Job Description
We are looking for an experienced IT/OT Networking Engineer to design, implement, secure, and operate networks across enterprise IT and industrial OT environments. You will work on plant-floor connectivity , SCADA/DCS/PLC networks , and Purdue Model–aligned architectures , ensuring operational reliability and compliance with IEC 62443, NIST CSF, and defense-in-depth principles.
Key Responsibilities
Network Design & Implementation
Architect and deploy L2/L3 networks across IT–OT zones (Access/Distribution/Core) following the Purdue Model (Levels 0–5) .
Configure VLANs, VRFs, ACLs, OSPF, BGP, Static Routing, NAT , micro/macro segmentation, and IT–OT DMZ solutions.
Implement and manage firewalls: Palo Alto, Fortinet, Cisco ASA/FTD , App-ID, security profiles, and threat prevention.
Build resilient connectivity for SCADA, PLCs, RTUs, HMIs, Historians, Industrial IoT gateways with redundancy, QoS, and TSN.
Deploy secure remote access via VPN, jump servers, bastion hosts for OEMs/service partners.
Operations, Monitoring & Troubleshooting
Use NMS and OT monitoring tools ( SolarWinds, PRTG, Zabbix, Nozomi, Claroty ) for performance monitoring and threat detection.
Troubleshoot L2/L3 issues, packet flows, ICS communication using Wireshark/tcpdump .
Maintain HLD/LLD, network diagrams, IPAM, runbooks, and RACI documentation.
Drive ITIL-based incident, problem, change management and RCA for network/plant outages.
OT & Industrial Protocols
Support and secure Modbus/TCP, Profinet, EtherNet/IP, OPC UA, DNP3, BACnet, IEC 104/61850 .
Implement protocol-aware filtering, segmentation, and allowlisting for ICS assets.
Collaborate with plant operations, OEMs, SI partners for SCADA/DCS/PLC/RTU migrations and upgrades.
Compliance
Apply IEC 62443 (zones/conduits, SLs, patching, access control, logging).
Implement IDS/IPS, NAC (802.1X), secure configs, and firmware governance.
Support audits, vulnerability assessments, NIST CSF, ISA-99, ISO 27001 OT controls.
Cloud & Edge (Nice-to-Have)
Connect OT data securely to Azure/AWS/GCP , edge gateways, data lakes.
Configure Azure ExpressRoute, AWS Direct Connect , SD-WAN policies, zero-trust architectures.
Required Qualifications
Experience: 5–10 years in Network Engineering; 3+ years in OT/ICS environments (manufacturing, utilities, energy, pharma, O&G).
Education: Bachelor’s in Engineering/Technology (ECE/EE/CS/IT) or equivalent.
Core Networking Skills
L2/L3 switching & routing: STP/RSTP/MSTP, EtherChannel/LACP, VLAN, ACLs, HSRP/VRRP, OSPF, BGP, QoS .
Hands-on with Cisco/Juniper/Aruba/HPE networking; Palo Alto/Fortinet/Cisco firewalls .
DNS/DHCP/NTP/IPAM/syslog; packet tracing with Wireshark .
OT/ICS Skills
Knowledge of Purdue Model , ICS/SCADA architecture, IT–OT DMZ, historian connectivity.
Experience with Modbus, Profinet, EtherNet/IP, OPC UA, DNP3 & serial-to-IP transitions.
Operational Excellence
ITIL-based incident/change/problem management.
Experience with vendor/OEM coordination and plant shutdown activities.
Preferred Certifications
Networking: CCNP, JNCIP, PCNSA/PCNSE, Fortinet NSE 4–7, Network+.
OT/Security: GICSP, ISA/IEC 62443 certifications, CISSP/SSCP (ICS knowledge).
Cloud/SD-WAN: Azure Network Engineer, AWS Advanced Networking, Viptela/Prisma/Fortinet SD-WAN.
Soft Skills
Excellent stakeholder management with plant operations, OEMs, and IT/OT teams.
Strong documentation, communication, and structured troubleshooting ability.
