Lead Engineer/Engineer, AI Safety and Security, AI R&D, xCyber, Singapore

HTX is the world’s first Science and Technology agency that integrates a diverse range of scientific and engineering capabilities to innovate and deliver transformative and operationally ready solutions for homeland security. As a statutory board of the Ministry of Home Affairs and integral to the Home Team, HTX works at the forefront of science and technology to empower Singapore’s frontline of security. Our shared mission is to amplify, augment and accelerate the Home Team’s advantage and secure Singapore as the safest place on planet earth.

As a Lead Engineer / Engineer in the AI Security & Safety team, you will be at the forefront of operationalizing secure AI for the Home Team. Reporting to the Head of AI Security & Safety, you will act as the technical builder and operator, responsible for engineering, integrating, and deploying AI security products (e.g., LLM guardrails, vulnerability scanners) into enterprise environments.

This role will also include applying tools for supporting the automation and execution of testing, evaluation, validation, and verification lifecycle for AI models. The scope of tests includes rigorous adversarial robustness testing and systematic benchmarking to provide critical assurance to various stakeholders that deployed AI systems remain safe, reliable, and resilient against evolving threats. You will bridge the gap between AI innovation and enterprise security engineering, ensuring AI applications are \"Secure by Design\".

• AI Model Test, Evaluate, Validate, Verify: Design and conduct systematic tests to evaluate AI model safety, security, and performance. This includes researching and applying various security/safety test domains, industry benchmarks, and advanced evaluation methodologies (e.g., benchmark based evaluations, LLM-as-a-Judge, etc).
• Adversarial Robustness Testing: Conduct targeted adversarial testing (e.g., prompt injection, data poisoning, model inversion) on in-house and commercial AI models to identify vulnerabilities and edge‑case failures, directly contributing towards and supporting the CISO office's risk assessment processes.
• Product Engineering & Integration: Design, develop, and integrate AI security tools (e.g., input/ output guardrails, real‑time monitoring sidecars) into existing AI inference pipelines and API gateways.
• Enterprise Deployment: Deploy and manage AI security solutions across both Cloud (e.g., Government Commercial Cloud - GCC) and On‑Premise containerized environments (Docker, Kubernetes), while pushing the frontier of complex trade‑off between ensuring high availability, low latency, and security.
• DevSecOps for AI: Automate TEVV workflows and integrate AI vulnerability scanners and benchmarking tools into the organization’s CI/CD pipelines to ensure continuous security testing.
• Threat Mitigation: Work closely with application developers, data scientists, project managers, and cloud engineers to understand use cases translating into design and implementation of robust mitigating controls and secure configurations across the end‑to‑end AI lifecycle (pre‑training, fine‑tuning, RAG, and inference).
• Experience: Minimum 2 to 5 years in Software Engineering, DevSecOps, AI/ Machine Learning Engineering, or Cybersecurity.
• AI Testing & Evaluation: Good understanding of AI evaluation frameworks, benchmarking datasets, and methodologies for qualitatively and quantitatively measuring model performance and safety.
• Software Engineering: Strong programming skills in Python, Go, or similar languages, with experience building and consuming APIs securely.
• Cloud & Containerization: Hands‑on experience with Docker, Kubernetes, and deploying workloads in both Cloud (AWS, Azure, GCC) and On‑Premise environments.
• AI/ML Knowledge: Familiarity with the AI development lifecycle, ML frameworks (e.g., PyTorch, TensorFlow), and LLM inference engines (e.g., vLLM, HuggingFace).
• Cybersecurity Expertise: Knowledge of AI‑specific threat frameworks (e.g., OWASP Top 10 for LLMs, MITRE ATLAS) and traditional application security principles.
• Certifications (Preferred): Relevant certifications in Cloud, DevSecOps, AI/ Machine Learning, or Cybersecurity.
• Attributes:
• Ability to multi‑task and deliver high‑quality engineering work under tight deadlines.
• Meticulous in planning, test design, documentation, and system architecture.
• A strong team player with excellent interpersonal and communication skills to engage cross‑functional stakeholders.
• Demonstrates resiliency, drive, and a continuous learning mindset to keep pace with the rapidly evolving AI threat landscape.

All new appointees are appointed on a two‑year contract in the first instance and will be assessed and considered for permanent tenure over time, based on performance.