About The Business
Quilter plc is a leading provider of financial advice, investments and wealth management, committed to being the UK’s best wealth manager for clients and their advisers. Quilter oversees £141.9 billion in customer investments (as of 31 March 2026). It has an adviser and customer offering spanning financial advice, investment platforms, multi‑asset investment solutions, and discretionary fund management. The business is comprised of two segments: Affluent and High Net Worth. Affluent encompasses the financial planning business, Quilter Financial Planning, the Quilter Investment Platform and Quilter Investors, the multi‑asset investment solutions business. High Net Worth includes the discretionary fund management business, Quilter Cheviot, together with Quilter Cheviot Financial Planning. At Quilter we never stand still. Our foundations are rooted in our extraordinary expertise, which is trusted by hundreds of thousands of customers, but we have great ambitions to stay one step ahead and make an even greater difference to the people and communities we serve. Our business is transforming, continually modernising, and becoming even more customer centric. So, if you want to be bold in the pursuit of your ambitions, bring new ideas, and challenge and evolve what we do, it’s the perfect time to join us.
About The Role
Level : 4
Department: Security Operations (Information Security)
Reports to: Head of Security Operations
Location: Southampton / London / England – Home Worker
Contract Type: Fixed Term contract -12 months
Fixed Term Contract Duration - 12 Months
At Quilter, we’re strengthening our exposure management capability across on‑prem, cloud and externally facing estate. This role is central to driving a risk‑based vulnerability management programme — combining high-quality scanning and asset insight with cloud posture and attack surface intelligence — so that remediation is prioritised where it matters most and delivered with pace and measurable outcomes.
The Vulnerability Management Specialist is responsible for the end‑to‑end vulnerability management lifecycle, including detection, triage, prioritisation, tracking and assurance of remediation across infrastructure, endpoints, applications and cloud platforms. The role also supports Cloud Security Posture Management (CSPM) activities, including monitoring of cloud security benchmark compliance and CSPM “attack paths”, and integrates Attack Surface Management findings to reduce exposure from unknown or unmanaged internet‑facing assets.
The successful candidate will be hands‑on with enterprise vulnerability tooling and will partner closely with infrastructure, cloud engineering, application teams and third parties to ensure remediation is delivered within defined service levels and supported by clear reporting and governance.
Key Responsibilities
* Vulnerability Detection, Triage & Prioritisation
* Operate and continuously improve vulnerability scanning and prioritisation using Qualys VMDR and associated capabilities (e.g., agent‑based scanning, authenticated scanning, dashboards, reporting, prioritisation workflows).
* Perform daily/weekly triage of new and emerging vulnerabilities, validating detections and ensuring severity and urgency reflect exploitability, asset criticality, business impact, patch availability and compensating controls.
* Apply and maintain consistent severity mapping between industry scoring (e.g., CVSS) and organisational severity definitions used across vulnerability tooling and cloud platforms.
* Stay up to date with emerging threats and adversary capabilities across the evolving threat landscape (including AI‑driven exploitation techniques), ensuring security controls remain current, effective and aligned to risk.
* Own day‑to‑day CSPM triage and oversight, ensuring cloud posture findings are actionable, risk‑rated and routed to the correct engineering owners for remediation.
* Monitor and manage CSPM posture outcomes and compliance ratings aligned to relevant cloud security benchmarks, and track CSPM‑identified “attack path” style findings through to closure.
* Ingest and operationalise Attack Surface Management findings to identify and reduce risk from internet‑facing assets, unknown services, misconfigurations and unmanaged exposure.
* Work with infrastructure, cloud and network teams to validate exposure, confirm ownership, and drive remediation or risk acceptance through appropriate governance.
* Drive remediation outcomes through structured engagement with platform, infrastructure, application, endpoint and cloud teams — ensuring owners understand the risk, required fix, and expected timelines.
* Maintain a robust exception and risk acceptance approach for vulnerabilities that cannot be remediated promptly, ensuring risk decisions are recorded and reviewed.
