Infrastructure & SCADA Engineer

About The Position

Requirements

• Hands-on experience supporting production OT/SCADA environments with a bias toward uptime and safe change control.
• Strong FactoryTalk infrastructure/support experience (Linx / View / Historian and surrounding Windows/network dependencies).
• Strong networking fundamentals (switching, segmentation, QoS, VPNs) and the ability to troubleshoot with packet captures.
• Experience operating enterprise firewalls and remote access in segmented environments (Palo Alto/pfSense a plus).
• Windows AD/DC fundamentals with real operational discipline (hardening, backups, recovery).
• PKI/certificate lifecycle experience and comfort debugging TLS/cert chains under pressure.
• Smart card / certificate-based auth experience in Windows environments (highly preferred).
• Documentation skills that stand up during incidents.

Nice To Haves

• Claroty experience in production OT networks.
• Experience with data diodes / one-way data transfer architectures.
• Proxmox experience (especially HA/recovery patterns).
• Scripting for automation and operational glue.
• Rockwell PLC familiarity (as an infrastructure/support partner to I&C).

Responsibilities

• Operate and stabilize FactoryTalk infrastructure (FactoryTalk Linx / View / Historian / related services) and the networks it depends on.
• Implement and test redundancy/failover in critical environments (OT networks, core services, remote access, and monitoring).
• Operate segmented OT networks: Arista/Cisco switching, VLANs, QoS/traffic shaping, and packet-level troubleshooting when things break.
• Deploy and manage firewalls (Palo Alto & pfSense): segmentation, rule changes, VPNs (SSL/IPsec/WireGuard), and logging/change control.
• Implement 802.1x and identity-driven network access where appropriate without breaking operations.
• Operate Windows domain services supporting OT (Domain Controllers, AD, GPO) including hardening and recovery planning.
• Build/operate PKI and certificate workflows (offline/dedicated CA with OpenSSL + Windows CA), including SSL cert issuance, renewal, and troubleshooting TLS end-to-end.
• Implement and maintain smart card authentication in Windows AD environments (enrollment, mapping, auth troubleshooting).
• Support OT visibility tooling (Claroty) and keep it operational and useful to I&C/Security.
• Operate supporting infra (Proxmox; Azure VMs/vNets where needed).
• Support operator infrastructure as needed: Adder Infinity KVM, VoIP networks, and WiFi systems (Ruckus).
• Maintain accurate documentation and operational runbooks: network diagrams, operational procedures, and device/service add/remove processes.
• Work with I&C / Engineering to resolve issues introduced by hardening/security controls, and coordinate with the Data & Storage Engineer for centralized logging

Benefits

• Catered lunches
• Competitive pay