IT Network & Cybersecurity Engineer

The Network & Cybersecurity Engineer is responsible for designing, securing, and maintaining the organization’s converged IT/OT network infrastructure across datacenters, corporate environments, and industrial sites.

The role ensures high‑availability operations for critical systems such as SCADA, DCS, RTUs, PLCs, historians, and enterprise platforms, while maintaining compliance with cybersecurity and governance frameworks (ISO 27001, NIST, IEC
62443).

This position collaborates closely with Operations, IT, OT, and Cybersecurity teams to implement robust network architectures, enforce security policies, and support digital transformation initiatives.

Design, implement, and maintain IP‑based networks across corporate, datacenter, and industrial environments. Manage Layer2/Layer3 switching, VLAN segmentation, routing (OSPF/BGP), and network resiliency protocols (STP/RSTP/VRRP). Support and optimize distributed networks across multiple sites, including WAN/MPLS/SD‑WAN. Implement and maintain datacenter routing and switching architectures. Maintain virtualization infrastructure (VMware/Hyper‑V and Nutanix). Administer DNS/DHCP, NTP, and network core services.

Implement and manage enterprise and industrial firewalls (Palo Alto, Fortinet, Cisco, industrial DMZ firewalls). Maintain SIEM systems (Azure Sentinel, QRadar, Splunk, etc.) including rule tuning, log ingestion, alerts, and threat detection. Conduct vulnerability assessments, patching cycles, and hardening of devices (network, servers, OT). Implement Zero Trust and defense‑in‑depth strategies. Monitor for unauthorized changes, anomalous traffic, and cybersecurity events.

Support and secure Industrial Control Systems including SCADA, RTUs, PLCs, DCS, historians, OPC/OPC‑UA servers. Implement segmentation and demilitarized zones (IDMZ), enforcing IEC
62443 network zones & conduits. Protect industrial protocols (Modbus, DNP3, IEC
61850, PROFINET, BACnet, HART, etc.). Support secure remote access for vendors, OEMs, and contractors via PAM/MFA. Ensure availability of critical OT communications and telemetry.

Maintain alignment with ISO
27001:2022, NIST CSF, IEC
62443, and SOC principles. Support internal and external audits with evidence collection and documentation. Contribute to Risk Registers, Change Request processes, and Security Exceptions. Develop and update cybersecurity policies, SOPs, and configuration baselines.

Participate in ITIL‑aligned service management (Incident, Problem, Change, Release). Maintain accurate documentation: network diagrams, asset inventory, configs, runbooks. Prepare and implement change controls for network and security modifications. Conduct impact assessments and root cause analysis for service interruptions.

Troubleshoot network, firewall, VPN, and cybersecurity issues end‑to‑end. Support high‑availability environments (HA firewalls, redundant links, clustered servers). Perform configuration backups, change diffs, and system restore testing. Provide Level3 technical support for critical incidents.

• CCNA (mandatory)
• CCNP (preferred/mandatory depending on role level)
• CISSP (strongly preferred or in progress)
• IEC
  62443 certifications (preferred)
• Additional beneficial certifications:
  Fortinet NSE4–7, Palo Alto PCNSA/PCNSE, Microsoft AZ‑500 or SC‑200, VMware VCP, CompTIA Security+/CySA+

Bachelor’s degree in computer engineering, IT, Cybersecurity, or related fields.

5–12+ years of experience in IT/Network Engineering, Cybersecurity, or OT/SCADA systems. Hands‑on experience with distributed sites, datacenter networks, and industrial operations. Experience securing OT environments in Oil & Gas, Energy, Utilities, Manufacturing, or Industrial plants. Proven ability to configure and manage enterprise firewalls and SIEM tools. Experience with network monitoring tools (Solar Winds, PRTG, Zabbix, Nagios, etc.). Deep knowledge of TCP/IP…