Information Security Specialist (Operational Technology)

Job Introduction

At William Grant & Sons, Operational Technology underpins our manufacturing and supply chain excellent. As an Information Security Specialist focusing on OT, you will play a pivotal role in securing our distilleries, manufacturing sites, SCADA/ICS/IIoT environments, and related supply chains. You’ll partner with site leaders, IT and OT teams, and cross functional stakeholders to embed robust security practices across OT systems, ensuring the resilience and integrity of our operational footprint while supporting innovation and efficiency.

Main Responsibility

As an Information Security Specialist (OT), you will lead security assessments across manufacturing sites and distilleries with a strong focus on SCADA, ICS, and IIoT systems, identifying potential vulnerabilities and driving remediation efforts.

You’ll be responsible for building a robust Information Security Management System (ISMS) from the ground up, aligning it with IEC standards. This role involves close collaboration with site leaders, OT engineers, and IT teams to ensure compliance with key OT security frameworks such as IEC , NIST CSF, and NIS2, while embedding governance and fostering continuous improvement within OT environments.

You will manage third-party OT risks by conducting Vendor Security Assurance Questionnaires (VSAQs) and performing detailed security reviews to verify that external partners align with WG&S’s expectations. Additionally, you’ll assist in developing and evolving the OT governance roadmap in line with industry best practices and the organisation’s risk appetite.

Part of your responsibility will be to monitor and advise on the convergence of physical and cyber threats at manufacturing and distillery locations, working in tandem with physical security and facilities teams to manage blended risks. You’ll provide guidance during OT-related security incidents, supporting with triage, containment, and post-incident analysis to reduce operational disruption.

Moreover, you’ll assist the Information Security Leader with internal and external investigations related to Operational Technology, contributing technical expertise, evidence gathering, and remediation recommendations. Finally, your role will include addressing Information Security tickets in Assyst that pertain to OT, ensuring issues are resolved promptly and thoroughly tracked.

Our Ideal Candidate

You are a proactive and technically adept professional with a passion for securing Operational Technology environments and a strong analytical mindset.

To excel in this role, you should have:

· Proven experience in OT security frameworks and standards (e.g., IEC , NIST CSF for OT), with hands on experience assessing and improving OT governance.

· Strong technical skills in SCADA/ICS/IIoT security, including familiarity with common OT architectures, protocols, and risk vectors.

· Experience with third party risk management for OT suppliers, including conducting VSAQs or equivalent assessments.

· Demonstrated ability to develop and execute OT security roadmaps, translating framework requirements into actionable controls and projects.

· Incident response experience in OT contexts, able to assist with containment and recovery while minimising production disruption.

· Solid understanding of physical cyber security convergence and the ability to collaborate effectively with facilities, physical security, and OT teams to mitigate combined risks.

· Excellent communication skills, capable of translating complex OT security concepts into clear guidance for site leaders, engineers, and non technical stakeholders.

· Strong problem solving abilities and attention to detail, able to foresee potential OT vulnerabilities, and recommend pragmatic mitigations.

· Familiar with supply chain and logistics technology security considerations in an operational context.

Desirable but not essential:

· Specific OT security certifications (e.g., GlCSP).

· Prior experience in the spirits, manufacturing, or process industries, particularly with large scale OT deployments.

· Knowledge of relevant regulatory and compliance requirements affecting OT environments in our sectors.

· Experience reviewing penetration testing and vulnerability scanning results for OT systems, with ability to recommend appropriate remediation actions.

What we can offer you

We offer a competitive salary and benefits which are designed to promote our employees financial wellbeing. Employees are also eligible to participate in a bonus plan. Our employees enjoy a generous holiday entitlement and an opportunity to ‘buy’ or ‘sell’ some holiday entitlement. Private Healthcare and Doctor@Hand (remote GP service). Our employees can join a defined contribution pension plan. Employees contribute either 4% or 5% of salary, the company contributes 8% or 10% depending on the employee contribution. Employee contributions can be made through salary sacrifice. Our Employee Assistance Programme offers practical, impartial support on everyday matters ranging from medical, financial and legal to home and family issues.  Our Life Assurance cover is a multiple of eight times your annual basic salary. Product allocation so that you can enjoy our fantastic portfolio of brands. Our Cycle to Work scheme allows you to hire a bike for an agreed length of time, and then snap it up for a fraction of its original value. All while making savings (at least 25%) and spreading the cost. Every employee has the opportunity to claim up to £1, per year for a charity or charities for which they have raised money, volunteered their time or personally donated. Learning resources to help you be your best self.