Operational Technology Network Engineer

At KeolisAmey Docklands (KAD), we operate the iconic Docklands Light Railway (DLR), delivering service excellence in one of London's most critical transport systems. We are now looking for a skilled Operational Technology (OT) Network Engineer to join our team and help maintain a secure and resilient OT network infrastructure that supports safe and efficient rail operations.

As an OT Network Engineer, you will play a key role in maintaining, developing, and optimising KAD's OT network systems. This involves working with cutting-edge networking and virtualisation technologies in a safety-critical railway environment. You'll collaborate with IT, OT, security teams, external suppliers, and Transport for London to ensure seamless OT system performance and cybersecurity compliance.

What You'll Do

• Deploy and maintain Cisco Nexus switches, OT firewalls, Juniper internet firewalls, and Dell servers.
• Manage VMware ESXi environments and StorMagic SvSAN storage solutions.
• Oversee OT network segmentation, VLAN and subnet management, firewall rules, and security zoning following the Purdue model.
• Administer Active Directory, DNS, DHCP, SIEM, Cisco ISE, SolarWinds, and Splunk.
• Support remote access, VPNs, endpoint security, and manage dual ISP circuits at depot locations.
• Implement and maintain cybersecurity best practices including system hardening, antivirus, patch management, and compliance with standards such as IEC 62443 and ISO27001.
• Provide technical support for systems including CCTV servers, CIS/ASC workstations, AIMS, and OTMR log management.
• Participate in Factory Acceptance Tests (FAT) and Site Acceptance Tests (SAT) to ensure system integrity pre-deployment.
• Document technical processes, conduct system audits, and support incident response activities.

What You'll Need

Essential Skills & Experience:

• Bachelor's degree in Network Engineering, IT, or related field
• Minimum 5-7 years' experience in network engineering, ideally in OT/ICS environments

Hands-on experience with:

• Cisco Networking
• Firewalls (Cisco/Juniper)
• Windows Server (AD, NPS, WSUS) & Red Hat Linux
• VMware Virtualisation & Dell Servers
  • Strong knowledge of IP networking, VLANs, VPNs, routing, and network security
  • Experience in network hardening and cybersecurity best practices
  • Excellent problem-solving skills and attention to detail

Desirable (but not essential):

• Certifications such as CCNP, CCIE, JNCIS/JNCIP, VCP
• Experience with network monitoring and security tools (SolarWinds, Splunk, SIEM)
• Understanding of railway, transport, or safety-critical environments
• Familiarity with EMC standards and OT system lifecycle management

What We Offer

As part of the Transport for London (TfL) family, KAD provides competitive benefits including:

• Free travel across TfL for you and a household member
• 75% discount on National Rail season tickets
• Interest-free season ticket loan
• Up to 10% employer pension contribution
• Access to Perkbox, private GP services via Doctor Care Anywhere, and an Employee Assistance Programme
• Commitment to your professional growth in a dynamic, collaborative environment

Join Us

At KAD, we value diversity and inclusion, recognising that varied perspectives drive innovation. We welcome applicants from all backgrounds.

Please read the full job description before applying and ensure your CV and cover letter clearly align to the essential criteria.

Closing Date: 3rd August 2025