Lead Defensive Content Engineer in London

Welcome! Super excited you dropped by. Let's redefine cyber security expertise standards and connect business with community through highly engaging hacking experiences. Find out more about Hack The Box culture on our career site.

The Lead Defensive Content Engineer is a pivotal, hands‑on technical leadership role. You will be at the forefront of a small, talented team of content engineers, personally driving the creation of cutting‑edge cyber ranges. The mission is critical: to design, build and rigorously test engaging, complex live‑fire and hunting labs that directly upskill the defensive capabilities of our business customers. Beyond your significant technical contribution, you will inspire the team, provide essential support to deliver the roadmap, and foster their daily needs and growth through dedicated 1‑to‑1s, coaching and mentoring.

Location & Work Mode Options: Europe, US (preferably East Coast) Fully Remote / Hybrid. Greek candidates: those within 55 km of our Athens office will work hybrid 2 days office/3 remote; others can work fully remote.

Key Responsibilities:

• Spearhead the development of highly engaging, complex live‑fire cyber ranges and immersive hunting labs, delivering high‑impact, real‑world defensive training for top‑tier enterprise customers.
• Lead, mentor, and inspire a high‑performing team of content engineers.
• Drive innovation in defensive training by collaborating on cutting‑edge content formats, including advanced Sherlocks, competitive CTFs and Pro Labs scenarios.
• Conduct deep, proactive research into emerging vulnerabilities, advanced exploits, adversary TTPs and evolving threat actor profiles to keep content relevant and cutting‑edge.
• Pioneer new defensive techniques and countermeasures, continuously elevating players’ readiness and skill set against modern cyber threats.

Skills, Knowledge, and Experience:

• Expert proficiency with defensive security tooling (SIEM, EDR, Wireshark, Volatility, Autopsy, IDA) and detection engineering, digital forensics, malware analysis.
• Proven experience engineering content for Capture The Flag events or similar gamified learning platforms.
• Deep understanding of Windows, Linux, VMware, Cloud Services.
• Highly organised, self‑motivated, and passionate about information security and gamified learning.
• Fluent in English (speaking, reading, writing).
• More than 2 years of experience leading small technical teams.

Bonus Points:

• More than 2 years of practical experience in a real‑world defensive security operations environment.
• Experience using orchestration tooling such as Terraform and Ansible.

Benefits:

• Private health care.
• Paid paternity leave.
• 25 annual leave days.
• Free lunch and snacks.
• 120 € ticket restaurant.
• Dedicated budget for training and professional development, conferences.
• Full access to Hack The Box lab offerings.
• State‑of‑the‑art equipment (Mac, iPhone, mobile plan).
• Flexible work‑from‑home (hybrid model). Fully remote is also an option if not an Attica resident.

At Hack The Box, we are committed to fostering a diverse, inclusive, and equitable workplace. We believe that diversity enriches our performance, services, and the communities we serve. As such, we ensure that all job applications are considered solely based on merit, skills, and qualifications. We do not discriminate on grounds of race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. We are dedicated to providing a fair and respectful work environment that reflects our values.