Information Security GRC Specialist

Employment Type:
Full Time
Central London
Job Ref:

Job Description :

Diageo is the world's leading premium drinks company with an outstanding collection of brands, such as Johnnie Walker, Smirnoff, Baileys, Captain Morgan, Tanqueray and Guinness.
Our purpose - Celebrating life, every day, everywhere - has an important role in our company, for our people, our brands, in how we perform and how we create shared value.

Purpose of Role:

Delivering standardized practices that allow consistent compliance performance across our business and that our response is adapted to the changing risk environment.

This global role is part of the Information Management & Security (IM&S) team's strategic priority to ensure functional compliance within our control environment. In this role you will also be able to make sure Diageo employees and service providers have the security information and understanding they need to do their job in a way that protects themselves and Diageo.

Location: London/Budapest

Main responsibilities:

- Ensure that a successful vendor compliance feedback mechanism is maintained

- Work with application owners to ensure that contracts with vendors have the necessary security clauses

- Maintain the security controls as part of the IT Control Framework

- Participate in Risk Mitigation activities and identify any relevant controls which need to be introduced

- Actively contribute to the development of security policies, standards and controls

- Ensure that application owners comply with IM&S policies and standards

- As part of the IM&S Outreach program, develop and drive further embedding of the IM&S Global Policy into Diageo Markets

- Identify high risk/key groups which need additional security training, develop relevant content and deliver the training

- Ensure regular, robust reporting of security compliance status to management

What you need to be successful in this role:

- Bachelor's degree, ITIL and/or security certifications (CISSP and/or CISA)

- App. 4-5 years' experience in information security field

- Security experience: experience including security audit and/or assurance, security risk mitigation

- Knowledge of role-based access controls (RBAC)

- Compliance Experience, including security controls design and testing experience

- Experience implementing ISO27001 and/or ISF Standard of Good Practice Controls

- Business acumen, ability to understand non-technical business topics

- The ability to explain technical topics to non-technical people

- Strong interpersonal and collaboration skills

- Detail orientation


- Experience assessing vendor contracts for security requirements

- Experience in defining security metrics and delivering security reports

- Broad knowledge of security technologies for networks, servers, desktops and databases

- Broad knowledge of IT security vendors and products at Diageo

- Understanding of PCI Standard and Cloud Computing security requirements

- Knowledge of Industrial Control Systems

What's in it for you?

- Being part of a global, multicultural team

- Opportunity to lease with stakeholders at every level of the organization in different business groups and external vendors

- Opportunity to learn and develop

- Opportunity to enjoy our Bar and company shop

Worker Type :

Primary Location:
Park Royal 7HQ

Additional Locations :

Job Posting Start Date :

You may return to your current search results by clicking here.

Latest Job Listings