Vulnerability Management Specialist - Quilter

External

Efinancialcareers · Southampton

Full-timeOn-siteToday

AzureCloud SecurityComplianceInformation Security

Cover Letter Connect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role

About the role

Level : 4 Department: Security Operations (Information Security) Reports to: Head of Security Operations Location: Southampton / London / England - Home Worker Contract Type: Fixed Term contract -12 months At Quilter, we're strengthening our exposure management capability across on-prem, cloud and externally facing estate. This role is central to driving a risk-based vulnerability management programme - combining high-quality scanning and asset insight with cloud posture and attack surface intelligence - so that remediation is prioritised where it matters most and delivered with pace and measurable outcomes. The Vulnerability Management Specialist is responsible for the end-to-end vulnerability management lifecycle , including detection, triage, prioritisation , tracking and assurance of remediation across infrastructure, endpoints, applications and cloud platforms. The role also supports Cloud Security Posture Management (CSPM) activities, including monitoring of cloud security benchmark compliance and CSPM attack paths ", and integrates Attack Surface Management findings to reduce exposure from unknown or unmanaged internet-facing assets. The successful candidate will be hands-on with enterprise vulnerability tooling and will partner closely with infrastructure, cloud engineering, application teams and third parties to ensure remediation is delivered within defined service levels and supported by clear reporting and governance.

Responsibilities

Vulnerability Detection, Triage & Prioritisation

Operate and continuously improve vulnerability scanning and prioritisation using Qualys VMDR and associated capabilities (e.g., agent-based scanning, authenticated scanning, dashboards, reporting, prioritisation workflows).

Perform daily/weekly triage of new and emerging vulnerabilities, validating detections and ensuring severity and urgency reflect exploitability, asset criticality, business impact, patch availability and compensating controls.

Apply and maintain consistent severity mapping between industry scoring (e.g., CVSS) and organisational severity definitions used across vulnerability tooling and cloud platforms.

Stay up to date with emerging threats and adversary capabilities across the evolving threat landscape (including AI - driven exploitation techniques), ensuring security controls remain current, effective and aligned to risk.

Cloud Security Posture Management (Azure focus) Own day-to-day CSPM triage and oversight, ensuring cloud posture findings are actionable, risk-rated and routed to the correct engineering owners for remediation.

Monitor and manage CSPM posture outcomes and compliance ratings aligned to relevant cloud security benchmarks, and track CSPM- identified attack path" style findings through to closure.

Attack Surface Management & Exposure Reduction Ingest and operationalise Attack Surface Management findings to identify and reduce risk from internet-facing assets, unknown services, misconfigurations and unmanaged exposure. (Tooling may include ASM capabilities within existing platforms or dedicated ASM tooling.)

Work with infrastructure, cloud and network teams to validate exposure, confirm ownership, and drive remediation or risk acceptance through appropriate governance .

Remediation Oversight, Governance & Assurance Drive remediation outcomes through structured engagement with platform, infrastructure, application, endpoint and cloud teams - ensuring owners understand the risk, required fix, and expected timelines.

Maintain a robust exception and risk acceptance approach for vulnerabili

Vulnerability Management Specialist - Quilter

About the role

Responsibilities

Additional Information

Your Match

Company Intel

What employees say

Interested in this role?