Fixed Term Contract Duration - 12 Months
Quilter plc is a leading provider of financial advice, investments and wealth management, committed to being the UK’s best wealth manager for clients and their advisers. Quilter oversees £141.9 billion in customer investments (as of 31 March 2026). It has an adviser and customer offering spanning financial advice, investment platforms, multi-asset investment solutions, and discretionary fund management. The business is comprised of two segments: Affluent and High Net Worth.
Affluent encompasses the financial planning business, Quilter Financial Planning, the Quilter Investment Platform and Quilter Investors, the multi-asset investment solutions business.
High Net Worth includes the discretionary fund management business, Quilter Cheviot, together with Quilter Cheviot Financial Planning.
At Quilter we never stand still. Our foundations are rooted in our extraordinary expertise, which is trusted by hundreds of thousands of customers, but we have great ambitions to stay one step ahead and make an even greater difference to the people and communities we serve.
Our business is transforming, continually modernising, and becoming even more customer centric. So, if you want to be bold in the pursuit of your ambitions, bring new ideas, and challenge and evolve what we do, it’s the perfect time to join us!
Level : 4
Department: Security Operations (Information Security)
Reports to: Head of Security Operations
Location: Southampton / London / England – Home Worker
Contract Type: Fixed Term contract -12 months
At Quilter, we’re strengthening our exposure management capability across on‑prem, cloud and externally facing estate.
This role is central to driving a risk‑based vulnerability management programme — combining high-quality scanning and asset insight with cloud posture and attack surface intelligence — so that remediation is prioritised where it matters most and delivered with pace and measurable outcomes.
The Vulnerability Management Specialistis responsible forthe end-to-end vulnerability management lifecycle, including detection, triage,prioritisation,trackingand assurance of remediation across infrastructure, endpoints,applicationsand cloud platforms.
The role also supports Cloud Security Posture Management (CSPM)activities, including monitoring of cloud security benchmark compliance and CSPM “attack paths”,and integrates Attack Surface Managementfindings to reduce exposure from unknown or unmanaged internet‑facing assets.
The successful candidate will be hands-on with enterprise vulnerability tooling and will partner closely with infrastructure, cloud engineering, application teams and third parties to ensure remediation is delivered within defined service levels and supported by clear reporting and governance.
Key Responsibilities
1) Vulnerability Detection, Triage &Prioritisation
Operate and continuously improve vulnerability scanning andprioritisationusing QualysVMDR and associated capabilities (e.g., agent-based scanning, authenticated scanning, dashboards, reporting,prioritisationworkflows).
Perform daily/weekly triage of new andemergingvulnerabilities,validatingdetections and ensuring severity and urgency reflect exploitability, asset criticality, business impact, patchavailabilityand compensating controls.
Apply and maintain consistent severity mapping between industry scoring (e.g., CVSS) andorganisationalseverity definitions used across vulnerability tooling and cloud platforms.
Stay up to date with emerging threats and adversary capabilities across the evolving threat landscape (including AI‑driven exploitation techniques), ensuring security controls remain current,effectiveand aligned to risk.
2) Cloud Security Posture Management (Azure focus)
Own day‑to‑day CSPM triage and oversight, ensuring cloud posture findings are actionable, risk‑rated and routed to the correct engineering owners for remediation.
Monitor and manage CSPM posture outcomes and compliance ratings aligned to relevant cloud security benchmarks, and track CSPM-identified“attack path” style findingsthrough toclosure.
3) Attack Surface Management & Exposure Reduction
Ingest andoperationaliseAttack Surface Management findings toidentifyand reduce risk from internet‑facing assets, unknown services,misconfigurationsand unmanaged exposure. (Tooling may include ASM capabilities within existing platforms or dedicated ASMtooling.)
Work with infrastructure, cloud and network teams to validate exposure, confirm ownership, and drive remediation or risk acceptance throughappropriate governance
4) Remediation Oversight, Governance & Assurance
Drive remediation outcomes through structured engagement with platform, infrastructure, application,endpointand cloud teams — ensuring owners understand the risk,requiredfix, and expected timelines.
Maintain a robust exception and risk acceptance approach for vulnerabilities that cannot be remediated promptly, ensuring risk decisions are recorded and reviewed.
Oversee vulnerability response activities for major disclosures and zero-days, including coordination ofout‑of‑bandactivity and escalation where needed.
