Senior OT Network Engineer

About The Position

Requirements

• Minimum of 5 years’ experience as a hands-on network engineer
• Proven experience designing and implementing industrial / OT networks
• Strong hands-on background with: – Enterprise switches and firewalls (Cisco and Dell preferred) – Server configuration (Linux and Windows), Windows workstations – Fiber and copper cabling in industrial environments – VLANs, subnetting, routing, and network segmentation
• Experience working in air-gapped or highly restricted environments
• Familiarity with DoD / Navy cybersecurity expectations, including designing systems that can be certified
• Understanding of PLC, HMI, and industrial data flows
• Ability to operate independently and make sound technical decisions with minimal oversight
• Strong documentation and communication skills
• Bachelor’s degree from an accredited college or university in Computer Engineering, Computer Science, Cybersecurity, or related discipline, or equivalent military experience
• Minimum of DoD 8140 / DoD 8570 IASAE Level II certification
• Strong attention to detail and organizational skills
• Excellent communication skills

Responsibilities

• Assess the existing network and industrial infrastructure, including switches, firewalls, cabling, and servers, to determine: Hardware reuse opportunities Upgradability and lifecycle risks Security and compliance gaps relative to DoD / Navy standards Security posture and compliance risk Operational reliability and uptime Cost, procurement lead time, and vendor supportability
• Design a private, air-gapped OT network architecture from the ground up, including: VLAN and subnetting strategy aligned to industrial control boundaries Secure zoning between PLCs, HMIs, control rooms, and server rooms Isolation between multiple control/manufacturing groups with no lateral communication
• Architect and implement a private OT network that integrates with a newly deployed private 5G backbone being built and operated by a separate team, integrating: Private 5G connectivity between control rooms, server rooms, and operational areas Fiber connectivity from manufacturing buildings to their associated control rooms Clear security boundaries between wireless, fiber, and core infrastructure
• Hands-on implementation of all network infrastructure, including: Racking, cabling, labeling, and power coordination Configuration of Cisco and Dell network equipment Firewall rules, routing, switching, and management plane access
• Enable secure OT data flows, including: PLC → HMI communication within control rooms Controlled PLC/HMI data forwarding to centralized server infrastructure Protection of industrial systems from unintended access or broadcast traffic
• Produce and maintain authoritative network documentation to support compliance certification, including: Logical and physical network diagrams IP address management and VLAN maps As-built and as-designed artifacts Clear security boundaries and documentation for RMF/STIG review Logging, segmentation, and access controls required for auditability
• Build the network as a scalable platform, not a one-off deployment, ensuring: Additional control/manufacturing groups can be added with minimal redesign Capacity, addressing, and segmentation can evolve over time
• Serve as the technical authority for network decisions, working with stakeholders to: Explain trade-offs and risks clearly Support procurement, installation, and acceptance activities Guide future expansion and modernization efforts