HackerTrail logo

Security Engineer

HackerTrail

Singapore

Apply for this job
More details will be shared during screening.
Job Description:

About the Role

Most organisations find out they've been compromised after the fact — a breach surfaces, forensics are called in, and damage is assessed. Our client built a platform that continuously simulates how a real attacker would approach a target's infrastructure — not a scheduled scan, not a quarterly report, but a live, always-on process that behaves the way an actual threat actor would.
But what’s the role?
The engineering here carries real weight. The systems a Cyber Security Engineer builds directly power how the platform simulates attacker behaviour for its clients. Reliability, scale, and speed aren't goals on a roadmap — they're operational requirements from day one. If you've been in engineering roles where the security context felt superficial or bolted on, this is where it's baked into the core of what you're shipping.

What will I do?

This is a hands-on engineering role at the core of the platform. The job is to design, build, and scale the systems and tooling that enable them to simulate attacker behaviour continuously and at scale across its client base.
That means cloud infrastructure that runs reliably under pressure, data pipelines that ingest and process large volumes of security data in real time, and automation that lets the platform operate with the speed and precision that offensive simulation demands.
Understanding how attackers actually operate isn't background context here — it directly informs the engineering decisions you'd be making. The systems you build are the mechanism by which they replicates real-world attack techniques for its clients.
Job Requirements:

The background that would make you a fit

  • Strong software engineering foundation: 2–5 years building production systems — not prototypes or internal tooling, but things that run in the real world, need to scale, and need to stay up. Code that other people can read, maintain, and extend.
  • Python and Go: Go in particular is a signal of someone who thinks about concurrency, performance, and systems-level concerns — not just feature delivery. Both languages are used day-to-day here.
  • Cloud infrastructure at meaningful scale: Designing and operating distributed systems on major cloud providers — not just deploying things, but thinking through how they run, scale, fail, and recover in a high-throughput security context.
  • Data pipeline engineering: Building systems that ingest, process, and surface large volumes of data in real time — with an understanding of the tradeoffs between throughput, latency, and reliability when the data has security implications.
  • A genuine understanding and interest of how attackers operate: Knowledge of attacker tactics and techniques — what they look like in practice, and why the distinction between a red team and a pen test matters. Not a decade in offensive security, but more than surface-level familiarity.
Benefits:
Required Skills:
Offensive SecurityGoPythonSoftware EngineeringRed TeamData pipeline developmentCloud Infrastructure
Optional Skills:
Network SecurityBig DataOpen SourceSecurity researchApplication securityCloud securitySecurity analysis

Posted by:

R
Ryan
rt@hackertrail.com