Server and Vulnerability Manager United Kingdom

Job Description

Help transform our business as we take our brands to new heights and build new ones as part of shaping the next generation of celebrations for consumers around the world. Join us for career defining opportunities that give you the chance to thrive.

Job Description

Job Title

Server and Vulnerability Manager

About the Function:

Our Digital and Technology (D&T) team are innovators, delivering ground-breaking solutions that will help shape the future of our iconic brands. Technology touches every part of our business, from the sourcing of sustainable ingredients to marketing and development of our online platforms. We utilise data insights to build competitive advantage, supporting our people to deliver value faster.

Our D&T team includes some of the most talented digital professionals in the industry. Every day, we come together to push boundaries and innovate, shaping the digital solutions of tomorrow. Whatever your passion, we’ll help you become the best you can be, creating career-defining work and delivering breakthrough thinking.

Role Overview

The Server & Vulnerability SME (Operational Site Focus) will work as part of our digital and technology organisation supporting Diageo’s Global Supply sites. They will use their knowledge of Networks and Cyber Security to managing and securing server infrastructure across operational sites. This role focuses on vulnerability management, ensuring compliance with security standards, and maintaining robust security postures.

Key Responsibilities

• Vulnerability Management: Conduct regular vulnerability scans of IT infrastructure devices, including servers and network devices.
• Vulnerability Management (cont.): Prioritize remediation efforts based on asset criticality and severity of vulnerabilities and develop projects to mitigate against them.
• Vulnerability Management (cont.): Work closely with production teams to coordinate patching efforts minimizing impact.
• Vulnerability Management (cont.): Overseeing technology implementations and partnering with our technology delivery vendors to deliver analysis and technical solutions.
• Security Incident Management: Implement guidelines for effective management of security incidents to ensure all personnel understand their roles in maintaining security.
• Security Incident Management (cont.): Develop incident response plans detailing procedures for detection, containment, eradication, recovery, and lessons learned.
• Security Incident Management (cont.): Conduct regular training sessions and simulations for staff to reinforce awareness of their responsibilities during incidents.
• Security Incident Management (cont.): Establish clear communication channels for reporting incidents promptly.
• System Development Support: Collaborate with development teams to ensure secure system development practices are followed, including risk assessments and patch management.
• System Development Support (cont.): Integrate security checkpoints within the software development lifecycle (SDLC) processes.
• System Development Support (cont.): Perform threat modelling exercises during design phases to identify potential risks early.
• System Development Support (cont.): Ensure timely application of patches through coordinated efforts between development, operations, and security teams.
• Compliance and Assessment: Ensure compliance with best practice standards through monthly, quarterly and annual security posture assessments.
• Continuous Improvement, Training and Documentation: Provide training to users and IT specialists on secure system usage.
• Continuous Improvement, Training and Documentation (cont.): Develop customized training materials tailored toward different user groups within the organization (e.g., end-users vs. technical staff).
• Continuous Improvement, Training and Documentation (cont.): Organize workshops/webinars focusing on emerging threats/trends in cybersecurity landscape relevant specifically towards company’s environment/industry sector(s).
• Continuous Improvement, Training and Documentation (cont.): Document limitations of security controls along with performance requirements: Maintain comprehensive documentation outlining current limitations imposed by existing control measures alongside rationale behind selected configurations/settings used across various platforms/systems/applications deployed throughout enterprise architecture landscape(s).

Skills

• Ability to work with people of varying technical capabilities.
• Attention to detail is key, inquisitive & questioning nature.
• Great at working as part of a cohesive, integrated team.
• Strong problem-solving planning/ organising, highly detail conscious.
• Robust documentation skills.
• Preferred CCNP level knowledge of Networking.
• Familiarity with network monitoring tools (e.g., Wireshark).
• Experience with cybersecurity frameworks (e.g., NIST).
• Understanding of cloud computing platforms (e.g., AWS, Azure).
• Understanding of legacy computing platforms (on-premise servers).
• Experience in OT Systems landscapes, or ability to quickly learn and apply an understanding to the role.
• Strong commitment to growth and development.
• Demonstrated leadership skills.
• Understanding basic control systems and applications (ex. Rockwell).

Qualifications

• Undergraduate degree in Computing; Cyber Security; Networking or any other relevant degree
• Minimum 5 years of experience in IT security or vulnerability management.
• Experience conducting vulnerability scans and managing remediation efforts.
• Excellent communication skills for training delivery and documentation.

Diversity statement

Our purpose is to celebrate life, every day, everywhere. And creating an inclusive culture, where everyone feels valued and that they can belong, is a crucial part of this. We embrace diversity in the broadest possible sense. This means that you’ll be welcomed and celebrated for who you are just by being you. You’ll be part of and help build and champion an inclusive culture that celebrates people of different gender, ethnicity, ability, age, sexual orientation, social class, educational backgrounds, experiences, mindsets, and more. Our ambition is to create the best performing, most trusted and respected consumer products companies in the world. Join us and help transform our business as we take our brands to the next level and build new ones as part of shaping the next generation of celebrations for consumers around the world.

Feel inspired? Then this may be the opportunity for you. If you require a reasonable adjustment, please ensure that you capture this information when you

With over 200 brands sold in more than 180 countries, we’re the world’s leading premium drinks company. Every day, over 30,000 talented people come together at Diageo to create the magic behind our much-loved brands. From iconic names to innovative newcomers – the brands we’re building are rooted in culture and local communities. Our ambition is to be one of the best performing, most trusted and most respected consumer products companies in the world.

Our founders, such as Arthur Guinness, John Walker, and Charles Tanqueray, were visionary entrepreneurs whose brilliant minds helped shape the alcohol industry. And through our people, their legacy lives on. Join us, and you’ll collaborate with talented thinkers, leaders, and makers from all corners of the world. Together, you’ll innovate and push boundaries, shaping a more inclusive and sustainable future that we can all be proud of.

With diversity at our core, we celebrate our people’s unique passions, commitments and specialist skills. Because when varied voices, mindsets, and personalities come together, great ideas are born. In our supportive culture, your voice will be heard and you’ll be empowered to be you. Just bring your ambition, curiosity and ideas, and we’ll celebrate your work and help you reach your fullest potential.

What’s your DRINKiQ? Take our quiz to understand how alcohol is made and explore the effects of drinking. You can discover everything you need to know atDRINKiQ.

Sign-up for job alerts

Signing up for job alerts means you’ll be the first to hear about new jobs – they’ll be sent direct to your inbox.

Feel inspired? Then this may be the opportunity for you.

Employee: Regular

Primary Location: Glasgow , Scotland

Potential next role titles for reference: Supply & Procurement GBS Deployment Lead – Voyager, Luxury Account Manager – Birmingham / Central