VP, M365 Engineering, Technology Group

GIC is one of the world’s largest sovereign wealth funds. With over 2,000 employees across 11 locations around the world, we invest in more than 40 countries globally across asset classes and businesses. Working at GIC gives you exposure to an extraordinary network of the world’s industry leaders. As a leading global long-term investor, we Work at the Point of Impact for Singapore’s financial future, and the communities we invest in worldwide.

Technology Group
We experiment, design, and lead a 24×7 global business where we support core capabilities in asset management, trading, investment operations, and risk management. We deliver secure, reliable, and integrated solutions, and provide insights on new, and emerging technologies. 

What impact will you make in this role?

We are looking for an experienced and highly skilled Microsoft 365 Engineer with strong hands-on expertise in engineering, security and automation. The ideal candidate will be responsible for building, securing, and maintaining Microsoft 365 services across the enterprise - ensuring optimal performance, robust security, and compliance.
This is a technical, hands-on engineering role that involves daily operational support, advanced troubleshooting, PowerShell automation, and collaboration with security and identity teams to enhance the M365 ecosystem.

What will you do as a VP, M365 Engineering?

Engineering, Security & Compliance

• Design, build, configure, and manage core M365 & AVD services — Exchange Online, SharePoint Online, OneDrive, Teams, Intune (including endpoint and mobile management) and AVD.
• Engineer and optimize device compliance, configuration profiles, and application protection policies in Intune.
• Perform M365 tenant management, including license allocation, mail flow rules, and Teams/SharePoint governance.
• Build and maintain automation scripts using PowerShell for reporting, compliance checks, and routine administration tasks.
• Troubleshoot complex service, sync, and policy issues across hybrid and cloud M365 environments.
• Implement and maintain Microsoft Defender for Office 365, Defender for Endpoint, and Microsoft Purview DLP and sensitivity labels.
• Enforce Conditional Access, MFA, and device compliance policies via Entra ID and Intune.
• Perform regular security posture reviews using Secure Score and compliance insights.
• Respond to security alerts and incidents from Defender and Entra ID, driving engineered remediation actions.
•  Partner with identity and SOC teams to improve detection and harden M365 security configurations.

Integration & Collaboration

• Integrate M365 services with on-prem Active Directory, Entra ID, Azure, and security platforms (Sentinel/SIEM).
• Support hybrid identity scenarios including AAD Connect, authentication methods, and password policies.
• Collaborate with Red Team, Security Engineering, and Cloud Infrastructure teams to remediate findings and strengthen Zero Trust controls.

Documentation & Continuous Improvement

• Maintain up-to-date documentation, configuration baselines, and change records.
• Create runbooks, PowerShell scripts, and automation playbooks for common operational workflows that the Operations team will utilise.
• Stay current with Microsoft 365 roadmap updates, recommending improvements and adopting new features securely.

What makes you a successful candidate?

At least 12 years total IT experience, with 5+ years hands-on in M365 engineering and security.

Deep technical knowledge of:

• Exchange Online, Teams, SharePoint, OneDrive, and Intune.
• Microsoft Defender suite, Purview Compliance, and Entra ID security controls.
• PowerShell scripting (advanced level – automation, APIs, bulk actions, reporting).
• Conditional Access, MFA, identity protection, and device compliance.
• Experience managing hybrid identity setups (AAD Connect, password hash/single sign-on).
• Strong analytical and troubleshooting skills for M365-related incidents and service issues.
• Understanding of Zero Trust concepts and secure collaboration practices.

Preferred Qualifications / Certifications:

• Microsoft Certified: M365 Security Administrator Associate (MS-500)
• Microsoft Certified: Enterprise Administrator Expert (MS-100/MS-101)
• SC-300 or AZ-500 a strong plus
• Experience working with Microsoft Sentinel or other SIEM tools.
• Familiarity with API integrations or Graph API for M365 automation.

Work at the Point of Impact
We need to be forward-looking to attract the right people to help us become the Leading Global Long-term Investor. Join our ambitious, agile, and diverse teams - be empowered to push boundaries and pursue innovative ideas, share your views, and be heard. Be anchored on our PRIME Values: Prudence, Respect, Integrity, Merit and Excellence, which guides us in how we make our day-to-day decisions. We strive to inspire. To make an impact. 

GIC is a Great Place to Work

At GIC, our offices are vibrant hubs for ideation, professional growth, and interpersonal connection.  At the same time, we believe that flexibility allows us to do our best work and be our best selves. Thus, our teams come into the office four days per week to harness the benefits of in-person collaboration, but have the flexibility to choose which days they work from home and adjust this arrangement as situational needs arise. This role will be in our Tampines Office. 

GIC is an equal opportunity employer 
As an employer, we passionately believe every individual brings with them unique diversity of thought and perspectives to meaningfully enrich perspectives of GIC teams to drive competitive performance. An inclusive environment yields exceptional contribution.

Learn more about our Technology Group here: 
https://gic.careers/group/technology-group/