Head of Supplier Cyber Security

About the Business

Quilter plc is a leading wealth management business, helping to enable brighter financial futures for every generation.

Quilter oversees £126.3 billion in customer investments (as of August 2025). It has an adviser and customer offering spanning financial advice, investment platforms, multi-asset investment solutions, and discretionary fund management. The business is comprised of two segments: Affluent and High Net Worth.

Affluent encompasses the financial planning business, Quilter Financial Planning, the Quilter Investment Platform and Quilter Investors, the multi-asset investment solutions business.

High Net Worth includes the discretionary fund management business, Quilter Cheviot, together with Quilter Cheviot Financial Planning – offering a highly personalised service to private clients, charities, trustees, and professional partners. Quilter Cheviot has presence throughout the UK, Ireland and Channel Islands.

At Quilter we never stand still. Our foundations are rooted in our extraordinary expertise, which is trusted by hundreds of thousands of customers, but we have great ambitions to stay one step ahead and make an even greater difference to the people and communities we serve, including our colleagues.

Our business is transforming, continually modernising, and becoming even more customer centric. So, if you want to be bold in the pursuit of your ambitions, bring new ideas, and challenge and evolve what we do, it’s the perfect time to join us

About the Role

Level: 5

Department: Technology

Location: London or Southampton

Contract type: Permanent

The Head of Supplier Cyber Security is a pivotal new leadership role within Quilter’s Information Security team. Reporting to the Head of Information Security and managing a team of two, you’ll drive the supplier security assurance framework, lead risk-based assessments, and act as the escalation point—ensuring robust controls, proactive monitoring, and strong partnerships with procurement and key business stakeholders.

Key responsibilities will include:

• Owning the Information Security supplier due diligence and assurance framework, including continuous improvement and alignment with best practice.
• Leading the team responsible for reviewing security controls across the supply chain, identifying issues and providing conclusions back to the business.
• Operating a continuous monitoring approach to identify material supplier security changes or issues that may require additional focus.
• Driving excellence in our approach, ensuring consistency and robustness. Balancing test approach proportionately, based on the risk and criticality of the third-party service.
• Managing the relationship with the Third-Party Procurement / Supplier Management function. Operating an efficient “pipeline” of supplier assessments.
• Working with Security Architecture to maintain, and apply, adequate minimum standards for supply chain security.
• Acting as the point of escalation for issues identified during oversight processes, engaging with the business to ensure they understand the risk and helping them take appropriate action.
• Leading a continuous programme of work in collaboration with other SMEs, to deliver supply chain cyber resilience testing, including using our scenario library to select and test severe but plausible scenarios across key parts of the supply chain.
• Supporting investigations for potential security incidents at suppliers, understanding exposure and coordinating with key stakeholders to drive action.
• Defining and reporting on key metrics to measure supply chain security effectiveness and resilience.
• As a people manager you will be responsible for motivating and engaging your team, ensuring they feel supported and developed within the function. This includes regular 121s, performance reviews, and continuous training and development as appropriate.

About You

To be successful in this role, you will:

• Have demonstrable experience of operating a supplier security oversight framework in a regulated and/ or customer centric environment, and a solid understanding of understanding of industry standard frameworks used to gain assurance (e.g. ISO, ISAE etc.) and their limitations. Experience of contractual security clauses and negotiating with suppliers is also preferred.
• Be a strong communicator at all levels of seniority and technical expertise, with the ability to articulate complex security issues to the business in the context of the service provided by the supplier.
• Be able to evidence stakeholder management and influencing skills, including experience of resolving issues where suppliers do not meet internal requirements.
• Ideally possess people management experience, in a similar role, able to articulate how you lead teams, and motivate others in fast-paced environments.
• Ability to be proportionate, pragmatic and risk-based, tailoring approaches to the risk and nature of the supplier, whilst maintaining consistency in the application of the framework.
• Highly diligent and motivated, able to self-organise and operate in a fast-paced environment.

#LI-PM1

Inclusion & Diversity

We value diversity and strive to promote inclusivity in all aspects of our culture. We believe in equal opportunities for all, ensuring that no applicant encounters less favourable treatment based on anything but their skills, qualifications, experience, and potential. We celebrate the unique contributions of a diverse workforce and create a respectful, nurturing environment where every colleague can thrive.

Values

Do the right thing: We act with integrity and are proudly committed to going above and beyond in service of our clients and the support we provide our communities.
Always curious: We continuously seek new ideas and knowledge so we’re one step ahead of our clients’ needs. We look for inspiration everywhere and encourage experimentation, recognising that this is how we create brilliant solutions for brighter futures.
Embrace challenge: We aim high to transform our potential into meaningful outcomes. With ambition as our driving force and a steadfast commitment to growth, we succeed for the good of every generation.
Stronger together: Combining our diverse talents, we accomplish more collectively than we ever could do alone. We speak openly, actively listen, and support each other, and constructively challenge and embrace new ideas. We seek empowerment and demonstrate ownership and trust, with the confidence to make impactful decisions.

Core Benefits

Holiday: 182 hours (26 days)

Quilter Incentive Scheme: All employees are eligible to participate in incentive scheme, to incentivise business performance and their contribution.

Pension Scheme: A non-contributory company pension scheme that can be boosted through personal contributions.

Private Medical Insurance: Single cover as standard with options to increase cover to include your partner or children.

Life Assurance: 4x your salary.

Income Protection: 75% of salary, less state benefits, payable after 26 weeks of absence.

Healthcare Cash Plan: Jersey employees only

In addition to our core benefits, we offer a range of flexible benefits to UK employees that you can choose from and pay for conveniently via a salary deduction.