Share this Job

AVP/VP, Information & Technology Risk Management


Singapore, SG

Job Function:  Data & Technology
Job Type:  Permanent
Req ID:  6187


The Technology Group (TG) is a key enabler to keep our business moving forward and is constantly exploiting state-of-the-art information technologies to enhance GIC’s ability to be the leading global long-term investment firm. We aim to provide users with empowering and transformational capabilities, and to create an inclusive, innovative and integrated work environment.


The Cybersecurity and IT Risk (CSITR) function is an integral cyber, information and technology risk management function tasked with securing GIC’s digital assets and business data from cyber threats & adverse impacts.


We are looking for a suitable candidate for the role of AVP/VP, Information & Technology Risk Management (ITRM). This role reports to the SVP, ITRM and is responsible for the definition and execution of the program of work for information and technology risk management.


  • Formulate and maintain cyber, information and technology risk policies, standards and guidelines for the firm.
  • Act as a domain expert and trusted partner in information and technology risk; work closely with Information and Technology Risk Officers and stakeholders in various functions to enforce information and technology risk management policies and standards.
  • Conduct regular awareness training for staff on cyber, information and technology risks, including policies, standards and relevant topics; periodically publish security awareness articles.
  • Conduct periodic and ad-hoc assessments to monitor compliance with security policy and security controls design and operating effectiveness; review information and technology risk, audit and operational risk issues to identify root causes and trends, and recommend appropriate remediation.
  • Define and execute the program of work for information and technology risk management, including budgeting, prioritization, resource allocation, and coordination with internal and external partners.
  • Identify and assess emerging risks, and devise effective mitigating controls together with stakeholders.
  • Work closely with peers in ITRM, and partner with Operational Risk Management (ORM) in monitoring operational risk tolerance metrics, operational risk events and control deficiencies, as well as reporting and escalations to relevant Risk Committees.



  • Bachelor's Degree in Information Technology, Computer Science, Engineering or equivalent.
  • More than 10 years of relevant experience in financial services industries, with minimum 5 years in risk functions involving information, technology and cyber security risk.
  • Professional knowledge and experience with industry Information, technology risk or cyber security management frameworks.
  • Equipped with professional business partnership and virtual team management experiences.
  • Strong influencing, problem solving, analytical and interpersonal skills.
  • Possession of professional qualifications - CISM, CRISC, PMP, CISA, CISSP, CSX etc.– will be advantageous.

Find similar jobs: