AVP​/VP, Cybersecurity Assurance, Technology Group

AVP/VP, Cybersecurity Assurance, Technology Group

Join to apply for the AVP/VP, Cybersecurity Assurance, Technology Group role at GIC
.

GIC is one of the world’s largest sovereign wealth funds, with over 2,000 employees across 11 global locations. We invest in more than 40 countries across asset classes and businesses, enabling us to be a leading long‑term investor while supporting Singapore’s financial future and the communities where we invest.

The Technology Group (TG) is a key enabler that keeps our business moving forward by exploiting cutting‑edge information technologies to enhance GIC’s investment capabilities. It provides users with empowering, transformational capabilities and fosters an inclusive, innovative, and integrated work environment.

The individual will be part of the Cybersecurity Assurance & Defence (CSAD) team and will strengthen the firm’s security posture through proactive vulnerability management, adversarial attack simulation planning, and continuous security baseline improvement. The role requires strategic thinking, strong analytical skills, and the ability to influence stakeholders across technical and business domains.

• Lead and participate in vulnerability management & threat modelling discussions, ensuring effective prioritisation and remediation of identified threats.
• Operate and maintain vulnerability scanning tools (e.g., OSS, SAST, DAST, OS, Secret Scanning), ensuring scans are executed, results analysed, and findings addressed.
• Support the planning, coordination, and management of adversarial attack simulations to validate the firm’s defensive capabilities.
• Evaluate vulnerabilities holistically to identify threat severity and prioritisation, acting as a control owner to ensure timely mitigation.
• Understand and manage security baselines, ensuring configuration drifts are detected, assessed, and remediated.
• Manage day‑to‑day cybersecurity assurance operations, prioritising tasks and allocating resources based on risk and impact.
• Analyse vulnerability data to identify patterns, correlations, and root causes, and partner with relevant teams to implement sustainable remediation measures.
• Drive community initiatives to enhance the firm’s overall security posture through active knowledge sharing and best practice recommendations.
• Collaborate with engineering, operations, risk, and business stakeholders to influence security improvements and embed security assurance practices into operational processes.
• Contribute to continuous improvement of cybersecurity assurance standards, frameworks, processes, and reporting.

• Bachelor’s degree in Computer Science, Information Security, or a related field.
• Proven experience in offensive security, cybersecurity assurance, vulnerability management, or threat analysis.
• Strong understanding of adversarial attack simulation methodologies (e.g., red teaming, purple teaming).
• Familiarity with defining security baselines, configuration management, and drift detection tools.
• Proficiency in analysing and interpreting vulnerability data to drive actionable insights.
• Excellent communication and stakeholder management skills, with the ability to influence and drive change.
• Demonstrated ability to think strategically and connect technical findings to business risks and outcomes.
• Experience with enterprise security architecture and knowledge of how security controls address evolving cybersecurity threats.
• Relevant offensive security certifications such as OSCP or equivalent.
• Experience with vulnerability management tools (e.g., OSS, SAST, DAST, OS, CSPM, SSPM) and configuration management platforms.

We need to be forward‑looking to attract the right people to help us become the leading global long‑term investor. Join our ambitious, agile, and diverse teams – be empowered to push boundaries, pursue innovative ideas, share your views, and be heard. We are anchored on our PRIME Values:
Prudence, Respect, Integrity, Merit, and Excellence, which guide our day‑to‑day decisions. We strive to inspire to make an impact.

At GIC, our offices serve as vibrant hubs for ideation, professional growth, and interpersonal connection. We believe flexibility allows our teams to perform at their best. As a result, our teams come into the office four days per week and can choose which days to work from home, adjusting arrangements as situational needs arise.

As an employer, we passionately believe every individual brings a unique diversity of thought and perspective, enriching our teams and driving competitive performance. An inclusive environment yields exceptional value.

Mid‑Senior level

Full‑time

Information Technology

Investment Management and Financial Services