Information Security Specialist (Operational Technology)

At William Grant & Sons, Operational Technology underpins our manufacturing and supply chain excellence. As an Information Security Specialist focusing on OT, you will play a pivotal role in securing our distilleries, manufacturing sites, SCADA/ICS/IIoT environments, and related supply chains. You’ll partner with site leaders, IT and OT teams, and cross-functional stakeholders to embed robust security practices across OT systems, ensuring the resilience and integrity of our operational footprint while supporting innovation and efficiency.

Main Responsibilities

• Lead security assessments across manufacturing sites and distilleries, focusing on SCADA, ICS, and IIoT systems, identifying vulnerabilities and driving remediation.
• Build a robust Information Security Management System (ISMS) aligned with IEC standards, collaborating with site leaders, OT engineers, and IT teams to ensure compliance with OT security frameworks like IEC, NIST CSF, and NIS2.
• Manage third-party OT risks by conducting Vendor Security Assurance Questionnaires (VSAQs) and security reviews to ensure external partners meet WG&S expectations.
• Help develop the OT governance roadmap in line with industry best practices and organizational risk appetite.
• Monitor and advise on the convergence of physical and cyber threats at manufacturing and distillery sites, working with physical security and facilities teams to manage blended risks.
• Provide guidance during OT security incidents, supporting triage, containment, and post-incident analysis to minimize operational disruption.
• Assist the Information Security Leader with investigations related to Operational Technology, contributing technical expertise, evidence gathering, and remediation recommendations.
• Address OT-related security tickets in Assyst to ensure prompt resolution.

Our Ideal Candidate

You are proactive, technically skilled, and passionate about securing OT environments with strong analytical abilities. Required skills include:

• Proven experience with OT security frameworks and standards (e.g., IEC, NIST CSF for OT), assessing and improving OT governance.
• Strong technical knowledge of SCADA/ICS/IIoT security, including OT architectures, protocols, and risk vectors.
• Experience managing third-party OT risks, including conducting VSAQs or similar assessments.
• Ability to develop and implement OT security roadmaps, translating frameworks into controls and projects.
• Incident response experience in OT, aiding containment and recovery to reduce production impact.
• Understanding of physical and cyber security convergence, collaborating with facilities and security teams to mitigate risks.
• Excellent communication skills for translating complex security concepts to diverse stakeholders.
• Problem-solving skills with attention to detail to identify vulnerabilities and recommend mitigations.
• Knowledge of supply chain and logistics technology security considerations.

Desirable but not essential:

• OT security certifications (e.g., GICSP).
• Experience in spirits, manufacturing, or process industries with large-scale OT deployments.
• Knowledge of relevant regulatory and compliance requirements.
• Experience reviewing penetration tests and vulnerability scans for OT systems.

What we can offer you

• Competitive salary and benefits, including a bonus plan.
• Generous holiday entitlement with buy/sell options.
• Private Healthcare and Doctor@Hand (remote GP service).
• Defined contribution pension plan with company contributions.
• Employee Assistance Programme for support on various issues.
• Life Assurance covering eight times your salary.
• Product allocation of our brands.
• Cycle to Work scheme.
• Charity support program.
• Learning resources for personal development.