AVP/VP, DevSecOps Engineer, Technology Group

GIC is one of the world’s largest sovereign wealth funds. With over 2,000 employees across 11 locations around the world, we invest in more than 40 countries globally across asset classes and businesses. Working at GIC gives you exposure to an extraordinary network of the world’s industry leaders. As a leading global long-term investor, we Work at the Point of Impact for Singapore’s financial future, and the communities we invest in worldwide.

Technology Group
We experiment, design, and lead a 24×7 global business where we support core capabilities in asset management, trading, investment operations, and risk management. We deliver secure, reliable, and integrated solutions, and provide insights on new, and emerging technologies. 

Engineering and Architecture
You will help to build and sustains strong technology foundations forming the bedrock of GIC’s digital solutions. 

What impact can you make in this role?
You will be empowered to be at the top of your game by providing strategic partnership, and innovative technology solutions that supports GIC’s vision of being a tech-driven, global, long-term investment firm.

What will you do as a DevSecOps Engineer?
We are seeking a highly skilled and motivated DevSecOps Engineer to join our dynamic team. As a DevSecOps Engineer, you will be responsible for designing, implementing, and maintaining secure and efficient development, build, testing, and deployment pipelines. You will collaborate with cross-functional teams to ensure the integration of security practices throughout the software development lifecycle. The ideal candidate will have a strong background in software development, security, and operations, with a passion for automating processes and implementing best practices.

• Design, develop, and maintain secure and scalable DevSecOps pipelines, tools, and frameworks
• Collaborate with development, cloud, and security teams to integrate best practices into the software development lifecycle
• Implement and manage continuous integration and continuous deployment (CI/CD) processes to ensure efficient and reliable software delivery
• Stay up-to-date with the latest security trends, technologies, and best practices, and provide recommendations for improvement
• Collaborate with development teams for continuous enhancements and pipeline reviews
• Automate self-help processes and templates with guardrails that development teams can use

What makes you a successful candidate?

• Bachelor's degree in Computer Science or a related field. Relevant certifications (e.g. AWS Solutions Architect, DevOps) are a plus
• Proven experience as a DevSecOps Engineer or a similar role, with a strong background in software development
• Experience in at least one programming language like Java, C#, Python, or Node. Demonstrates Test Driven Development (TDD) in their work
• Proficiency in scripting languages, such as Python, Shell, or PowerShell
• In-depth knowledge of DevOps principles, practices, and tools, including CI/CD pipelines, configuration management, and infrastructure automation
• Good understanding of security and networking principles, protocols, and technologies
• Experience with the following toolsets or their equivalent:
  • GitHub with Actions: Proficiency in using GitHub for version control, collaboration, and code review processes. Experience in configuring and managing CI/CD pipelines using GitHub Actions for automated software builds, tests, and deployments
  • GitHub Advanced Security: Familiarity with GitHub Advanced Security features, such as CodeQL (SAST), secret scanning, and dependency analysis (OSS)
  • JFrog Artifactory with XRay: Experience in managing artifact repositories for storing and distributing software packages. Knowledge of using JFrog XRay for scanning and analyzing artifacts for security vulnerabilities and license compliance
• Familiarity with integrating security scanning tools like Snyk and Wiz for open-source vulnerabilities and container scanning.
• Experience with cloud platforms (AWS preferred) and containerization technologies (e.g., Docker, Kubernetes)
• Proficient in AWS technologies or their equivalent like OIDC, STS, AWS CLI, CloudFormation
• Excellent problem-solving and analytical skills, with the ability to identify and mitigate security risks
• Strong communication and collaboration skills, with the ability to work effectively in cross-functional teams

Work at the Point of Impact
We need to be forward-looking to attract the right people to help us become the Leading Global Long-term Investor. Join our ambitious, agile, and diverse teams - be empowered to push boundaries and pursue innovative ideas, share your views, and be heard. Be anchored on our PRIME Values: Prudence, Respect, Integrity, Merit and Excellence, which guides us in how we make our day-to-day decisions. We strive to inspire. To make an impact. 

Flexibility at GIC 
At GIC, our offices are vibrant hubs for ideation, professional growth, and interpersonal connection.  At the same time, we believe that flexibility allows us to do our best work and be our best selves.  Thus, our teams come into the office four days per week to harness the benefits of in-person collaboration, but have the flexibility to choose which days they work from home and adjust this arrangement as situational needs arise.

We are an equal opportunity employer
GIC is an equal opportunity employer, and we value diversity. We do not discriminate based on race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment.
Please email grphrodtaops@gic.com.sg at any point of the application or interview process if adjustments need to be made due to a disability.

Learn more about our Technology Group here: 
https://gic.careers/group/technology-group/