Ownership mindset and willingness to support production-critical events.
Please note: These positions are not fully remote. Selected candidates will be required to work from an Infosys office near their current location.
Key Responsibilities
Network Design & Implementation
Architect and deploy L2/L3 networks across IT–OT zones (Access/Distribution/Core) following the Purdue Model (Levels 0–5) .
Configure VLANs, VRFs, ACLs, OSPF, BGP, Static Routing, NAT , micro/macro segmentation, and IT–OT DMZ solutions.
Implement and manage firewalls: Palo Alto, Fortinet, Cisco ASA/FTD , App-ID, security profiles, and threat prevention.
Build resilient connectivity for SCADA, PLCs, RTUs, HMIs, Historians, Industrial IoT gateways with redundancy, QoS, and TSN.
Deploy secure remote access via VPN, jump servers, bastion hosts for OEMs/service partners.
Operations, Monitoring & Troubleshooting
Use NMS and OT monitoring tools ( SolarWinds, PRTG, Zabbix, Nozomi, Claroty ) for performance monitoring and threat detection.
Troubleshoot L2/L3 issues, packet flows, ICS communication using Wireshark/tcpdump .
Maintain HLD/LLD, network diagrams, IPAM, runbooks, and RACI documentation.
Drive ITIL-based incident, problem, change management and RCA for network/plant outages.
OT & Industrial Protocols
Support and secure Modbus/TCP, Profinet, EtherNet/IP, OPC UA, DNP3, BACnet, IEC 104/61850 .
Implement protocol-aware filtering, segmentation, and allowlisting for ICS assets.
Collaborate with plant operations, OEMs, SI partners for SCADA/DCS/PLC/RTU migrations and upgrades.
Compliance
Apply IEC 62443 (zones/conduits, SLs, patching, access control, logging).
Implement IDS/IPS, NAC (802.1X), secure configs, and firmware governance.
Support audits, vulnerability assessments, NIST CSF, ISA-99, ISO 27001 OT controls.
Cloud & Edge (Nice-to-Have)
Connect OT data securely to Azure/AWS/GCP , edge gateways, data lakes.
Configure Azure ExpressRoute, AWS Direct Connect , SD-WAN policies, zero-trust architectures.
Required Qualifications
Experience: 5–10 years in Network Engineering; 3+ years in OT/ICS environments (manufacturing, utilities, energy, pharma, O&G).
Education: Bachelor’s in Engineering/Technology (ECE/EE/CS/IT) or equivalent.
Core Networking Skills
L2/L3 switching & routing: STP/RSTP/MSTP, EtherChannel/LACP, VLAN, ACLs, HSRP/VRRP, OSPF, BGP, QoS .
Hands-on with Cisco/Juniper/Aruba/HPE networking; Palo Alto/Fortinet/Cisco firewalls .
DNS/DHCP/NTP/IPAM/syslog; packet tracing with Wireshark .
OT/ICS Skills
Knowledge of Purdue Model , ICS/SCADA architecture, IT–OT DMZ, historian connectivity.
Experience with Modbus, Profinet, EtherNet/IP, OPC UA, DNP3 & serial-to-IP transitions.
Operational Excellence
ITIL-based incident/change/problem management.
Experience with vendor/OEM coordination and plant shutdown activities.
Preferred Certifications
Networking: CCNP, JNCIP, PCNSA/PCNSE, Fortinet NSE 4–7, Network+.
OT/Security: GICSP, ISA/IEC 62443 certifications, CISSP/SSCP (ICS knowledge).
Cloud/SD-WAN: Azure Network Engineer, AWS Advanced Networking, Viptela/Prisma/Fortinet SD-WAN.
Soft Skills
Excellent stakeholder management with plant operations, OEMs, and IT/OT teams.
Strong documentation, communication, and structured troubleshooting ability.
Ownership mindset and willingness to support production-critical events.
Please note: These positions are not fully remote. Selected candidates will be required to work from an Infosys office near their current location.
Apply for this Position
Ready to join ? Click the button below to submit your application.
Submit Application