Address
Form of work
SalaryThe Information Security team at Quilter is a fast-paced, highly skilled and proactive group of security experts tasked with protecting Quilter from the ever-changing landscape of information security threats. Information Security work closely with our wider Technology teams such Infrastructure, Architecture and Data to identify, assess and resolve potential threats or vulnerabilities that may materialise. We are now looking for a Cyber Security Manager to support our Cyber Security team in testing for vulnerabilities, monitoring for security risks and to help drive remediation, ultimately improving our security position.
The successful candidate will have a strong technical understanding of security threats, attack techniques and the common frameworks used to assess these. They will be able to assess security concerns within the context of other controls and processes, providing meaningful insights into issues that need to be addressed.
As Quilter embarks upon the next phase of its Technology strategy, this is a fantastic opportunity to join a team looking to build for the future.
About the Role
Level: Level 4
Department:Cyber Security
Location: Southampton | London
Contract type: Permanent
The Cyber Security Manager co-leads the expert analysis, and ultimate reduction, of Cyber Security risks in Quilter through technical testing exercises, leveraging of security monitoring tools and high-quality reporting.
Red/ Purple Team Testing
- Utilises technical knowledge to plan and conduct sanctioned red and purple team exercises, according to a strict internal framework, to identify vulnerabilities within Quilter's environment.
- Works with the Threat Intelligence team to prioritise testing activity.
- Produces high quality reports summarising test outcomes, value provided, and next steps.
- Tracks outcomes to completion, with the support of the wider team.
- Interrogates security solutions to assist in the management of Information Security/ cyber threats and vulnerabilities across the organisation. Solutions under this remit currently include Identity Protection, Cloud and SaaS Posture Management, IAM Platform and Automated Security Testing tooling.
- Makes recommendations for new configurations/ rules/ alerts within the above Cyber Security toolset, and works with Infrastructure to implement them.
- Reports on security risks and vulnerabilities identified by these solutions in a meaningful manner, through key metrics and indicators, providing insights into genuine risks and providing potential resolution opportunities.
- Assists in raising awareness of Information Security/ cyber threats, vulnerabilities and related response capabilities and processes.
- Owns the cyber resilience test plan and executes against it.
- Ensures alignment with key regulatory requirements, through collaboration with other key functions (e.g. Operational Resilience).
- Continuously reviews the monitoring approach against our environment, threat landscape and strategy to ensure we keep pace with potential threats.
- Routinely assesses the effectiveness of our strategy and makes recommendations for improvement.
- Defines and produces regular reporting summaries and overall monitoring activity
- Manages a proportion tracking mechanism to ensure closure of issues and to demonstrate risk reduction
Applications from people with diverse backgrounds enables our inclusive organisation to thrive. If you feel you don't match our job description exactly, why not take a chance on yourself and apply? You could be exactly what this role needs.
- Strong Knowledge of Red/ Purple security testing techniques and how to apply them to different technologies (on-premise, cloud, etc.).
- Understanding of key security frameworks, particularly MITRE, CIS, and NIST.
- Good understanding of cyber resilience requirements and approaches to testing of such.
- The ability to understand security risks and issues in the context of Quilter, and effectively prioritise their remediation amongst a wider portfolio of work.
- Strong written communication skills to enable presentation of outcomes to key stakeholders in easy-to-understand language.
- Experience in Pen Testing or a CEH qualification will be highly desirable
- Ability to influence management-level stakeholders and work effectively across different groups and divisions.
- Willingness to adapt to changes in technology and support the wider team in achieving deliverables.
- Motivated to enact change, by identifying issues and being a key stakeholder in driving resolution.
- Embraces change and initiates new and better ways of working to deliver positive customer outcomes.
- Communicates confidently and effectively, at all levels, both in written and verbal form.
- Agile - makes decisions within remit and executes in fast, simple and focused way.
- Embraces a collaborative working environment to achieve shared objectives.
- Strong interpersonal skills, able to build and maintain positive working relationships.
- Able to positively influence and persuade others.
- Strong organisation and planning skills to manage a wide variety of tasks, processes and responsibilities.
- Self-motivated with strong results focus, takes the initiative to drive disciplined delivery of objectives.
- Develops own capability, looking outwardly to keep up to date with advances in technology and utilises knowledge to support the delivery of new and innovative solutions to our customers.
- Demonstrates credibility, professionalism and strong personal integrity and acts as a role model for the Quilter values - Pioneering, Dependable, Stronger Together.
In this ever-changing world, we see that our role in society has never been more meaningful, and we are committed to using our expertise and care to guide our customers through these challenging and unprecedented times.
Our impressive talents and capabilities set us apart, but our unwavering commitment to our customers is what defines us. We truly believe that we have all the ingredients to be the very best in our indus
