution and facilitation.
  • Assist with dry runs and rehearsals, adjust scenario pacing, and provide technical support during live execution.
  • Record outcomes, key timelines, and notable participant actions for post-exercise review.
  • Maintain accurate documentation of scenario packages, threat mappings (e.g., ATT&CK), prerequisites, and known issues/edge cases.
  • Contribute to post-exercise reporting by providing the attack narrative, evidence trail, expected vs observed detections, and improvement recommendations for detection/response.
  • Understand best practices in hardening, policy configurations for organisations.



Requirements

1 to 2 years of experience in one or more of the following:

  • security operations / incident response support
  • penetration testing / red teaming / purple teaming
  • detection engineering labs / cyber range / CTF scenario development



Added Advantage (Preferred Knowledge / Skills)

  • Windows and Linux fundamentals, including common logging sources (Windows Event Logs, Sysmon concepts, Linux auth logs).
  • Networking fundamentals (IP addressing, DNS, HTTP/S, routing, segmentation concepts).
  • Familiarity with adversary techniques and frameworks (MITRE ATT&CK, kill chain concepts).
  • Practical scripting capability for repeatability/automation (PowerShell, Python, Bash).
  • Basic understanding of cloud platforms (AWS, Azure, or GCP), especially audit/logging concepts.
  • Exposure to security tooling and telemetry sources.
  • EDR concepts (e.g., CrowdStrike, Microsoft Defender for Endpoint, SentinelOne)
  • SIEM/log platforms (Splunk, Microsoft Sentinel, Elastic/Wazuh)
  • Network/security controls (Palo Alto, Fortinet) and relevant log types


Work location: Jurong East