Job Description

:

--------------------



We are looking for an experienced IT OT Networking Engineer to design implement secure and operate networks across enterprise IT and industrial OT environments You will work on plant floor connectivity SCADA DCS PLC networks and Purdue Model aligned architectures ensuring operational reliability and compliance with IEC 62443 NIST CSF and defense in depth principles

Key Responsibilities:

-------------------------



Network Design Implementation Architect and deploy L2 L3 networks across IT OT zones Access Distribution Core following the Purdue Model Levels 0 5 Configure VLANs VRFs ACLs OSPF BGP Static Routing NAT micro macro segmentation and IT OT DMZ solutions Implement and manage firewalls Palo Alto Fortinet Cisco ASA FTD App ID security profiles and threat prevention Build resilient connectivity for SCADA PLCs RTUs HMIs Historians Industrial IoT gateways with redundancy QoS and TSN Deploy secure remote access via VPN jump servers bastion hosts for OEMs service partners Operations Monitoring Troubleshooting Use NMS and OT monitoring tools SolarWinds PRTG Zabbix Nozomi Claroty for performance monitoring and threat detection Troubleshoot L2 L3 issues packet flows ICS communication using Wireshark tcpdump Maintain HLD LLD network diagrams IPAM runbooks and RACI documentation Drive ITIL based incident problem change management and RCA for network plant outages OT Industrial Protocols Support and secure Modbus TCP Profinet EtherNet IP OPC UA DNP3 BACnet IEC 104 61850 Implement protocol aware filtering segmentation and allowlisting for ICS assets Collaborate with plant operations OEMs SI partners for SCADA DCS PLC RTU migrations and upgrades Compliance Apply IEC 62443 zones conduits SLs patching access control logging Implement IDS IPS NAC 802 1X secure configs and firmware governance Support audits vulnerability assessments NIST CSF ISA 99 ISO 27001 OT controls Cloud Edge Connect OT data securely to Azure AWS GCP edge gateways data lakes Configure Azure ExpressRoute AWS Direct Connect SD WAN policies zero trust architectures

Technical Requirements:

---------------------------



Core Networking Skills L2 L3 switching routing STP RSTP MSTP EtherChannel LACP VLAN ACLs HSRP VRRP OSPF BGP QoS Hands on with Cisco Juniper Aruba HPE networking Palo Alto Fortinet Cisco firewalls DNS DHCP NTP IPAM syslog packet tracing with Wireshark OT ICS Skills Knowledge of Purdue Model ICS SCADA architecture IT OT DMZ historian connectivity Experience with Modbus Profinet EtherNet IP OPC UA DNP3 serial to IP transitions Operational Excellence ITIL based incident change problem management Experience with vendor OEM coordination and plant shutdown activities

Additional Responsibilities:

--------------------------------



Preferred Certifications Networking CCNP JNCIP PCNSA PCNSE Fortinet NSE 4 7 Network OT Security GICSP ISA IEC 62443 certifications CISSP SSCP ICS knowledge Soft Skills Excellent stakeholder management with plant operations OEMs and IT OT teams Strong documentation communication and structured troubleshooting ability Ownership mindset and willingness to support production critical events Cloud SD WAN Azure Network Engineer AWS Advanced Networking Viptela Prisma Fortinet SD WAN

Preferred Skills:

---------------------


Domain->Network->Data networking Layer2 Protocols & Standards,Domain->Network->Data networking Layer 3 Protocols & Standards,Domain->Utilities->Transmission & Distribution->SCADA,Foundational->Information Security->Information Forensics->Wireshark,Technology->Cloud Platform->Azure IOT,Technology->IOT Platform->AWS IOT