Associate/AVP, Data Privacy & Protection


Singapore, SG

Job Function:  Legal & Compliance Department
Job Type:  Permanent
Req ID:  15712


GIC is one of the world’s largest sovereign wealth funds. With over 2,000 employees across 11 locations around the world, we invest in more than 40 countries globally across asset classes and businesses. Working at GIC gives you exposure to an extraordinary network of the world’s industry leaders. As a leading global long-term investor, we Work at the Point of Impact for Singapore’s financial future, and the communities we invest in worldwide.


Legal and Compliance Department

We govern, structure, negotiate and execute the largest and most complex deals globally, across all asset classes.


You will gate-keep and escalate material regulatory, compliance, reputational risks and incidents to the GIC Board and senior management. You will help to monitor the constantly evolving regulatory landscape to advise our stakeholders of the potential implications and to implement the requisite controls. You will also promote and reinforce staff awareness of the applicable regulatory and compliance policies and procedures.


What impact can you make in this role?

You will be part of a team that manages the legal, regulatory, compliance, and reputational risks of GIC.


We are looking for a highly motivated, high caliber candidate to join as an Associate / Assistant Vice President, covering Data Privacy and General Regulatory Compliance.


What will you do as an Associate/AVP, Data Privacy and Protection?


Data Privacy and Protection

  • Monitor, analyze and advise on the applicable global laws and regulations relating to data privacy and protection, including but not limited to the Official Secrets Act and the Personal Data Protection Act in Singapore, the EU/UK GDPR and China’s Personal Information Protection Law, Cybersecurity Law and Data Security Law. 
  • Provide robust and timely advice on how the applicable data privacy and protection laws and regulations apply to and impact GIC’s investment and operational activities that involve the collection, processing, disclosure, retention and/or deletion of data and to ensure compliance with such laws and regulations. 
  • Advise internal stakeholders on the applicable obligations for each existing and new data processing activity following a “privacy by design” approach, including but not limited to consent management; and supporting and advising stakeholders on performing privacy impact assessments. 
  • Implement and perform ongoing reviews of GIC’s data privacy and protection framework, policies, processes and controls to ensure they remain robust, compliant with laws and regulations and are aligned with industry standards and best practices.  This includes implementing and enhancing GIC’s privacy management system; reviewing data processing records and privacy impact assessments; and maintaining and implementing the process for responding to Data Subject Access Requests.  
  • Work closely with and advise other control functions such as Internal Audit and IT Risk Management to identify any emerging and key risk trends relating to data privacy and protection, and remediate control gaps to mitigate risks to GIC. 
  • Facilitate knowledge sharing and educate all GIC employees on the importance of their obligations to comply with the applicable data privacy and protection laws and regulations.  This includes the design and implementation of a training and communications program on the applicable laws, regulations and corporate policies on data privacy and protection.  


General/Regulatory Compliance

  • Support the Regulatory Advisory team in Compliance to monitor specific regulatory requirements/rules governing GIC’s investment and trading activities. 
  • Analyze and implement relevant controls and processes to ensure that GIC complies with the applicable regulatory obligations and restrictions. 
  • Lead and/or participate in ad-hoc projects to support the Compliance Division in its implementation of GIC’s Compliance Program.   


What qualifications or skills should you possess in this role?  


  • At least 3 years of relevant compliance experience, with preferably experience in operational data protection, reviewing and managing privacy impact assessments and privacy compliance.
  • Ideally with experience working in a financial institution. 
  • General understanding of personal data privacy and protection laws and regulations in major jurisdictions, with a good appreciation of how they are being applied in the local context.
  • Ideally with at least one IAPP certification. CIPM or CIPP/E is preferred. 
  • Displays attention to detail and is able to handle multiple, competing tasks/projects and deadlines to support stakeholders globally. 
  • Excellent written, communication and interpersonal skills, with the ability to clearly articulate in layman’s terms, technical regulatory advice and objective of the compliance policies and processes. 
  • Self-starter, able and willing to independently conduct research on a wide range of legal and regulatory developments, and work closely with external legal counsel to clarify the applicable legal and regulatory requirements


Work at the Point of Impact
We need to be forward-looking to attract the right people to help us become the Leading Global Long-term Investor. Join our ambitious, agile, and diverse teams - be empowered to push boundaries and pursue innovative ideas, share your views, and be heard. Be anchored on our PRIME Values: Prudence, Respect, Integrity, Merit and Excellence, which guides us in how we make our day-to-day decisions. We strive to inspire. To make an impact. 


Flexibility at GIC
At GIC, our offices are vibrant hubs for ideation, professional growth, and interpersonal connection.  At the same time, we believe that flexibility allows us to do our best work and be our best selves.  Thus, our teams come into the office four days per week to harness the benefits of in-person collaboration, but have the flexibility to choose which days they work from home and adjust this arrangement as situational needs arise.


GIC is an equal opportunity employer 
As an employer, we passionately believe every individual brings with them unique diversity of thought and perspectives to meaningfully enrich perspectives of GIC teams to drive competitive performance. An inclusive environment yields exceptional contribution.


Learn more about our Legal & Compliance Department here:

Our PRIME Values

Our PRIME Values

GIC is a values driven organization. GIC’s PRIME Values act as our compass, enabling us to fulfil our fundamental purpose and objectives. It is the foundational bedrock which governs our behaviors, our decision making, and our focus. It informs both our long-term strategy as a firm, and the way we relate to our Client, business partners and employees. PRIME stands for Prudence, Respect, Integrity, Merit and Excellence.