Network Engineer
Role Overview
We are seeking an experienced Network Engineer to support the integration of Cisco IR1101 industrial routers, OnLogic Industrial PCs (IPCs), and Schneider MCSESM123F2LG0 managed switches within existing Operational Technology (OT) environments. The role focuses on enabling secure, resilient communication between legacy infrastructure and newly deployed SCADA systems while maintaining strict cybersecurity and compliance standards.
Key Responsibilities
Install, configure, and support Cisco IR1101 routers and Schneider MCSESM123F2LG0 managed switches (8x RJ45, 4x SFP).
Design and implement secure VLAN segmentation strategies, including:
VLAN 10 – OT/ICS
VLAN 20 – Management
VLAN 40 – SCADA
Configure static routing and NAT on Cisco IR1101 routers to support secure inter-site connectivity.
Establish Transition VLANs to facilitate seamless integration between legacy networks and new SCADA infrastructure.
Ensure all SCADA-related traffic is properly routed through designated network paths without unauthorized bypass.
Maintain operational continuity of legacy devices without requiring IP readdressing.
Update and manage firewall rules to support new IP ranges, routing policies, and NAT configurations.
Conduct end-to-end connectivity testing between SCADA systems and PLC devices across local and remote sites.
Configure MPLS and IPsec VPN tunnels to enable secure remote connectivity and resilient backup links, including 4G failover.
Support Azure AD integration for SCADA IPC authentication where required.
Implement and maintain security monitoring and vulnerability management tools (e.g., SIEM logging, Qualys, Microsoft Defender).
Ensure adherence to:
Water OTASP standards (Asset Monitoring, Telemetry, Automation, SCADA software design)
NIS Directive requirements for critical infrastructure protection
IEC 62443 cybersecurity framework for industrial control systems
Required Skills & Experience
Strong expertise in routing, VLAN segmentation, static routing, NAT, MPLS, and IPsec VPN configuration.
Hands-on experience working within OT/ICS or industrial network environments.
Understanding of SCADA system integration and secure network zone design.
Experience managing firewall policies and secure remote access solutions.
Proven ability to troubleshoot complex, multi-site network infrastructures.
Preferred Qualifications
Cisco certifications (CCNA, CCNP, or higher).
Experience in OT/ICS environments and SCADA deployments.
Knowledge of critical infrastructure security standards and industrial cybersecurity best practices.