Note: The job is a remote job and is open to candidates in USA. Divcon is headquartered in Dallas, Texas, and delivers fully integrated automation solutions nationwide. The Network Engineer of Industrial Protocols will ensure the security, reliability, and performance of network infrastructure supporting industrial control systems and SCADA environments.
Responsibilities
- Design, implement, and maintain secure network architectures for converged IT/OT environments, including segmentation, firewalling, and zero-trust strategies
- Configure and manage network infrastructure including switches, routers, firewalls, VPNs, and intrusion detection/prevention systems (IDS/IPS)
- Develop and enforce cybersecurity policies aligned with IEC 62443, NIST Cybersecurity Framework, and CIS Controls for industrial environments
- Perform network vulnerability assessments, penetration testing, and risk analysis specific to industrial control system (ICS) and SCADA networks
- Monitor network traffic for anomalous behavior using SIEM tools and OT-specific threat detection platforms
- Implement and maintain secure communication channels for industrial protocols (BACnet/IP, Modbus TCP, DNP3, OPC UA, MQTT, EtherNet/IP)
- Collaborate with controls engineers, facilities teams, and third-party integrators to ensure secure system deployments and commissioning
- Lead incident response efforts for network security events affecting industrial systems, including forensic analysis and remediation
- Document network topologies, security procedures, and standard operating procedures (SOPs) for IT/OT infrastructure
- Stay current on emerging cyber threats targeting industrial environments and critical infrastructure sectors
Skills
- Education: Bachelor's degree in Computer Science, Network Engineering, Cybersecurity, or a related technical field (or equivalent experience)
- Experience: 5+ years in network engineering with at least 3 years focused on cybersecurity in industrial or OT environments
- Strong working knowledge of industrial protocols: BACnet, Modbus (RTU/TCP), DNP3, OPC UA, MQTT, EtherNet/IP, PROFINET
- Hands-on experience with network security tools: firewalls (Palo Alto, Fortinet, Cisco ASA), IDS/IPS, NAC, SIEM platforms
- Deep understanding of the Purdue Model / ISA-95 reference architecture for industrial network segmentation
- Experience implementing IEC 62443 security standards in operational technology environments
- Proficiency with network monitoring and analysis tools (Wireshark, Nmap, NetFlow/sFlow, Zeek/Bro)
- Solid foundation in TCP/IP, VLANs, routing protocols (OSPF, BGP), VPN technologies, and 802.1X
- Industry certifications such as CISSP, GICSP (Global Industrial Cyber Security Professional), CCNP Security, CEH, or CompTIA CASP+
- Experience with SCADA systems, building management systems (BMS), or energy management platforms
- Familiarity with cloud-based OT monitoring solutions and secure remote access architectures
- Knowledge of NERC CIP, NIST SP 800-82, or other critical infrastructure protection frameworks
- Experience with network automation and scripting (Python, Ansible, Terraform)
- Background in data center infrastructure, electrical power monitoring systems (EPMS), or mission-critical facilities
- Familiarity with Ignition SCADA platform or similar industrial software environments
Company Overview