Overview
Server and Vulnerability Manager – Mid-Senior level, Full-time, Regular worker type. Primary location: Onyx, Glasgow. Job posting start date: 2025-09-11.
About The Function
Our Digital and Technology (D&T) team are innovators, delivering ground-breaking solutions that will help shape the future of our iconic brands. Technology touches every part of our business, from the sourcing of sustainable ingredients to marketing and development of our online platforms. We utilise data insights to build competitive advantage, supporting our people to deliver value faster.
Our D&T team includes some of the most talented digital professionals in the industry. Every day, we come together to push boundaries and innovate, shaping the digital solutions of tomorrow. Whatever your passion, we’ll help you become the best you can be, creating career-defining work and delivering breakthrough thinking.
Role Overview
The Server & Vulnerability SME (Operational Site Focus) will work as part of our digital and technology organisation supporting Diageo’s Global Supply sites. They will use their knowledge of Networks and Cyber Security to manage and secure server infrastructure across operational sites. This role focuses on vulnerability management, ensuring compliance with security standards, and maintaining robust security postures.
Key Responsibilities
Vulnerability Management
* Conduct regular vulnerability scans of IT infrastructure devices, including servers and network devices
* Prioritize remediation efforts based on asset criticality and severity of vulnerabilities and develop projects to mitigate against them
* Work closely with production teams to coordinate patching efforts minimizing impact
* Overseeing technology implementations and partnering with our technology delivery vendors to deliver analysis and technical solutions
Security Incident Management
* Implement guidelines for effective management of security incidents to ensure all personnel understand their roles in maintaining security
* Develop incident response plans detailing procedures for detection, containment, eradication, recovery, and lessons learned
* Conduct regular training sessions and simulations for staff to reinforce awareness of their responsibilities during incidents
* Establish clear communication channels for reporting incidents promptly
System Development Support
* Collaborate with development teams to ensure secure system development practices are followed, including risk assessments and patch management
* Integrate security checkpoints within the software development lifecycle (SDLC) processes
* Perform threat modelling exercises during design phases to identify potential risks early
* Ensure timely application of patches through coordinated efforts between development, operations, and security teams
Compliance And Assessment
* Ensure compliance with best practice standards through monthly, quarterly and annual security posture assessments
Continuous Improvement, Training And Documentation
* Provide training to users and IT specialists on secure system usage
* Develop customized training materials tailored toward different user groups within the organization (e.g., end-users vs. technical staff)
* Organize workshops/webinars focusing on emerging threats/trends in cybersecurity relevant to the company’s environment/industry sector(s)
* Document limitations of security controls along with performance requirements; maintain comprehensive documentation outlining current limitations imposed by existing control measures and rationale behind configurations used across platforms/systems/applications
Skills
* Ability to work with people of varying technical capabilities
* Attention to detail, inquisitive and questioning nature
* Strong collaboration within a cohesive, integrated team
* Strong problem-solving, planning and organisational skills; highly detail conscious
* Robust documentation skills
* Preferred CCNP level knowledge of Networking
* Familiarity with network monitoring tools (e.g., Wireshark)
* Experience with cybersecurity frameworks (e.g., NIST)
* Understanding of cloud computing platforms (e.g., AWS, Azure)
* Understanding of legacy computing platforms (on-premise servers)
* Experience in OT Systems landscapes, or ability to quickly learn and apply an understanding to the role
* Strong communication skills
* Strong commitment to growth and development
* Demonstrated leadership skills
* Understanding basic control systems and applications (e.g., Rockwell)
Qualifications
* Undergraduate degree in Computing; Cyber Security; Networking or any other relevant degree
* Minimum 5 years of experience in IT security or vulnerability management
* Experience conducting vulnerability scans and managing remediation efforts
* Excellent communication skills for training delivery and documentation
Diversity Statement
Our purpose is to celebrate life, every day, everywhere. We embrace diversity in the broadest possible sense. You’ll be welcomed and celebrated for who you are and helped to belong. We aim to build an inclusive culture that celebrates people of different gender, ethnicity, ability, age, sexual orientation, social class, educational backgrounds, experiences, mindsets, and more. Our ambition is to create the best performing, most trusted consumer products companies in the world. If you require a reasonable adjustment, please ensure you capture this information when you submit your application.
Additional Details
Primary Location: Onyx, Glasgow
Additional locations: Glasgow, United Kingdom
Job Posting Start Date: 2025-09-11
#J-18808-Ljbffr