AVP/VP, Cybersecurity (Governance Oversight)
SG, 238891
Temasek is a global investment company headquartered in Singapore, with a net portfolio value of S$434 billion (US$324 billion, €299 billion, £250 billion, and RMB2.35 trillion) as at 31 March 2025. Marking our unlisted assets to market would provide S$35 billion of value uplift and bring our mark to market net portfolio value to S$469 billion.
Our Purpose “So Every Generation Prospers” guides us to make a difference for today’s and future generations.
Operating on commercial principles, we seek to deliver sustainable returns over the long term.
We have 13 offices in 9 countries around the world: Beijing, Hanoi, Mumbai, Shanghai, Shenzhen, and Singapore in Asia; and Brussels, London, Mexico City, New York, Paris, San Francisco, and Washington, DC outside Asia.
For more information on Temasek, please visit www.temasek.com.sg.
For Temasek Review 2025, please visit www.temasekreview.com.sg.
For Sustainability Report 2025, please visit https://www.temasek.com.sg/content/dam/temasek-corporate/sustainability/2025/Temasek-Sustainability-Report-2025.pdf.
Introduction
Reporting to the Chief Information Security Officer (CISO), you will play a key role in strengthening trust, resilience and assurance across Temasek and its ecosystem, helping to build the trusted foundations that enable innovation, safeguard long-term value and support sustainable outcomes for generations to come.
You will provide independent governance, oversight and assurance across cybersecurity, AI security, IT security and emerging technology risks. Working closely with Business Units, key stakeholders and partners, you will help shape governance frameworks, provide independent assurance, and enable the secure, responsible and trustworthy adoption of technologies, including Artificial Intelligence and Agentic AI.
Beyond safeguarding the firm, you will help uplift cyber resilience, AI assurance and risk governance across Temasek's ecosystem and portfolio companies. Through collaboration, knowledge sharing and the advancement of leading practices, you will strengthen collective resilience, reinforce trust and help build a more secure and resilient ecosystem in an increasingly volatile and AI-driven world.
At its heart, this role is about stewarding trust for the future—balancing innovation, security and resilience so that Temasek and its ecosystem can continue to thrive, create enduring value for generations to come.
Responsibilities
Governance, Policy & Standards
- Partner closely with the CISO to provide independent oversight and continuous monitoring of compliance with Cybersecurity, AI Security and IT Security policies, standards and regulatory requirements.
- Develop, maintain and enhance enterprise-wide cybersecurity, AI security, AI governance and IT security frameworks, policies, standards and control requirements.
- Establish governance and assurance frameworks for the secure, responsible and trustworthy adoption of AI, including AI risk management, model governance, agentic AI controls and AI assurance.
- Monitor developments in cybersecurity, AI and regulatory requirements, and drive continuous enhancement of governance frameworks and standards.
Risk Oversight, Assurance & Advisory
- Perform cybersecurity, AI security and IT security risk assessments across business initiatives, infrastructure, applications, cloud services and AI deployments.
- Conduct independent reviews of security controls to assess design effectiveness, control maturity and compliance with policies, standards and regulatory requirements.
- Review and challenge business and IT initiatives to ensure security, risk and control requirements are appropriately identified and implemented.
- Provide independent cyber, AI and IT security risk advisory to support secure innovation and risk-informed decision-making.
- Maintain enterprise cyber, AI and IT security risk registers and drive effective tracking and remediation of identified risks.
AI Security & Emerging Risks
- Establish and oversee AI governance, risk assessment and assurance processes for AI systems and emerging technologies.
- Evaluate and risk-assess AI systems and autonomous agents for risks relating to security, privacy, safety, resilience and regulatory compliance, including prompt injection, data leakage, model manipulation and excessive autonomy.
- Identify, assess and monitor emerging risks arising from Generative AI, Agentic AI, Frontier AI and other evolving technologies.
- Assess the impact of emerging technologies on the organisation's cyber, AI and IT security posture and recommend appropriate controls.
Third-Party & Supply Chain Risk Management
- Support firm’s third-party, supply chain and AI vendor risk management programmes.
- Support the conduct of security due diligence for vendors, outsourced service providers, strategic partnerships and investments.
- Undertake vendor onboarding assessments, ongoing monitoring and remediation of identified risks.
- Enhance third-party and AI supplier governance frameworks to address evolving cyber and AI-related risks.
Reporting, Continuous Improvement & Stakeholder Management
- Modernise governance and oversight activities through automation, analytics and AI-enabled monitoring capabilities.
- Develop risk indicators, compliance metrics and dashboards to support effective risk monitoring and decision-making.
- Review cyber incidents, AI-related incidents, audit findings and control deficiencies to identify root causes, systemic weaknesses and emerging trends.
- Provide data-driven risk reporting and recommendations to the CISO, senior management and governance committees.
- Support enterprise-wide cyber resilience, AI security and risk awareness through stakeholder engagement, training and awareness programmes.
- Collaborate with business units to strengthen governance and risk management practices.
- Support cyber incident response, AI incident management and other strategic initiatives as required.
Requirements
Experience
- At least 6–8 years of experience in cybersecurity, IT security governance, risk management, compliance, audit or oversight roles.
- Proven experience in developing and implementing governance frameworks, policies, standards, risk assessments and assurance programmes.
- Experience within financial services or other regulated industries will be advantageous.
Technical & Domain Expertise
- Degree in Cybersecurity, Information Security, AI and machine learning, Computer Science and Engineering, or a related discipline.
- Strong understanding of cybersecurity, AI security, IT security governance and enterprise risk management principles.
- Good knowledge across key cybersecurity domains, including security architecture, cloud and infrastructure security, application security, identity and access management, data protection, cyber defence and third-party risk management.
- Familiarity with AI governance, AI assurance and AI security, including Generative AI, Large Language Models (LLMs), Agentic AI, model risk management, AI red teaming, adversarial AI threats, AI supply chain risks and emerging Frontier AI risks.
- Good knowledge of relevant frameworks, standards and regulations, including MAS TRM, NIST CSF, NIST AI RMF, ISO 27001, ISO 42001, MITRE ATLAS and Cybersecurity Code of Practice.
- Relevant professional certifications such as CISSP, CISA, CRISC, CCSP, CCSK, CGEIT, CDPSE, IAPP AIGP or equivalent are advantageous. Certifications in AI governance, AI security, AI risk management or AI assurance will be highly regarded.
Key Attributes
- Independent, objective and risk-oriented mindset with the ability to provide effective challenge.
- Strong analytical, investigative and problem-solving capabilities.
- Excellent communication, stakeholder management and influencing skills, including engagement with senior management and governance committees.
- Ability to translate complex cyber and AI risks into clear business implications and actionable recommendations.
- Proactive, results-oriented and able to drive governance outcomes across diverse stakeholder groups.