OT Network Architect

Description

Dexcent Inc. has an opportunity for an experienced OT Network Architect to join our growing team. The OT Network Architect will be responsible for developing and enforcing network and hardware standards, designing redundant architectures, evaluating vendors, and ensuring compliance with cybersecurity frameworks. About Dexcent Founded in 2006, Dexcent Inc. (Dexcent) is an engineering consulting firm that provides a range of specialized solutions for clients in a variety of industries throughout the world. Our professionals have modernized IT and OT engineering methodologies into comprehensive solutions, specializing in information analytics, cyber-security, infrastructure, and control systems engineering. As such, we pride ourselves on truly transforming industrial operations to optimize business performance and deliver bottom-line results. About the Role: The ideal candidate will have deep expertise in network architecture, industrial control systems (ICS), cybersecurity, and OT protocols. The OT Network Architect will design, implement, and secure Operational Technology (OT) networks for industrial environments. This role requires strong collaboration with IT, engineering, and operations teams to ensure secure, reliable, and high-performing OT network infrastructures. The preferred candidate will be based in Edmonton or Calgary, AB, with required onsite travel to client locations. Key Responsibilities: Design and implement OT network architectures aligned with industry best practices, NIST, IEC 62443, and business objectives. Develop Network Architecture Design Documents and maintain Network & Hardware Standards. Establish Network & Hardware Design Principles for scalability, performance, and security. Define Network and Hardware Redundancy & Failover Strategies to ensure high availability. Create Network and Hardware Data Flow Diagrams for system interactions. Develop network segmentation strategies, ensuring separation between IT and OT environments while maintaining secure connectivity. Assess and mitigate cybersecurity risks by implementing access controls, anomaly detection, and monitoring solutions. Configure and optimize firewalls, routers, switches, VLANs, industrial DMZs, and VPNs for secure communication. Develop and enforce network policies, security standards, and compliance guidelines specific to OT environments. Conduct Network Traffic Analysis Reports to identify and address performance bottlenecks. Perform Evaluation of Site Loading to assess network scalability and capacity planning. Monitor network health and maintain Lifecycle Operations & Maintenance (LOM) and Level of Service (LOS) Reports. Support disaster recovery and business continuity planning for OT networks. Conduct Network and Hardware Vendor Evaluations and recommend solutions based on performance and security requirements. Develop and maintain an Inventory of network and hardware assets to support lifecycle management. Work with vendors and system integrators to ensure seamless deployment of network solutions. Develop and deliver a Network and Hardware Training Plan for OT personnel and engineers. Maintain up-to-date network documentation, topology diagrams, and security policies. Qualifications & Experience: Bachelor’s degree in Computer Science, Network Engineering, Cybersecurity, or a related field. 10 years of experience in network architecture, industrial networking, or OT cybersecurity. Strong knowledge of OT/ICS protocols such as Modbus, DNP3, OPC-UA, PROFINET, and BACnet. Experience designing and securing SCADA, DCS, PLC, and IIoT environments. Hands-on experience with Cisco, Palo Alto, Fortinet, or equivalent networking/security devices. Expertise in firewall configuration, network segmentation, and zero-trust security principles. Familiarity with NIST CSF, IEC 62443, ISA/IEC 99 cybersecurity frameworks. Proficiency in VPNs, VLANs, IDS/IPS, NAC, and secure remote access solutions. Strong analytical, troubleshooting, and problem-solving skills. Excellent written and verbal communication skills to collaborate with cross-functional teams. Preferred: Preferred Certifications: Cisco CCNP/CCIE, Fortinet NSE, GIAC GICSP, ISA/IEC 62443, or CISSP. Experience in oil & gas, utilities, manufacturing, or critical infrastructure industries. Background in network traffic analysis, intrusion detection/prevention, and industrial cybersecurity risk assessment. Thank you to all applicants for your interest in this opportunity and in Dexcent. While we appreciate the time and effort put into each application, only those selected for further consideration will be contacted.