AVP, Threat Prevention - Cyber Security Assurance & Defense

GIC is one of the world’s largest sovereign wealth funds. With over 2,000 employees across 12 locations around the world, we invest in more than 40 countries globally across asset classes and businesses. Working at GIC gives you exposure to an extraordinary network of the world’s industry leaders. As a leading global long-term investor, we Work at the Point of Impact for Singapore’s financial future, and the communities we invest in worldwide.

Infrastructure & Cybersecurity Resilience (CSR)

We design, build, and secure the technology foundations that power GIC’s global investment operations. We aim to deliver resilient, scalable, and secure infrastructure that empowers our people and businesses to perform securely, efficiently, and effectively.

You will be a part of a global operational function to protect the firm’s information technology and digital assets, including business data, from external threats, manage operational risks, and to facilitate the firm’s digitalization journey in a secure manner.

What impact can you make in this role?

The AVP Threat Prevention is responsible for the posture, policy management, monitoring, and continuous improvement of security controls. This role ensures that security controls are correctly enforced, managed, issues are triaged efficiently, and the overall posture of the organization’s remains robust against evolving threats and supports GIC’s global cybersecurity operations.

What will you do as an AVP Threat Prevention?

• Design, implement, and maintain security controls in one or more areas such as DLP, EDR, NDR, Cloud Security, Firewalls or WAF
• Performing Monitoring & Event Triage as part of a global cybersecurity operating model.
• Continuously assess and enhance the effectiveness of existing controls to address evolving cyber threats.
• Continuously monitor dashboards, logs, and alerts and respond accordingly
• Troubleshoot and refine security policies and configurations to ensure optimal performance and compliance.
• Perform initial triage of detections, enrich events with contextual data.
• Conduct periodic rule‑tuning based on emerging threat patterns and false‑positive analysis.
• Work closely with network, identity, and application security operational teams to ensure consistent policy enforcement.
• Maintain up‑to‑date runbooks, SOPs, and configuration baselines
• Evaluate new features from DLP, EDR, NDR, Cloud controls, Firewall or WAF; Pilot enhancements that could improve security efficacy or operational efficiency.
• Participate in post‑incident reviews to identify gaps and recommend platform‑level mitigations.

What qualifications or skills should you possess in this role? 

• A degree in Computer Science, Information Technology, or a related field.
• Hands‑on experience configuring and managing in one or more areas DLP, EDR, NDR, Cloud Controls such as SASE (policy engine, detection), Firewalls or WAF.
• Strong understanding of cloud‑based security architectures, zero‑trust principles, and secure web traffic inspection.
• Proven ability to analyze security events, triage, and coordinate escalations.
• 5–7 years of experience in cybersecurity operations, threat analysis, or security engineering.
• Familiarity with Security Information Event Management (SIEM) and Security Orchestration (SOAR)
• Knowledge of operating systems and networks such as Unix, Windows, TCP/IP, DNS, HTTP/S, TLS, and Proxy concepts.
• Ability to automate repetitive tasks via PowerShell, Python, or Bash (e.g., bulk policy updates, API‑driven reporting). Experience with AI Cyber Defense and automation platforms is an advantage.
• Strong analytical mindset, attention to detail, and effective communication with cross‑functional teams.
• Ability to translate technical findings into clear, actionable recommendations for non‑technical stakeholders.
• Ability to work independently with minimal supervision while maintaining high-quality standards.
• Certifications: CISSP, CCSP, GSEC, CompTIA or vendor‑specific credentials (DLP, EDR or Cloud Security Controls)
• Proactive and adaptable, continuously learning and staying current with evolving technologies and threats.

Work at the Point of Impact

We need to be forward-looking to attract the right people to help us become the Leading Global Long-term Investor. Join our ambitious, agile, and diverse teams - be empowered to push boundaries and pursue innovative ideas, share your views, and be heard. Be anchored on our PRIME Values: Prudence, Respect, Integrity, Merit and Excellence, which guides us in how we make our day-to-day decisions. We strive to inspire. To make an impact.

Flexibility at GIC

At GIC, our offices are vibrant hubs for ideation, professional growth, and interpersonal connection.  At the same time, we believe that flexibility allows us to do our best work and be our best selves.  Thus, our teams come into the office four days per week to harness the benefits of in-person collaboration but have the flexibility to choose which days they work from home and adjust this arrangement as situational needs arise.

We are an equal opportunity employer

As an employer, we passionately believe every individual brings with them unique diversity of thought and perspectives to meaningfully enrich perspectives of GIC teams to drive competitive performance. An inclusive environment yields exceptional contribution.

Compensation

Our compensation philosophy reflects several principles. We strive to provide a competitive compensation package to attract and retain talent globally. We pay for performance, and reward sustainable results.

Total pay for this position comprises base pay and bonus. The anticipated base salary range for this role is between $120,000 and $140,000.  Bonuses, which may form a meaningful proportion of the total pay package, are determined based on company and individual performance.

Learn more about our Technology Group here: https://gic.careers/group/technology-group/