AVP/Vice President, Cybersecurity (Insider Risk & Security)

Key Responsibilities

• Define and lead Temasek's insider risk strategy, aligning with the organisation's risk appetite, regulatory expectations and cybersecurity strategy.
• Design and implement the insider risk operating model, including roles and responsibilities, processes, technology stack and engagement model with Cybersecurity, Risk, HR, Legal, Compliance and Audit.
• Establish and maintain an insider risk framework and programme covering policy, use-case development, monitoring, detection, response and remediation.
• Develop a multi-year plan for development of insider risk capabilities with clear priorities, milestones and outcome-based metrics.
• Lead the eventual build-out and scaling of the insider risk function, and develop specialist capabilities.
• Establish threat profiling and behavioural monitoring for staff, vendors and partners to provide greater visibility on insider threats and enable timely actions.
• Define and maintain insider threat personas, use cases and scenarios (e.g. data theft, fraud, espionage, sabotage, negligent data leakage, GenAI misuse), informed by threat intelligence and business context.
• Work with technical teams to design and operate monitoring and analytics capabilities (e.g. UEBA, DLP, cloud security, endpoint and identity telemetry, privileged access monitoring), and continuously refine detection logic to improve coverage and reduce false positives.
• Oversee the end-to-end lifecycle of insider risk cases, from alert through triage, investigation, response and closure, coordinating across Cybersecurity, HR, Legal, Compliance and business units.
• Ensure timely and proportionate responses to insider incidents, promoting a risk-based approach that distinguishes between malicious, negligent and compromised insiders, and driving root-cause analysis to improve controls and processes.
• Assess and mitigate insider risks associated with Generative AI and other emerging technologies, including data leakage, model misuse and unapproved tool usage.
• Review and establish the operating mandate, procedures and guidelines to ensure the continuous effectiveness of the insider risk and security function.