About

About the Business Quilter plc is a leading wealth management business, helping to enable brighter financial futures for every generation. Quilter oversees £126.3 billion in customer investments (as of August 2025). It has an adviser and customer offering spanning financial advice, investment platforms, multi-asset investment solutions, and discretionary fund management. The business is comprised of two segments: Affluent and High Net Worth. Affluent encompasses the financial planning business, Quilter Financial Planning, the Quilter Investment Platform and Quilter Investors, the multi-asset investment solutions business. High Net Worth includes the discretionary fund management business, Quilter Cheviot, together with Quilter Cheviot Financial Planning – offering a highly personalised service to private clients, charities, trustees, and professional partners. Quilter Cheviot has presence throughout the UK, Ireland and Channel Islands. At Quilter we never stand still. Our foundations are rooted in our extraordinary expertise, which is trusted by hundreds of thousands of customers, but we have great ambitions to stay one step ahead and make an even greater difference to the people and communities we serve, including our colleagues. Our business is transforming, continually modernising, and becoming even more customer centric. So, if you want to be bold in the pursuit of your ambitions, bring new ideas, and challenge and evolve what we do, it’s the perfect time to join us! About the Role Level:4 Department: Information Security Operations Location: Southampton| London| Home Based Contract type: Permanent We are seeking a skilled and motivated SIEM Detection Engineer to join our Security Operations team at Quilter. This role will focus on enhancing our existing threat detection capabilities using Google Security Operations (Chronicle SIEM) and supporting the broader security automation and monitoring strategy across our cloud and hybrid environments. You will play a pivotal role in designing, implementing, and maintaining detection logic, log ingestion pipelines, and automation playbooks, ensuring our security posture remains robust and responsive to evolving threats. Key Responsibilities Log Ingestion & Parsing Support onboarding and parsing of logs from diverse sources including cloud platforms (Azure, AWS), infrastructure, third-party SaaS, and security tooling. Develop and maintain custom parsers and UDM extensions for Google SecOps to ensure accurate and enriched telemetry ingestion. Detection Engineering Design, implement, and tune detection rules using YARA-L and other relevant languages to identify malicious behaviours and anomalies. Continuously validate and refine detection logic through simulations, real-world threat scenarios and in response to business stakeholder requirements. Automation & SOAR Integration Develop and maintain automation playbooks for complex workflows, integrating with Microsoft 365 Defender, Entra ID, CrowdStrike, and collaboration tools. Collaborate with SOC partner to ensure streamlined incident response and case management maturity objectives are met. Operational Dashboards Create and maintain operational SIEM dashboards to provide real-time visibility into detection metrics, alert trends, system health and operational performance. Collaboration & Continuous Improvement Work closely with third party SOC, threat intelligence, purple and red team and Infrastructure engineering teams to align detection strategies with business risks and threat intelligence remits. Participate in incident response exercises and contribute to lessons learned and playbook maturity with a particular focus on enhancing existing SIEM detection and prevention controls. About You Required Skills & Experience 5+ years in cybersecurity roles (SOC, detection engineering, incident response). 3+ years of hands-on experience with Google SecOps (Chronicle SIEM) or similar. Proficiency in YARA-L, SPL, KQL, or similar query languages. Experience with log ingestion pipelines, custom parser development, and UDM mapping. Strong familiarity with cloud platforms (Azure) and associated security controls. Experience with Microsoft Defender Suite, CrowdStrike, Proofpoint and Zscaler. Strong understanding of MITRE ATT&CK, threat modelling, and popular incident detection frameworks. Experience with SOAR platforms and automation scripting (e.g., Python, PowerShell). Knowledge of integrating SIEM with EDR, NDR, DLP, and ticketing systems. Core understanding of regulated business operational frameworks. Desired Qualifications Bachelor's degree in Cybersecurity, Intelligence Studies, Computer Science, or related field. Qualifications CISSP, CISM, CCSP, GIAC, CPIA or similar. #LI-PM1 Inclusion & Diversity We value diversity and strive to promote inclusivity in all aspects of our culture. We believe in equal opportunities for all, ensuring that no applicant encounters less favourable treatment based on anything but their skills, qualifications, experience, and potential. We celebrate the unique contributions of a diverse workforce and create a respectful, nurturing environment where every colleague can thrive. Values Do the right thing: We act with integrity and are proudly committed to going above and beyond in service of our clients and the support we provide our communities. Always curious: We continuously seek new ideas and knowledge so we’re one step ahead of our clients’ needs. We look for inspiration everywhere and encourage experimentation, recognising that this is how we create brilliant solutions for brighter futures. Embrace challenge: We aim high to transform our potential into meaningful outcomes. With ambition as our driving force and a steadfast commitment to growth, we succeed for the good of every generation. Stronger together: Combining our diverse talents, we accomplish more collectively than we ever could do alone. We speak openly, actively listen, and support each other, and constructively challenge and embrace new ideas. We seek empowerment and demonstrate ownership and trust, with the confidence to make impactful decisions. Core Benefits Holiday: 182 hours (26 days) Quilter Incentive Scheme: All employees are eligible to participate in incentive scheme, to incentivise business performance and their contribution. Pension Scheme: A non-contributory company pension scheme that can be boosted through personal contributions. Private Medical Insurance: Single cover as standard with options to increase cover to include your partner or children. Life Assurance: 4x your salary. Income Protection: 75% of salary, less state benefits, payable after 26 weeks of absence. Healthcare Cash Plan: Jersey employees only In addition to our core benefits, we offer a range of flexible benefits to UK employees that you can choose from and pay for conveniently via a salary deduction. We create brighter financial futures for every generation. We do this by guiding our customers and their families through the complexity of planning for their financial future, responding to their rapidly evolving needs and giving them peace of mind. And, with all that’s happening in the world today, our role in society has never been more meaningful. Our impressive talents and capabilities set us apart, but our unwavering commitment to our customers is what defines us. We truly believe that we have all the ingredients to be the very best in our industry, and we want great people with the care and creativity that we need, to help us get there. We are passionate about building an inclusive culture where everyone’s contribution is valued, and our people can thrive. No matter what your role is or where you sit, your voice will matter. We hope you like what you hear and are interested in learning more about joining us. We believe our workplace needs to work for you, so we offer an environment where you can balance a successful career with your commitments and interests outside of work. Some roles lend themselves to flexible options more than others, so our talent acquisition team are on hand to discuss your needs. Please contact us to learn more. We are committed to treating all our job applicants fairly and with respect. Our people come from all kinds of backgrounds and have a wide range of expertise, so we welcome your application regardless of your beliefs, culture, gender identity, ethnicity, sexual orientation and or disability. Please contact the talent acquisition team if you need any reasonable adjustments made to the recruitment process, require information in an alternative format or have any questions around accessibility, we will try our very best to accommodate.