VP, Network Security Engineer, Technology Group

Location: Singapore, SG

Job Function: Technology Group

Job Type: Permanent

GIC is one of the world’s largest sovereign wealth funds. With over 2,000 employees across 11 locations around the world, we invest in more than 40 countries globally across asset classes and businesses. Working at GIC gives you exposure to an extraordinary network of the world’s industry leaders. As a leading global long‑term investor, we work at the point of impact for Singapore’s financial future, and the communities we invest in worldwide.

Technology Group: We experiment, design, and lead a 24×7 global business where we support core capabilities in asset management, trading, investment operations, and risk management. We deliver secure, reliable, and integrated solutions, and provide insights on new, and emerging technologies.

The VP, Network Security Engineer is responsible for ensuring the design, deployment, and ongoing assurance of a secure, resilient, and compliant network infrastructure across on-premises, hybrid, and cloud environments.

This role provides a holistic remit across engineering, policy, and governance, working closely with infrastructure engineering, infrastructure and security operations, and compliance teams to align technical delivery with MAS TRM and CSA CCoP requirements and international best practices such as NIST, ISO 27001, and CIS benchmarks.

You will be instrumental in converting governance and regulatory objectives into operational network controls, ensuring our systems remain secure, scalable, and highly available. This will be achieved through security design reviews, configuration assessments, governance, and continuous assurance of network controls that safeguard our systems.

Design & Implementation

• Lead the design and deployment of secure network architectures across on-premises and cloud environments.
• Ensure solutions incorporate defense-in-depth, segmentation, high availability, and disaster recovery capabilities.
• Evaluate and integrate new network and security technologies to enhance threat protection and resilience.
• Translate MAS TRM and CSA CCoP requirements into practical, implementable technical designs, with actionable technical control objectives and configurations for firewalls, segmentation, and network security devices.
• Review and validate design artefacts, network diagrams, and configuration baselines for compliance with standards (e.g., MAS TRM, CSA CCoP).

Network Security Governance & Compliance

• Develop, maintain, and enforce network security policies, standards, and control frameworks in alignment with MAS TRM, CSA CCoP, ISO 27001, industry best practices, with alignment to GIC’s internal security framework.
• Conduct periodic compliance reviews, control testing, and assessments to validate adherence to approved security standards.
• Coordinate with risk and compliance teams to support regulatory audits, internal reviews, and security risk assessments.
• Establish and track governance metrics, KPIs, and dashboards for network security posture reporting to management.

Security Design Review & Assurance

• Lead or participate in network and security design reviews to ensure new deployments comply with internal standards and MAS TRM guidelines.
• Review and approve firewall rule base and configuration changes, ensuring adherence to least privilege and zero‑trust principles.
• Provide technical guidance to project and infrastructure teams to ensure secure‑by‑design network architectures.
• Conduct post‑implementation reviews to validate the effectiveness of security controls and identify improvement areas.

Technical Advisory & Continuous Improvement

• Serve as a subject matter expert for network security controls, including firewalls, IDS/IPS, NAC, proxies, SASE, and VPN.
• Collaborate with SOC and operations teams on incident investigations and identify governance‑related corrective actions.
• Support initiatives for network security automation, baseline hardening, and configuration management.
• Stay current with MAS advisories, emerging threats, and technology risk trends to proactively enhance network security governance.
• Integrate security engineering into delivery pipelines; maintain zero regulatory findings and aim for zero audit points.
• Ensure full compliance with MAS TRM, CSA CCoP, NIST CSF, GDPR, SWIFT Customer Security Controls Framework (CSCF).
• Maintain the Network RCSA and publish monthly KRI dashboards to the Board Risk Committee.

• Bachelor’s degree in Computer Science, Information Security, or a related discipline.
• 8–10 years of experience in network security engineering, with experience spanning design, implementation, and governance within the financial services sector.

• Firewalls and perimeter defense across well‑known firewall brands
• Network segmentation, Zoning, VPNs, IDS/IPS, NAC, proxies, and SASE
• Secure routing and switching (BGP, OSPF, VLAN, QoS)
• Hybrid and cloud network security (AWS/Azure)
• Network resilience design, HA configurations, and disaster recovery planning
• Firewall policy and configuration management tools

• MAS TRM and CSA CCoP Guidelines
• ISO/IEC 27001/27002, NIST CSF, CIS benchmark, GDPR, and SWIFT Customer Security Controls Framework (advantageous)

• CISSP, CISM, CCNP Security, PCNSE, or equivalent

• Strong technical leadership with a holistic understanding of security, resilience, and compliance interdependencies.
• Excellent analytical, problem‑solving, and communication skills for both technical and executive audiences.
• Ability to balance security rigor with operational practicality.
• Collaborative mindset with the ability to influence across architecture, operations, and compliance teams.

We need to be forward looking to attract the right people to help us become the Leading Global Long‑term Investor. Join our ambitious, agile, and diverse teams – be empowered to push boundaries and pursue innovative ideas, share your views, and be heard. Be anchored on our PRIME Values: Prudence, Respect, Integrity, Merit and Excellence, which guide us in how we make our day‑to‑day decisions. We strive to inspire. To make an impact.

At GIC, our offices are vibrant hubs for ideation, professional growth, and interpersonal connection. At the same time, we believe that flexibility allows us to do our best work and be our best selves. Thus, our teams come into the office four days per week to harness the benefits of in‑person collaboration, but have the flexibility to choose which days they work from home and adjust this arrangement as situational needs arise.

As an employer, we passionately believe every individual brings with them unique diversity of thought and perspectives to meaningfully enrich perspectives of GIC teams to drive competitive performance. An inclusive environment yields exceptional contribution.