AVP, Risk & Control Officer - Infrastructure Risk Oversight, COO Office | Singapore, SG

AVP, Risk & Control Officer - Infrastructure Risk Oversight, COO Office

GIC is one of the world's largest sovereign wealth funds. With over 2,000 employees across 11 locations around the world, we invest in more than 40 countries globally across asset classes and businesses. Working at GIC gives you exposure to an extraordinary network of the world's industry leaders. As a leading global long-term investor, we work at the point of impact for Singapore's financial future and the communities we invest in worldwide.

Chief Operating Officer (COO) Office
The COO Office supports our COO to streamline operations and align them with strategic goals. You will work with the COO, Heads of Departments, and stakeholders across GIC to achieve operational excellence.

Cyber Security, Information & Technology Risk Management
You will be a part of an independent risk management function to protect the firm's information technology assets, including business data, from external threats and operational risks, and to facilitate the firm's digitalization journey in a secure manner.

What impact can you make in this role?
You will be empowered to be at the top of your game by providing strategic partnership and innovative technology solutions that support GIC's vision of being a tech-driven, global, long-term investment firm.

What will you do as an AVP, Risk & Control Officer - Infrastructure Risk Oversight?

• Drive compliance with operational risk processes and manage technology, information, and cybersecurity risks within various business areas, in line with the firm's risk appetite and regulatory requirements.
• Plan and conduct technology, information, and cybersecurity gap assessments to identify possible risks at each stage of the Secure Software Development Lifecycle (SSDLC), evaluating relevant mitigating controls and measuring residual risk.
• Collaborate with Business Partner & Solutions (BPS), Infrastructure and Platform Services (IPS), and Service Integration and Management (SIAM) teams to drive compliance with technology, information, and cybersecurity policies and standards.
• Monitor and report on the effectiveness of technology, information, and cybersecurity risk controls, identifying any control weaknesses and recommending improvements.
• Facilitate risk and control awareness training on technology, information, and cybersecurity across the firm to ensure understanding and compliance, driving initiatives to promote a risk-based approach to application development within respective business areas.
• Prepare regular risk and control reports for senior management, highlighting key audit, risks, and control issues.
• Coordinate ITRM and third-line/Internal Audit risk functions to ensure a unified approach to audit & risk management.

What qualifications or skills should you possess in this role?

• Relevant professional certifications such as Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), or Certified Information Security Manager (CISM) are highly desirable.
• Familiarity with Secure Software Development Lifecycle (SSDLC) processes and practices.
• Knowledge of relevant regulatory requirements and industry standards for technology and cybersecurity.
• Experience in conducting risk assessments and thematic reviews.
• Strong understanding of technology, information, and cybersecurity risks and controls.
• Excellent collaboration skills to work effectively with various teams across the organization.
• Strong reporting skills, with the ability to monitor and report on the effectiveness of risk controls.
• Ability to prepare clear and concise risk and control reports for senior management.

Work at the Point of Impact
We need to be forward-looking to attract the right people to help us become the Leading Global Long-term Investor. Join our ambitious, agile, and diverse teams - be empowered to push boundaries and pursue innovative ideas, share your views, and be heard. Be anchored on our PRIME Values: Prudence, Respect, Integrity, Merit, and Excellence, which guides us in how we make our day-to-day decisions. We strive to inspire. To make an impact.

Flexibility at GIC
At GIC, our offices are vibrant hubs for ideation, professional growth, and interpersonal connection. At the same time, we believe that flexibility allows us to do our best work and be our best selves. Thus, our teams come into the office four days per week to harness the benefits of in-person collaboration but have the flexibility to choose which days they work from home and adjust this arrangement as situational needs arise.

GIC is an equal opportunity employer
As an employer, we passionately believe every individual brings with them unique diversity of thought and perspectives to meaningfully enrich the perspectives of GIC teams to drive competitive performance. An inclusive environment yields exceptional contributions.

Learn More about our COO Office here:
https://gic.careers/departments/chief-operating-officer-office/

Our PRIME Values
GIC is a values-driven organization. GIC's PRIME Values act as our compass, enabling us to fulfill our fundamental purpose and objectives. It is the foundational bedrock which governs our behaviors, our decision-making, and our focus. It informs both our long-term strategy as a firm and the way we relate to our clients, business partners, and employees. PRIME stands for Prudence, Respect, Integrity, Merit, and Excellence.