* Oversee vulnerability response activities for major disclosures and zero‑days, including coordination of out‑of‑band activity and escalation where needed.
* Produce clear, accurate reporting for operational teams and leadership, including trends, SLA performance, backlog health, and risk‑based prioritisation views (e.g., exploited/attack path exposure‑based).
* Provide concise executive commentary, translating technical exposure into business impact and prioritised actions.
* Follow and continuously improve established vulnerability and CSPM processes, ensuring the operating cadence (daily checks, weekly prioritisation reviews, monthly governance touchpoints) remains effective and measurable.
* Contribute to and maintain relevant playbooks/runbooks for vulnerability disclosure response and coordination with technical owners.
Key Stakeholders
* Security Operations / Detection Engineering, Cyber Threat, Infrastructure & Platform and Cloud Engineering, Application Owners, End User Computing, Risk & Governance partners, and relevant third‑party suppliers/MSSPs.
About You – Essential
* Significant hands‑on experience operating enterprise vulnerability management tooling, with deep expertise in Qualys (VMDR) across complex environments.
* Strong experience with Azure CSPM operations: triage, prioritisation, remediation routing, and assurance (e.g., Microsoft‑native CSPM or equivalent platforms), including posture/compliance outcomes and attack‑path style findings and validation.
* Practical experience with Attack Surface Management concepts and workflows: validating externally exposed assets/services, establishing ownership, and driving remediation.
* Deep understanding of how code‑based and software component vulnerabilities are discovered, exploited, and weaponised (e.g. dependency flaws, supply chain attacks, insecure libraries), with the ability to assess real‑world exploitability and prioritise remediation accordingly.
* Proven ability to run a risk‑based vulnerability programme (not just scanning): prioritisation logic, stakeholder management, remediation tracking, and clear reporting.
* Confident communicator who can explain technical vulnerabilities, exploitation likelihood, and remediation options to varied audiences (engineering through to senior leadership).
Desirable
* Experience integrating vulnerability management with broader security tooling and control frameworks (e.g., cloud security controls, endpoint VM capabilities, security control matrices).
* Experience in regulated environments, with evidence‑led reporting and governance expectations.
Qualifications / Certifications (Optional but Beneficial)
* Relevant security certification(s) (e.g., CISSP/CCSP, Azure Security, vulnerability management or cloud security certifications).
Inclusion & Diversity
We value diversity and strive to promote inclusivity in all aspects of our culture. We believe in equal opportunities for all, ensuring that no applicant encounters less favourable treatment based on anything but their skills, qualifications, experience, and potential. We celebrate the unique contributions of a diverse workforce and create a respectful, nurturing environment where every colleague can thrive.
Values
* Do the right thing: We act with integrity and are proudly committed to going above and beyond in service of our clients and the support we provide our communities.
* Always curious: We continuously seek new ideas and knowledge so we’re one step ahead of our clients’ needs. We look for inspiration everywhere and encourage experimentation, recognising that this is how we create brilliant solutions for brighter futures.
* Embrace challenge: We aim high to transform our potential into meaningful outcomes. With ambition as our driving force and a steadfast commitment to growth, we succeed for the good of every generation.
* Stronger together: Combining our diverse talents, we accomplish more collectively than we ever could do alone. We speak openly, actively listen, and support each other, and constructively challenge and embrace new ideas. We seek empowerment and demonstrate ownership and trust, with the confidence to make impactful decisions.
Core Benefits
Holiday: 182 hours (26 days)
Quilter Incentive Scheme: All employees are eligible to participate in incentive scheme, to incentivise business performance and their contribution.
Pension Scheme: A non‑contributory company pension scheme that can be boosted through personal contributions.
Healthcare Cash Plan: Jersey employees only.
Benefit Allowance: A cash benefit allowance is payable in lieu of some of our core benefits.
In addition to our core benefits, we offer a range of flexible benefits to UK employees that you can choose from and pay for conveniently via a salary deduction.
#J-18808-Ljbffr