VP, Risk & Controls Officer, Technology Group

GIC is one of the world’s largest sovereign wealth funds. With over 2,000 employees across 11 offices around the world, we invest in more than 40 countries globally across asset classes and businesses. Working at GIC gives you exposure to an extraordinary network of the world’s industry leaders. As a leading global long-term investor, we Work at the Point of Impact for Singapore’s financial future, and the communities we invest in worldwide.

Technology Group
The Technology Group (TG) is a key enabler to keep our business moving forward and is constantly exploiting state-of-the-art information technologies to enhance GIC’s ability to be the leading global long-term investment firm. We aim to provide users with empowering and transformational capabilities, and to create an inclusive, innovative and integrated work environment.

What impact can you make in this role? 
You'll be empowered to be at the top of your game by providing strategic partnership, and innovative technology solutions that supports GIC’s vision of being a tech-driven, global, long-term investment firm.

What will you do as a VP, Risk & Controls Officer? 

• Lead by defining the firm’s infrastructure risk oversight strategy, ensuring effective governance and alignment with enterprise risk management frameworks.
• Drive compliance with operational risk processes and manage technology, information, and cybersecurity risks within various business areas, in line with the firm's risk appetite and regulatory requirements
• Plan and conduct technology, information, and cybersecurity gap assessments to identify possible risks at each stage of the Secure Software Development Lifecycle (SSDLC), evaluating relevant mitigating controls and measuring residual risk
• Collaborate with technology stakeholders to drive compliance with technology, information and cybersecurity policies and standards
• Monitor and report on the effectiveness of technology, information, and cybersecurity controls, identifying any control weaknesses and recommending improvements
• Facilitate awareness training on technology, information, and cybersecurity risks across the firm to ensure understanding and compliance; drive initiatives to promote a risk-based approach to application development within respective business areas
• Prepare regular risk and control reports for senior management, highlighting key risks and providing actionable insights on emerging risks, control performance, and audit outcomes.
• Coordinate with second-line (ITRM) and third-line (Internal Audit) control functions to ensure a unified approach to audit & risk management
• Champion a strong risk culture across technology and infrastructure teams through targeted awareness programs, training, and leadership engagement.
• Drive initiatives to enhance risk management processes, leveraging data analytics and automation to improve risk visibility and control efficiency.
  
  

What makes you a successful candidate?

• Bachelor’s degree in Information Technology, Computer Science, Risk Management, or a related discipline; advanced degree preferred.
• Relevant professional certifications such as Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), or Certified Information Security Manager (CISM) are highly desirable
• Deep understanding of  Secure Software Development Lifecycle (SSDLC) processes and practices
• Strong knowledge of regulatory requirements and industry standards (e.g., MAS TRM, ISO 27001, NIST).
• Strong understanding of technology, information, and cybersecurity risks and controls
• Extensive experience (typically 10+ years) in technology risk management, cybersecurity, or infrastructure oversight within financial services or similarly regulated industries.
• Proven ability to lead cross-functional teams, influence senior stakeholders, and drive strategic risk initiatives.
• Exceptional communication, analytical, and problem-solving skills, with the ability to translate complex risk issues into actionable business insights.
• Strong reporting skills, with the ability to monitor and report on the effectiveness of risk controls

Work at the Point of Impact
We need to be forward-looking to attract the right people to help us become the Leading Global Long-term Investor. Join our ambitious, agile, and diverse teams - be empowered to push boundaries and pursue innovative ideas, share your views, and be heard. Be anchored on our PRIME Values: Prudence, Respect, Integrity, Merit and Excellence, which guides us in how we make our day-to-day decisions. We strive to inspire. To make an impact.     

Flexibility at GIC
At GIC, our offices are vibrant hubs for ideation, professional growth, and interpersonal connection.  At the same time, we believe that flexibility allows us to do our best work and be our best selves.  Thus, our teams come into the office four days per week to harness the benefits of in-person collaboration, but have the flexibility to choose which days they work from home and adjust this arrangement as situational needs arise.

GIC is an equal opportunity employer 
GIC is an equal opportunity employer, and we value diversity. We do not discriminate based on race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment.

Learn more about our Technology Group here:  
https://gic.careers/group/technology-group/