Apply now »

Title:  Cyber Range Engineer

Job ID:  21931
Location: 

ST Engineering Jurong East Bui, SG

Description: 

Job Description

 

We are looking for a Cyber Range Engineer focused on designing, building, and running realistic cyber range scenarios that reflect current threat activity. This role is hands-on and adversary-minded: you will translate threat landscape reporting and real-world TTPs into end-to-end exercise content (attack paths, injects and artifacts).

 

  • Create/Develop Cyber Range scenarios based on current threat landscape, adversary trends and relevant risk.
  • Create realistic exercise artefacts and injects (e.g., phishing emails, malicious documents, command histories, web logs, domain activity, cloud audit events, IAM changes) to support Blue Team exercises.
  • Validate scenario functionality in the range: ensure dependencies are in place, paths execute as intended, and “teachable moments” are aligned to learning objectives.
  • Support exercise execution and facilitation:
    • Assist with dry runs and rehearsals, adjust scenario pacing, and provide technical support during live execution.
    • Record outcomes, key timelines, and notable participant actions for post-exercise review.
    • Maintain accurate documentation of scenario packages, threat mappings (e.g., ATT&CK), prerequisites, and known issues/edge cases.
  • Contribute to post-exercise reporting by providing the attack narrative, evidence trail, expected vs observed detections, and improvement recommendations for detection/response.
  • Understand best practices in hardening, policy configurations for organisations.

 

 

 

Requirements

 

  • 1 to 2 years of experience in one or more of the following:
    • security operations / incident response support
    • penetration testing / red teaming / purple teaming
    • detection engineering labs / cyber range / CTF scenario development

 

 

 

Added Advantage (Preferred Knowledge / Skills)

  • CISSP, OSCP, GCIH or any other related cyber certifications
  • Windows and Linux fundamentals, including common logging sources (Windows Event Logs, Sysmon concepts, Linux auth logs).
  • Networking fundamentals (IP addressing, DNS, HTTP/S, routing, segmentation concepts).
  • Familiarity with adversary techniques and frameworks (MITRE ATT&CK, kill chain concepts).
  • Practical scripting capability for repeatability/automation (PowerShell, Python, Bash).
  • Basic understanding of cloud platforms (AWS, Azure, or GCP), especially audit/logging concepts.
  • Exposure to security tooling and telemetry sources:
    • EDR concepts (e.g., CrowdStrike, Microsoft Defender for Endpoint, SentinelOne)
    • SIEM/log platforms (Splunk, Microsoft Sentinel, Elastic/Wazuh)
    • Network/security controls (Palo Alto, Fortinet) and relevant log types

 

 

 

Work location: Jurong East

Apply now »