About the Wealth Management Institute (WMI)

Established in 2003, the Wealth Management Institute (WMI) is committed to building capabilities for investing in a better tomorrow. Founded by GIC and Temasek, our vision is to be Asia’s Centre of Excellence for wealth and asset management education and research. WMI has been appointed as Singapore’s Lead Training Provider for Private Banking by the Institute of Banking and Finance Singapore (IBF) and supported by the Monetary Authority of Singapore (MAS).

WMI provides a comprehensive suite of practice-based certification and diploma programmes and collaborates with leading universities for master’s qualifications. With over 20,000 annual enrolments, WMI provides training in asset management, wealth management, compliance, risk management, family office, as well as the development of the next generation across more than 130 programmes.

WMI helms the Global-Asia Family Office Circle, a network platform that fosters a trusted environment to build capabilities and community in the family office sector.

WMI’s Asia Centre for Changemakers (ACC) is dedicated to building capacity and nurturing a pipeline of active and informed philanthropic changemakers with a focus on Asia. The ACC houses the Impact Philanthropy Partnership, a joint initiative with the Private Banking Industry Group (PBIG) and supported by the Monetary Authority of Singapore (MAS).

Key Responsibilities

The candidate is responsible for planning, overseeing, and managing the cyber and information security posture for WMI. The role includes anticipating, assessing, and actively managing new and emerging threats, aligning security initiatives with broader business objectives, and mitigating the various security threats posed to WMI's mission and goals.

Reporting to the Director of Learning and Technology, the incumbent will lead IT security initiatives as well as the implementation of key applications, such as M365, to ensure the security of information.

The role is responsible for:

1) Cyber Security

• Lead and drive related IT security initiatives to improve WMI’s cyber security posture
• Work with outsourced IT security vendors to:
• Perform security review of IT systems and identify gaps in security architecture
• Facilitate and provide advice for third-party risk assessments and Vulnerability Assessment and Penetration Testing (VAPT)
• Advise and implement IT security platforms and their associated software, which may include access control solutions, identity and access management platforms, data protection technologies, anti-malware, vulnerability management, security monitoring and compliance tools
• Ensure security best practices and compliance standards are implemented on servers, endpoints and mobile devices

2) Information Security

• Formulate and implement policies, procedures, and standards for information security
• Review and implement data classification policy
• Oversee training and education of WMI staff on various information security topics to ensure staff practise IT security hygiene

3) Application (e.g. Microsoft application) Management and Maintenance

• Oversee IT operations (systems, applications, networks) with the support of a lean IT team and external vendors
• Configure security settings of Microsoft 365 Defender and Intune
• Lead the implementation and maintenance of productivity software applications (e.g. Microsoft suite of applications such as SharePoint, OneDrive, Copilot, etc.)
• Drive adoption and understanding of the use of productivity software among staff

Education Requirements

Minimum Education Qualifications: Degree in computer science, information systems, or any technology-related field

Experience: At least 7 years of experience related to information security policies and solid grasp of IT operations and security operations

Knowledge, Skills and Abilities:

• Led complex IT implementation efforts, with a proven ability to deliver IT projects on time, within budget and of excellent quality
• Knowledge of Microsoft 365 cloud and security technology
• Knowledge of domain areas in security management, asset security, access control, security assessment, network security, cloud security and web application security
• Certifications such as CRISC, CISSP, CISM, CISA or other relevant certifications are an added advantage
• Excellent problem solving and logical thinking skills to isolate and identify potential issues in a complex environment
• Pleasant disposition with excellent written and verbal communication skills