5) Reporting, Metrics & Stakeholder Communication
Produce clear,accuratereporting for operational teams and leadership, including trends, SLA performance, backlog health, and risk‑basedprioritisationviews (e.g., exploited/attack path exposure-based).
Provide concise executive commentary, translating technical exposure into business impact andprioritisedactions.
6) Process & Continuous Improvement
Follow and continuously improve established vulnerability and CSPM processes, ensuring the operating cadence (daily checks, weeklyprioritisationreviews, monthly governance touchpoints)remainseffective and measurable.
Contribute to andmaintainrelevant playbooks/runbooks forvulnerabilitydisclosure response and coordination with technical owners.
Key Stakeholders
Security Operations DetectionEngineering, Cyber Threat, Infrastructure & PlatformandCloud Engineering, Application Owners, End User Computing, Risk & Governance partners, and relevantthird-partysuppliers/MSSPs.
Essential
Significant hands‑on experience operatingenterprise vulnerability management tooling, with deepexpertiseinQualys(VMDR)acrosscomplex environments
Strong experience withAzure CSPMoperations: triage,prioritisation, remediation routing, and assurance (e.g., Microsoft-native CSPM or equivalent platforms), including posture/compliance outcomes and attack-path style findingsand validation.
Practical experience withAttack Surface Managementconcepts and workflows:validatingexternally exposed assets/services,establishingownership, and driving remediation.
Deep understanding of how code-based and softwarecomponentvulnerabilities are discovered, exploited, andweaponised(e.g.dependency flaws, supply chain attacks, insecure libraries), with the ability to assess real-world exploitability andprioritiseremediation accordingly
Proven ability to run arisk-based vulnerabilityprogramme(not just scanning):prioritisationlogic, stakeholder management, remediation tracking, and clear reporting.
Confident communicator who can explain technical vulnerabilities, exploitation likelihood, and remediation options to varied audiences (engineeringthroughtosenior leadership).
Desirable
Experience integrating vulnerability management with broader security tooling and control frameworks (e.g., cloud security controls, endpoint VM capabilities, security control matrices).
Experience in regulated environments, with evidence-led reporting and governance expectations.
Qualifications / Certifications (optional but beneficial)
Relevant security certification(s) (e.g., CISSP/CCSP, Azure Security, vulnerabilitymanagementor cloud security certifications).
#LI-PM1
Inclusion & Diversity
We value diversity and strive to promote inclusivity in all aspects of our culture. We believe in equal opportunities for all, ensuring that no applicant encounters less favourable treatment based on anything but their skills, qualifications, experience, and potential. We celebrate the unique contributions of a diverse workforce and create a respectful, nurturing environment where every colleague can thrive.
Values
Do the right thing: We act with integrity and are proudly committed to going above and beyond in service of our clients and the support we provide our communities.
Always curious: We continuously seek new ideas and knowledge so we’re one step ahead of our clients’ needs. We look for inspiration everywhere and encourage experimentation, recognising that this is how we create brilliant solutions for brighter futures.
Embrace challenge: We aim high to transform our potential into meaningful outcomes. With ambition as our driving force and a steadfast commitment to growth, we succeed for the good of every generation.
Stronger together Combining our diverse talents, we accomplish more collectively than we ever could do alone. We speak openly, actively listen, and support each other, and constructively challenge and embrace new ideas. We seek empowerment and demonstrate ownership and trust, with the confidence to make impactful decisions.
Core Benefits
Holiday: 182 hours (26 days)
Quilter Incentive Scheme: All employees are eligible to participate in incentive scheme, to incentivise business performance and their contribution.
Pension Scheme: A non-contributory company pension scheme that can be boosted through personal contributions.
Healthcare Cash Plan: Jersey employees only.
Benefit Allowance: A cash benefit allowance is payable in lieu of some of our core benefits.
In addition to our core benefits, we offer a range of flexible benefits to UK employees that you can choose from and pay for conveniently via a salary deduction.
As one of the UK’s leading wealth management companies, Quilter’s purpose is brighter financial futures for every generation.
The businesses within our group aim to provide high quality products and services for the whole of your investment journey.
Quilter plc is registered in England and Wales under number 06404270.
Registered Office: Senator House, 85 Queen Victoria Street, London, EC4V 4AB, United Kingdom.
