National AI Awards 2025Discover AI's trailblazers! Join us to celebrate innovation and nominate industry leaders.

Nominate & Attend

Information Security Specialist (Operational Technology)

William Grant & Sons
North Lanarkshire
1 month ago
Create job alert

Job Introduction

At William Grant & Sons, Operational Technology underpins our manufacturing and supply chain excellent. As an Information Security Specialist focusing on OT, you will play a pivotal role in securing our distilleries, manufacturing sites, SCADA/ICS/IIoT environments, and related supply chains. You’ll partner with site leaders, IT and OT teams, and cross functional stakeholders to embed robust security practices across OT systems, ensuring the resilience and integrity of our operational footprint while supporting innovation and efficiency.

Main Responsibility

As an Information Security Specialist (OT), you will lead security assessments across manufacturing sites and distilleries with a strong focus on SCADA, ICS, and IIoT systems, identifying potential vulnerabilities and driving remediation efforts.

You’ll be responsible for building a robust Information Security Management System (ISMS) from the ground up, aligning it with IEC standards. This role involves close collaboration with site leaders, OT engineers, and IT teams to ensure compliance with key OT security frameworks such as IEC , NIST CSF, and NIS2, while embedding governance and fostering continuous improvement within OT environments.

You will manage third-party OT risks by conducting Vendor Security Assurance Questionnaires (VSAQs) and performing detailed security reviews to verify that external partners align with WG&S’s expectations. Additionally, you’ll assist in developing and evolving the OT governance roadmap in line with industry best practices and the organisation’s risk appetite.

Part of your responsibility will be to monitor and advise on the convergence of physical and cyber threats at manufacturing and distillery locations, working in tandem with physical security and facilities teams to manage blended risks. You’ll provide guidance during OT-related security incidents, supporting with triage, containment, and post-incident analysis to reduce operational disruption.

Moreover, you’ll assist the Information Security Leader with internal and external investigations related to Operational Technology, contributing technical expertise, evidence gathering, and remediation recommendations. Finally, your role will include addressing Information Security tickets in Assyst that pertain to OT, ensuring issues are resolved promptly and thoroughly tracked.

Our Ideal Candidate

You are a proactive and technically adept professional with a passion for securing Operational Technology environments and a strong analytical mindset.

To excel in this role, you should have:

· Proven experience in OT security frameworks and standards (e.g., IEC , NIST CSF for OT), with hands on experience assessing and improving OT governance.

· Strong technical skills in SCADA/ICS/IIoT security, including familiarity with common OT architectures, protocols, and risk vectors.

· Experience with third party risk management for OT suppliers, including conducting VSAQs or equivalent assessments.

· Demonstrated ability to develop and execute OT security roadmaps, translating framework requirements into actionable controls and projects.

· Incident response experience in OT contexts, able to assist with containment and recovery while minimising production disruption.

· Solid understanding of physical cyber security convergence and the ability to collaborate effectively with facilities, physical security, and OT teams to mitigate combined risks.

· Excellent communication skills, capable of translating complex OT security concepts into clear guidance for site leaders, engineers, and non technical stakeholders.

· Strong problem solving abilities and attention to detail, able to foresee potential OT vulnerabilities, and recommend pragmatic mitigations.

· Familiar with supply chain and logistics technology security considerations in an operational context.

Desirable but not essential:

· Specific OT security certifications (e.g., GlCSP).

· Prior experience in the spirits, manufacturing, or process industries, particularly with large scale OT deployments.

· Knowledge of relevant regulatory and compliance requirements affecting OT environments in our sectors.

· Experience reviewing penetration testing and vulnerability scanning results for OT systems, with ability to recommend appropriate remediation actions.

What we can offer you

We offer a competitive salary and benefits which are designed to promote our employees financial wellbeing. Employees are also eligible to participate in a bonus plan. Our employees enjoy a generous holiday entitlement and an opportunity to ‘buy’ or ‘sell’ some holiday entitlement. Private Healthcare and Doctor@Hand (remote GP service). Our employees can join a defined contribution pension plan. Employees contribute either 4% or 5% of salary, the company contributes 8% or 10% depending on the employee contribution. Employee contributions can be made through salary sacrifice. Our Employee Assistance Programme offers practical, impartial support on everyday matters ranging from medical, financial and legal to home and family issues.  Our Life Assurance cover is a multiple of eight times your annual basic salary. Product allocation so that you can enjoy our fantastic portfolio of brands. Our Cycle to Work scheme allows you to hire a bike for an agreed length of time, and then snap it up for a fraction of its original value. All while making savings (at least 25%) and spreading the cost. Every employee has the opportunity to claim up to £1, per year for a charity or charities for which they have raised money, volunteered their time or personally donated. Learning resources to help you be your best self.

Related Jobs

View all jobs

Information Security Specialist

Information Security Specialist (Operational Technology)

Cyber Security Specialist - MSP

Cyber Security Engineer - Midlands

Lead Security Architect

Cyber Security Engineer

National AI Awards 2025

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

10 Cyber Security Recruitment Agencies in the UK You Should Know (2025 Job‑Seeker Guide)

UK cyber security hiring remains resilient in 2025, driven by nation-state threats, cloud security investments, and NCSC regulatory pressures. Lightcast reports +42 % YoY growth in UK roles mentioning “SOC”, “cyber risk”, “offensive security” or “GRC”. Yet despite 30,000 active cyber professionals, monthly live vacancies remain in the 2,500–2,900 range. The result: strong demand across public and private sector. We reviewed 50 + consultancies and included only those that: Are registered in the UK (Companies House) Operate a dedicated Cyber Security / InfoSec / Risk & Compliance desk Posted at least 5 UK cyber security roles between March and June 2025 This guide includes 2025 salary ranges, key skills, interview prep tips, and a verified recruiter directory.

Cyber Security Jobs Skills Radar 2026: Emerging Frameworks, Tools & Certifications to Learn Now

Cyber threats are evolving—and so must the people defending against them. As ransomware, AI-enhanced phishing, and supply chain attacks grow more advanced, UK employers are urgently hiring cyber security professionals with the right mix of strategic and hands-on skills. Welcome to the Cyber Security Jobs Skills Radar 2026, your go-to guide for the most in-demand tools, frameworks, certifications, and technologies shaping the UK's cyber workforce. Whether you're a SOC analyst, penetration tester, or cloud security architect, this annual radar is designed to help you stay ahead of the market.

How to Find Hidden Cyber Security Jobs in the UK Using Professional Bodies like BCS, CIISec & More

The demand for skilled cyber security professionals in the UK has never been higher. With threats increasing in sophistication and frequency, organisations are urgently hiring ethical hackers, threat analysts, GRC specialists, and security architects. But many of the most valuable roles—particularly in government, defence, and critical infrastructure—are never publicly advertised. Instead, these jobs are shared behind the scenes through trusted networks, private communities, and professional bodies. In this article, we explore how to uncover hidden cyber security jobs in the UK using organisations like the BCS (The Chartered Institute for IT), CIISec (The Chartered Institute of Information Security), ISACA, and ISC² UK Chapter. We’ll show you how to use membership directories, special interest groups, CPD events and informal networks to gain early access to roles most people never see.