Share this Job

AVP/VP, Data Protection and Privacy Compliance


Singapore, SG

Job Function:  Legal & Compliance
Job Type:  Permanent
Req ID:  7002

Legal and Compliance Department


The Legal and Compliance Department (LCD) manages the legal, regulatory, reputational and compliance risks of GIC. LCD partners with the business to ensure that such issues and risks are dealt with in a considered and timely manner. In the course of your work, you can expect to work with top international and local law firms.


We are looking for a suitable candidate to join our team as AVP/VP, Data Protection and Privacy Compliance.




  • Monitor and analyze global regulatory and enforcement trends and changes to data protection and privacy laws across all GIC offices and jurisdictions where GIC has investments or operates in.  Incumbent will be required to provide quality and timely advisory on how the laws will impact GIC and its businesses, collaborate with relevant business and corporate services stakeholders in the collection, processing, disclosure and/or retention of data to ensure compliance with the applicable laws, regulations and corporate policies. 
  • Implement, perform ongoing reviews of and updates to GIC’s compliance framework, policies, processes and controls to ensure they remain robust and compliant with the applicable data protection and privacy laws and regulations.  Incumbent should also keep abreast of industry standards and best practices and assess the applicability of such standards and practices to GIC.  He/she would also be responsible for implementing preventive controls and surveillance measures to mitigate the risk of data loss.
  • Facilitate knowledge sharing and educate all GIC employees on the importance of their obligations to comply with the data protection and privacy laws.  This includes the design and implementation of a training and communications program on the applicable laws, regulations and corporate policies to handle and protect GIC’s information and personal data.
  • Support investigations into potential data loss incidents, including the assessment of any potential legal and regulatory breaches, the enforcement and remediation of data loss incidents.
  • Monitor the relevant key risk indicators on data protection and support GIC’s Data Protection Officer ("DPO") in providing periodic management updates on the implementation of GIC’s data protection and privacy compliance program, key legal and regulatory developments, and personal data processing activities in GIC.
  • Review and respond to requests and queries related to data protection and privacy, including the filing of data breach notifications.
  • Participate actively in department and corporate initiatives, and collaborate with team members to assume joint responsibilities related to regulatory and compliance matters when assigned.




  • At least 5 to 7 years of relevant compliance experience, preferably in the data protection / privacy compliance space.
  • Strong understanding of data protection and privacy laws in major jurisdictions, with a good appreciation of how they are being applied in the local context. For Singapore, it would include the Official Secrets Act, Personal Data Protection Act and the Computer Misuse Act. For the UK, this would include EU GDPR.
  • Possess an analytical mind and a good working knowledge of financial market and investment processes.
  • Highly-motivated person who is able to work both independently and be a good team player to support others in the team, and collaborate effectively with internal stakeholders.
  • Self-starter, able and willing to conduct independent research on regulatory developments and work closely with external legal counsel.
  • Excellent written, communication and interpersonal skills are required with the ability to clearly articulate in layman's terms, technical regulatory advice and objective of the compliance policies and processes.
  • Strong project management skills.   


Our PRIME Values

Our PRIME Values

GIC is a values driven organization. GIC’s PRIME Values act as our compass, enabling us to fulfil our fundamental purpose and objectives. It is the foundational bedrock which governs our behaviors, our decision making, and our focus. It informs both our long-term strategy as a firm, and the way we relate to our Client, business partners and employees. PRIME stands for Prudence, Respect, Integrity, Merit and Excellence.