Job Title: IT/OT Onsite Network Engineer Location: Caerphilly Rd, Nantgarw, Cardiff CF15 7YJ, United Kingdom (Office based) Job Type: Contract (Inside IR35) Duration: 6 Months Job Summary: Join Tata Consultancy Services (TCS) as an IT/OT Onsite Network Engineer and play a vital role in supporting high-priority IT/OT security projects for leading UK clients. You will work on-site to configure and secure network infrastructure, support digital transformation in manufacturing environments, and ensure compliance with security best practices. This is an opportunity to drive impactful change, working with cutting-edge technology in a challenging, innovative environment. Drive secure network design: Configure firewall rules, network security, and micro-segmentation using VLANs, switches, and network taps. Specialize in industrial protocols: Gain hands-on experience with secure protocols such as OPC-UA, Modbus TCP/IP, Ethernet/IP, and SMB. Lead digital enablement: Deploy and manage OT business tools including remote access, file transfer, monitoring, and backups. Key Responsibilities: Support the Customer's Digital Technology Leader in delivering IT/OT security high-priority projects. Coordinate with facility, maintenance, EHS, quality, and operations teams on Secure Shop Connection projects. Provide internal and external audit support and manage integrations. Conduct OT/IT asset discovery, record management, and ongoing maintenance; liaise with third-party suppliers for asset inventory data. Build and maintain documentation to demonstrate compliance with IT/OT controls. Identify, document, and manage IDF/MDF infrastructure at sites. Oversee hardware procurement processes. Support shop floor asset connectivity to the network. Perform malware scanning and work with cybersecurity teams to remediate infections on OT devices; manage patching and vulnerability incidents. Install and manage Nozomi network taps. Configure and deploy IT/OT network infrastructure (e.g., switch installations) according to approved design standards. Implement removable media controls, especially for third-party suppliers. Develop recovery and backup solutions with OT suppliers; schedule and execute annual OT/IT device scanning. Skills, Experience, and Abilities Required: Essential: Network firewall rule configuration, network security, and micro-segmentation using VLANs, switches, and network taps. Familiarity with secure protocols: OPC-UA, Modbus TCP/IP, Ethernet/IP, SMB. Proficiency in configuring firewalls (Checkpoint), SD WAN, switches, routers (e.g., Cisco). Network design and implementation, including LAN/WAN, VLANs, and routing protocols. Hands-on experience in deploying and managing OT business enablement tools (remote access, file transfer, monitoring, backups). CCNA/CCNP (Cisco Certified Network Associate/Professional) or equivalent. CompTIA Network or equivalent. OT certifications (CCNA/CCNP/ OT SANS) and cloud experience recommended. Desirable: 10 years' experience in IT/OT environments. Experience integrating IT networks with OT systems. Working knowledge of OT assets: HMIs, PLCs, sensors, inspection machines (CMM, CNCs), 3D printers, etc. Experience deploying and managing edge cases including AWS Storage Gateway, Historian, IoT, apps like OpsVision.