AVPVP, Product Engineer (DevSecOps), Technology Group

Location:Singapore

Job Function:Technology Group

Job Type:Permanent

Req ID:17126

About GIC
GIC is one of the worlds largest sovereign wealth funds. With over 2000 employees across 11 locations around the world we invest in more than 40 countries globally across asset classes and businesses. Working at GIC gives you exposure to an extraordinary network of the worlds industry leaders. As a leading global long-term investor we work at the Point of Impact for Singapores financial future and the communities we invest in worldwide.

Technology Group
We experiment design and lead a 247 global business where we support core capabilities in asset management trading investment operations and risk management. We deliver secure reliable and integrated solutions and provide insights on new and emerging technologies.

Strategy Architecture and Transformation Group
The Strategy Architecture & Transformation (SAT) group shapes and drives GICs technology strategy ensuring alignment with business priorities and enterprise goals. Bringing together expertise in strategy architecture engineering and transformation the team strengthens governance promotes consistency and accelerates delivery across the Technology Group. Through modern practices and close collaboration SAT leads the development of an architectural strategy that reinforces oversight and accountability while enabling reliable scalable solutions and informed decision making across the Technology Group and more broadly across GIC.

Developer Experience
The Developer Experience team builds and operates the products and platforms that support the developer experience across GICs Technology Group. The team is organised around three product pillars:

• Project Management Tooling Platforms such as Jira and Confluence that support project tracking collaboration and workflow management across the Technology Group.
• Cloud Development Environments & IDEs Cloud-based development environments AI-assisted coding tools developer toolchains (CLIs SDKs IDE extensions devcontainer features) and agentic development capabilities.
• DevSecOps & CI/CD CI/CD pipelines artifact management security scanning integration infrastructure-as-code and secure software delivery tooling.

What impact can you make in this role
As a Product Engineer (DevSecOps) you will own and drive the delivery of DevSecOps and CI/CD platform products that underpin secure software delivery across GICs Technology Group. You will take a product-oriented approach to engineering understanding developer needs defining roadmaps and delivering solutions that improve delivery velocity while meeting the organisations security and governance requirements.

This role requires someone who thinks beyond code. You will design and maintain the pipelines tooling and security integrations that development teams depend on daily. You will need to balance developer experience with enterprise security constraints advocate for your platforms users and make pragmatic trade-offs between speed security and scalability.y.

What will you do as a Product Engineer (DevSecOps)

• Product Ownership & Delivery
  • Own the end-to-end lifecycle of DevSecOps platform products from discovery and design through to delivery adoption and iteration.
  • Engage with engineering teams across the organisation to understand their build test deployment and security workflows pain points and needs.
  • Define and prioritise product backlogs based on user feedback operational data and strategic direction.
  • Deliver incremental improvements and new capabilities through agile delivery practices.
  • Track and measure product success through adoption satisfaction and toil reduction metrics.
  • Publish documentation onboarding guides and self-help templates with guardrails that development teams can use.
• CI/CD Pipeline Engineering
  
  • Design build and maintain secure and scalable CI/CD pipelines that support efficient and reliable software delivery across the organisation.
  • Implement and manage continuous integration and continuous deployment processes using platforms such as GitHub Actions Jenkins or GitLab CI.
  • Collaborate with development teams for continuous enhancements pipeline reviews and adoption of pipeline best practices.
  • Automate self-help processes reusable pipeline templates and guardrails that development teams can consume with minimal friction.
  • Conduct peer code reviews and provide technical mentorship on CI/CD and DevSecOps practices.
• Artifact Management & Supply Chain Security
  
  • Manage and operate artifact management platforms (e.g. JFrog Artifactory Xray) including repository configuration access controls vulnerability scanning and lifecycle policies.
  • Scan and analyse artifacts for security vulnerabilities and license compliance using tools such as JFrog Xray.
  • Govern open-source software usage dependency management and software composition analysis across the organisations delivery pipelines.
• Security Integration & Vulnerability Management
  
