Job Description :

Job Title

Server and Vulnerability Manager

About the Function:

Our Digital and Technology (D&T) team are innovators, delivering ground-breaking solutions that will help shape the future of our iconic brands. Technology touches every part of our business, from the sourcing of sustainable ingredients to marketing and development of our online platforms. We utilise data insights to build competitive advantage, supporting our people to deliver value faster.

Our D&T team includes some of the most talented digital professionals in the industry. Every day, we come together to push boundaries and innovate, shaping the digital solutions of tomorrow. Whatever your passion, we’ll help you become the best you can be, creating career-defining work and delivering breakthrough thinking.

Role Overview 

The Server & Vulnerability SME (Operational Site Focus) will work as part of our digital and technology organisation supporting Diageo’s Global Supply sites. They will use their knowledge of Networks and Cyber Security to managing and securing server infrastructure across operational sites. This role focuses on vulnerability management, ensuring compliance with security standards, and maintaining robust security postures.

Key Responsibilities:

Vulnerability Management:

Conduct regular vulnerability scans of IT infrastructure devices, including servers and network devices

Prioritize remediation efforts based on asset criticality and severity of vulnerabilities and develop projects to mitigate against them

Work closely with production teams to coordinate patching efforts minimizing impact

Overseeing technology implementations and partnering with our technology delivery vendors to deliver analysis and technical solutions.

Security Incident Management:

Implement guidelines for effective management of security incidents to ensure all personnel understand their roles in maintaining security

Develop incident response plans detailing procedures for detection, containment, eradication, recovery, and lessons learned.

Conduct regular training sessions and simulations for staff to reinforce awareness of their responsibilities during incidents.

Establish clear communication channels for reporting incidents promptly.

System Development Support:

Collaborate with development teams to ensure secure system development practices are followed, including risk assessments and patch management:

Integrate security checkpoints within the software development lifecycle (SDLC) processes.

Perform threat modelling exercises during design phases to identify potential risks early.

Ensure timely application of patches through coordinated efforts between development, operations, and security teams.

Compliance and Assessment:

Ensure compliance with best practice standards through monthly, quarterly and annual security posture assessments.

Continuous Improvement, Training and Documentation:

Provide training to users and IT specialists on secure system usage:

Develop customized training materials tailored toward different user groups within the organization (e.g., end-users vs. technical staff).

Organize workshops/webinars focusing on emerging threats/trends in cybersecurity landscape relevant specifically towards company's environment/industry sector(s).

Document limitations of security controls along with performance requirements: Maintain comprehensive documentation outlining current limitations imposed by existing control measures alongside rationale behind selected configurations/settings used across various platforms/systems/applications deployed throughout enterprise architecture landscape(s)

Skills

Ability to work with people of varying technical capabilities.

Attention to detail is key, inquisitive & questioning nature.

Great at working as part of a cohesive, integrated team.

Strong problem-solving planning/ organising, highly detail conscious.

Robust documentation skills.

Preferred CCNP level knowledge of Networking.

Familiarity with network monitoring tools (e.g., Wireshark).

Experience with cybersecurity frameworks (e.g., NIST).

Understanding of cloud computing platforms (e.g., AWS, Azure).

Understanding of legacy computing platforms (on-premise servers)

Experience in OT Systems landscapes, or ability to quickly learn and apply an understanding to the role.

Strong communication skills

Strong commitment to growth and development.

Demonstrated leadership skills.

Understanding basic control systems and applications (ex. Rockwell)

Qualifications:

Undergraduate degree in Computing; Cyber Security; Networking or any other relevant degree..

Minimum 5 years of experience in IT security or vulnerability management.

Experience conducting vulnerability scans and managing remediation efforts.

Excellent communication skills for training delivery and documentation.

Diversity statement-

Our purpose is to celebrate life, every day, everywhere. And creating an inclusive culture, where everyone feels valued and that they can belong, is a crucial part of this. We embrace diversity in the broadest possible sense. This means that you’ll be welcomed and celebrated for who you are just by being you. You’ll be part of and help build and champion an inclusive culture that celebrates people of different gender, ethnicity, ability, age, sexual orientation, social class, educational backgrounds, experiences, mindsets, and more. Our ambition is to create the best performing, most trusted and respected consumer products

companies in the world. Join us and help transform our business as we take our brands to the next level and build new ones as part of shaping the next generation of celebrations for consumers around the world.

Feel inspired? Then this may be the opportunity for you. If you require a reasonable adjustment, please ensure that you capture this information when you

submit your application.

Worker Type :

Primary Location:

Additional Locations :

Job Posting Start Date :