AVPVP, Cybersecurity Assurance, Technology Group

Location:Singapore

Job Function:Chief Operating Officers Office

Job Type:Permanent

Req ID:16914

GIC is one of the worlds largest sovereign wealth funds. With over 2000 employees across 11 locations around the world we invest in more than 40 countries globally across asset classes and businesses. Working at GIC gives you exposure to an extraordinary network of the worlds industry leaders. As a leading global long-term investor we Work at the Point of Impact for Singapores financial future and the communities we invest in worldwide.

Technology Group
The Technology Group (TG) is a key enabler to keep our business moving forward and is constantly exploiting state-of-the-art information technologies to enhance GICs ability to be the leading global long-term investment firm. We aim to provide users with empowering and transformational capabilities and to create an inclusive innovative and integrated work environment.

What impact can you make in this role
The individual will be part of the Cybersecurity Assurance & Defence (CSAD) team and will play a key role in strengthening the firms security posture through proactive vulnerability management adversarial attack simulation planning and continuous improvement of security baselines. The individual will serve as a control owner driving threat prioritization root cause analysis and cross-team collaboration to remediate and prevent recurrence of vulnerabilities. This role requires strategic thinking strong analytical capabilities and the ability to influence stakeholders across technical and business domains.

What will you do in this role

• Lead and participate in vulnerability management & threat modelling discussions ensuring effective prioritization and remediation of identified threats.
• Operate and maintain vulnerability scanning tools (e.g. OSS SAST DAST OS Secret Scanning etc.) ensuring scans are executed results are analyzed and findings are addressed.
• Support the planning coordination and management of adversarial attack simulations to validate the firms defensive capabilities.
• Evaluate vulnerabilities holistically to identify threat severity and prioritization acting as a control owner to ensure timely mitigation.
• Understand and manage security baselines ensuring configuration drifts are detected assessed and remediated.
• Manage day-to-day cybersecurity assurance operations ensuring effective prioritization of tasks and optimal allocation of resources based on risk and impact.
• Analyze vulnerability data to identify patterns correlations and root causes and partner with relevant teams to implement sustainable remediation measures.
• Drive community initiatives to enhance the firms overall security posture through active knowledge sharing and best practice recommendations.
• Collaborate with engineering operations risk and business stakeholders to influence security improvements and embed security assurance practices into operational processes.
• Contribute to continuous improvement of cybersecurity assurance standards frameworks processes and reporting.

What qualifications or skills should you possess in this role

• Bachelors degree in Computer Science Information Security or a related field.
• Proven experience in offensive security cybersecurity assurance vulnerability management or threat analysis.
• Strong understanding of adversarial attack simulation methodologies (e.g. red teaming purple teaming).
• Familiarity with defining security baselines configuration management and drift detection tools.
• Proficiency in analyzing and interpreting vulnerability data to drive actionable insights.
• Excellent communication and stakeholder management skills with the ability to influence and drive change.
• Demonstrated ability to think strategically and connect technical findings to business risks and outcomes.
• Familiar with enterprise security architecture and have knowledge on how security controls address evolving cybersecurity threats.
• Relevant offensive security certifications such as OSCP or equivalent.
• Experience with vulnerability management tools (e.g. OSS SAST DAST OS CSPM SSPM) and configuration management platforms.

Work at the Point of Impact
We need to be forward-looking to attract the right people to help us become the Leading Global Long-term Investor. Join our ambitious agile and diverse teams - be empowered to push boundaries and pursue innovative ideas share your views and be heard. Be anchored on our PRIME Values: Prudence Respect Integrity Merit and Excellence which guides us in how we make our day-to-day decisions. We strive to inspire. To make an impact.

Flexibility at GIC
At GIC our offices are vibrant hubs for ideation professional growth and interpersonal connection. At the same time we believe that flexibility allows us to do our best work and be our best selves. Thus our teams come into the office four days per week to harness the benefits of in-person collaboration but have the flexibility to choose which days they work from home and adjust this arrangement as situational needs arise.

GIC is an equal opportunity employer
As an employer we passionately believe every individual brings with them unique diversity of thought and perspectives to meaningfully enrich perspectives of GIC teams to drive competitive performance. An inclusive environment yields exceptional contribution.