  • Integrate security scanning tools SAST DAST SCA and secrets detection into CI/CD pipelines and developer workflows.
  • Leverage GitHub Advanced Security features such as CodeQL (SAST) secret scanning and dependency analysis.
  • Integrate container and infrastructure scanning tools (e.g. Snyk Wiz) into delivery workflows.
  • Manage the vulnerability lifecycle scanning triage patching and ensure security gates are embedded in delivery pipelines.
  • Stay up-to-date with the latest security trends technologies and best practices and provide recommendations for improvement.
  • Balance security controls with developer productivity finding practical solutions that protect without creating unnecessary friction.
• Stakeholder Engagement
  
  • Partner with engineering leads architects and business stakeholders to align platform capabilities with organisational priorities.
  • Communicate product direction trade-offs and decisions clearly to both technical and non-technical audiences.
  • Collaborate with development cloud and security teams to integrate best practices into the software development lifecycle.
  • Conduct system integration tests and coordinate with business users on user acceptance tests where applicable.

What makes you a successful candidate

• Experience & Background
  
  • Bachelors degree in Computer Science Engineering Information Technology or a related discipline.
  • At least 5 years of relevant experience in software engineering platform engineering or product engineering roles.
  • Experience working in enterprise or regulated technology environments is advantageous.
• CI/CD and DevSecOps
  
  • Deep understanding of DevOps principles practices and tools including CI/CD pipeline design and operation.
  • Proficiency in using GitHub for version control collaboration and code review processes. Experience configuring and managing CI/CD pipelines using GitHub Actions.
  • Hands-on experience with artifact management platforms (e.g. JFrog Artifactory Xray) including repository management vulnerability scanning and license compliance.
  • Familiarity with GitHub Advanced Security features such as CodeQL (SAST) secret scanning and dependency analysis.
  • Experience integrating security scanning tools (SAST DAST SCA secrets detection) and container/infrastructure scanning tools (e.g. Snyk Wiz) into delivery pipelines.
• Cloud and Infrastructure
  • Proficiency with infrastructure-as-code (e.g. Terraform) and cloud platforms (AWS preferred Azure) including compute networking identity and storage services.
  • Proficiency in AWS technologies or their equivalent such as OIDC STS AWS CLI and CloudFormation.
  • Experience with containerisation technologies (e.g. Docker Kubernetes).
  • Good understanding of security and networking principles protocols and technologies.
• Product & Delivery Mindset
  
  • Demonstrated ability to think about engineering work through a product lens understanding users measuring outcomes and iterating based on feedback.
  • Comfortable owning a product backlog and making prioritisation decisions.
  • Experience working in agile teams with a focus on incremental delivery.
• Governance & Ways of Working
  
  • Ability to balance developer experience and autonomy with enterprise requirements for security standardisation and cost control.
  • Strong stakeholder management skills with the ability to work across engineering platform and cybersecurity teams.
  • Comfortable navigating competing priorities and driving alignment.
• Personal Attributes
  
  • Clear and effective communicator both written and verbal.
  • Pragmatic structured and outcome-focused.
  • Consistently demonstrates GICs PRIME values: Prudence Respect Integrity Merit and Excellence.

Work at the Point of Impact
We need to be forward-looking to attract the right people to help us become the Leading Global Long-term Investor. Join our ambitious agile and diverse teams - be empowered to push boundaries and pursue innovative ideas share your views and be heard. Be anchored on our PRIME Values: Prudence Respect Integrity Merit and Excellence which guides us in how we make our day-to-day decisions. We strive to inspire. To make an impact.

Flexibility at GIC
At GIC our offices are vibrant hubs for ideation professional growth and interpersonal connection. At the same time we believe that flexibility allows us to do our best work and be our best selves. Thus our teams come into the office four days per week to harness the benefits of in-person collaboration but have the flexibility to choose which days they work from home and adjust this arrangement as situational needs arise.

GIC is an equal opportunity employer
GIC is an equal opportunity employer and we value diversity. We do not discriminate based on race religion color national origin sex gender gender expression sexual orientation age marital status veteran status or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process to perform essential job functions and to receive other benefits and privileges of employment.

Learn more about our Technology Group here:
Experience:

Exec