AVP, Cyber Security Engineering (DevSecOps & Cloud Security), COO Office
Singapore, SG
GIC is one of the world’s largest sovereign wealth funds. With over 2,000 employees across 11 locations around the world, we invest in more than 40 countries globally across asset classes and businesses. Working at GIC gives you exposure to an extraordinary network of the world’s industry leaders. As a leading global long-term investor, we Work at the Point of Impact for Singapore’s financial future, and the communities we invest in worldwide.
Chief Operating Officer (COO) Office
The COO Office supports our COO to streamline operations and align them with strategic goals. You will work with the COO, Heads of Departments, and stakeholders across GIC to achieve operational excellence.
Cyber Security, Information & Technology Risk Management
You will be a part of an independent risk management function to protect the firm’s information technology assets, including business data, from external threats and operational risks, and to facilitate the firm’s digitalisation journey in a secure manner.
What impact can you make in this role?
You will be empowered to be at the top of your game by providing strategic partnership, and innovative technology solutions that supports GIC’s vision of being a tech-driven, global, long-term investment firm.
What will you do as a AVP, Cyber Security Engineering, DevSecOps & Cloud Security?
- Identify and recommend improvement areas in existing enterprise security architecture to address evolving cybersecurity threats.
- Align and balance business requirements with cybersecurity, information, and technology requirements, based on the organization’s risk appetite.
- Evaluate, perform proof-of-value/proof-of-concept, design, build and implement enterprise-class cybersecurity systems.
- Develop integrated security operating models and documentations to ensure operational efficiency, scalability, and sustainability.
- Act as a domain expert and trusted partner in CSR; work closely with stakeholders in Technology Group and other business groups on cybersecurity engineering related matters.
What qualifications or skills should you possess in this role?
- Bachelor’s Degree in Information Technology, Computer Engineering or equivalent
- At least 10 years of relevant experience preferably in financial services or asset management industries, with minimum 7 years in Cyber Security or Information Security
- Professional qualification such as AWS and Azure security certifications
- Hands-on experience in in Secure Software Development Life Cycle (SSDLC), in Java, Python, C#, .NET, Kotlin
- Working knowledge of Waterfall, Agile, and DevOps development methodologies, and deployment to public cloud environments
- Strong understanding of DevSecOps tools, design, automation and and CI/CD tools, including IaC (Infrastructure as Code), GitLab/GitHub, Jenkins, application containers, as well as IAM (Identity and Access Management) in AWS and Azure
- Knowledge of Cloud Native Services, including AWS Well Architected Framework, and experience in implementing and operationalizing Cloud Security solutions (in Azure and/or AWS), such as Sentinel, Security Hub, Guard Duty, and Cloud Trail
- Familiarity with risk assessment and threat modelling techniques, static and dynamic code security analysis and testing, software composition analysis, and API security
- Ability to produce detailed documentation, including design diagrams and process flows
- Must be meticulous, versatile, and inquisitive, having strong attention to detail with an analytical mind and outstanding problem-solving skills
- Desire to learn, working in a diverse environment, interacting with multiple teams and functions to support strategic goals. Be a good team player and excellent communicator
- Professional qualification in information security, such as CISSP / CISM / CEH will be advantageous
Work at the Point of Impact
We need to be forward-looking to attract the right people to help us become the Leading Global Long-term Investor. Join our ambitious, agile, and diverse teams - be empowered to push boundaries and pursue innovative ideas, share your views, and be heard. Be anchored on our PRIME Values: Prudence, Respect, Integrity, Merit and Excellence, which guides us in how we make our day-to-day decisions. We strive to inspire. To make an impact.
Flexibility at GIC
At GIC, our offices are vibrant hubs for ideation, professional growth, and interpersonal connection. At the same time, we believe that flexibility allows us to do our best work and be our best selves. Thus, our teams come into the office four days per week to harness the benefits of in-person collaboration, but have the flexibility to choose which days they work from home and adjust this arrangement as situational needs arise.
GIC is an equal opportunity employer
As an employer, we passionately believe every individual brings with them unique diversity of thought and perspectives to meaningfully enrich perspectives of GIC teams to drive competitive performance. An inclusive environment yields exceptional contribution.
Learn More about out COO Office here:
https://gic.careers/departments/chief-operating-officer-office/