CVR Energy, Inc.
Position Summary
The Network Engineer is responsible for the design, implementation, security and lifecycle management of CVR Energy enterprise and SCADA network infrastructure across multiple datacenters and remote plant sites. This role requires deep expertise in Cisco based routing and switching, firewall administration, SCADA segmentation, and enterprise / industrial connectivity over LTE, VSAT, and private WAN circuits. The Network Engineer will support modernization efforts, including hardware refresh, vulnerability remediation, and secure network separation between corporation IT and SCADA environments. Education Requirements
Bachelor's Degree in Information Systems, Information Technology, Computer Science, or related scientific or technical discipline required. Equivalent technical experience may be substituted. Relevant certifications preferred such as Cisco CCNP, Forescout FSCA, Wireless and Security or equivalent. Experience Requirements
5+ years of experience with degree or 6+ years of experience in lieu of degree in broad network including LAN/WLAN/SD-WAN experience and designing/implementing network infrastructure solutions in Windows and Linux/Unix environments; and networking with blade solutions and architectures i.e. Cisco UCS, HP/Dell/IBM Blades. Working knowledge of cellular and/or satellite networks, cabling, racks, electricity/power, firewalls, TCP/IP, routing, switching, VLAN's, and SSL VPNs. Experience with Windows Server platforms emphasizing DNS and DHCP; and knowledge of QoS, CAR, SSL, BGP, HSRP, MPLS, IPSEC, iSCSI, EIGRP, OTV, VRRP, VDC, vPC, VSAN, ACL's and VACL's, DMVPN, T1's, DS3's, OC3's, OSPF, IPv4, Layer 2/3 diagrams, and NTP. Experience in Cisco network access control solutions (ACS, NAC, Forescout) preferred. Security: Cisco ASA, Firewalls, VPN/AnyConnect, ACL/TLS hardening, SNMPv3, SSHv2. Wireless: Cisco 9800 WLC, Catalyst 9100 APs, industrial wireless (IW9165E, 9130AXE in hazardous locations). SCADA/ICS Networking: Segmentation, DMZ design, redundant LTE/VSAT connectivity, vendor remote access. Vulnerability remediation (TLS cipher updates, IOS/ROMmon upgrades, ACL hardening, SSH/TLS enforcement). Lifecycle management: equipment refresh planning, SmartNet alignment, budget tracking + annual hardware replacement projects. Experience with monitoring, troubleshooting, and packet analysis tools (Wireshark, NetFlow, SolarWinds, etc.). Strong Visio documentation and structured project/change management. Ability to multi-task and manage multiple priorities while working independently. Interpersonal and relationship skills are necessary to work with an integrated team of project managers, developers, quality and other company engineers. Major Accountabilities
Implement, and maintain secure enterprise network and SCADA network infrastructure across datacenters and remote plant sites. Implement vulnerability remediation program across 100+ devices, ensuring compliance with security baselines (TLS 1.2+, SSHv2, SNMP ACLs, etc.). Maintain and optimize SCADA/ICS network segmentation, DMZs, and secure vendor access. Serve as an escalation point for troubleshooting complex WAN/LAN/SCADA connectivity issues. Coordinate with vendors and carriers to resolve network incidents, negotiate contracts, and validate hardware/software upgrades. Develop and maintain detailed diagrams, change-control documents, risk/rollback/test plans, and SharePoint documentation repositories. Installs, and supports network communications, including LAN/WLAN/WAN/MAN systems, wireless networks and public ingress/egress points. Ensures stable operations within the production network including adhering to industry best practices such as change/incident management and information security policies and procedures. Expected Results
Highly available, secure, and compliant enterprise and SCADA network infrastructure. Successful execution of planned hardware refreshes and network modernization initiatives within budget. Timely closure of vulnerability remediation tasks validated by internal/external scans. Clear and consistent documentation of network configurations, diagrams, and change plans. Effective collaboration with IT, operations, and external vendors to deliver reliable services. Continuous professional growth through training, certifications, and industry engagement. Application Statement
Applicants must be eligible to work in the United States. The Company will not sponsor immigration or work visas. EEO Statement
CVR Energy is an EEO and affirmative action employer. We encourage qualified minority, female, veteran, and disabled candidates to apply.
#J-18808-Ljbffr
The Network Engineer is responsible for the design, implementation, security and lifecycle management of CVR Energy enterprise and SCADA network infrastructure across multiple datacenters and remote plant sites. This role requires deep expertise in Cisco based routing and switching, firewall administration, SCADA segmentation, and enterprise / industrial connectivity over LTE, VSAT, and private WAN circuits. The Network Engineer will support modernization efforts, including hardware refresh, vulnerability remediation, and secure network separation between corporation IT and SCADA environments. Education Requirements
Bachelor's Degree in Information Systems, Information Technology, Computer Science, or related scientific or technical discipline required. Equivalent technical experience may be substituted. Relevant certifications preferred such as Cisco CCNP, Forescout FSCA, Wireless and Security or equivalent. Experience Requirements
5+ years of experience with degree or 6+ years of experience in lieu of degree in broad network including LAN/WLAN/SD-WAN experience and designing/implementing network infrastructure solutions in Windows and Linux/Unix environments; and networking with blade solutions and architectures i.e. Cisco UCS, HP/Dell/IBM Blades. Working knowledge of cellular and/or satellite networks, cabling, racks, electricity/power, firewalls, TCP/IP, routing, switching, VLAN's, and SSL VPNs. Experience with Windows Server platforms emphasizing DNS and DHCP; and knowledge of QoS, CAR, SSL, BGP, HSRP, MPLS, IPSEC, iSCSI, EIGRP, OTV, VRRP, VDC, vPC, VSAN, ACL's and VACL's, DMVPN, T1's, DS3's, OC3's, OSPF, IPv4, Layer 2/3 diagrams, and NTP. Experience in Cisco network access control solutions (ACS, NAC, Forescout) preferred. Security: Cisco ASA, Firewalls, VPN/AnyConnect, ACL/TLS hardening, SNMPv3, SSHv2. Wireless: Cisco 9800 WLC, Catalyst 9100 APs, industrial wireless (IW9165E, 9130AXE in hazardous locations). SCADA/ICS Networking: Segmentation, DMZ design, redundant LTE/VSAT connectivity, vendor remote access. Vulnerability remediation (TLS cipher updates, IOS/ROMmon upgrades, ACL hardening, SSH/TLS enforcement). Lifecycle management: equipment refresh planning, SmartNet alignment, budget tracking + annual hardware replacement projects. Experience with monitoring, troubleshooting, and packet analysis tools (Wireshark, NetFlow, SolarWinds, etc.). Strong Visio documentation and structured project/change management. Ability to multi-task and manage multiple priorities while working independently. Interpersonal and relationship skills are necessary to work with an integrated team of project managers, developers, quality and other company engineers. Major Accountabilities
Implement, and maintain secure enterprise network and SCADA network infrastructure across datacenters and remote plant sites. Implement vulnerability remediation program across 100+ devices, ensuring compliance with security baselines (TLS 1.2+, SSHv2, SNMP ACLs, etc.). Maintain and optimize SCADA/ICS network segmentation, DMZs, and secure vendor access. Serve as an escalation point for troubleshooting complex WAN/LAN/SCADA connectivity issues. Coordinate with vendors and carriers to resolve network incidents, negotiate contracts, and validate hardware/software upgrades. Develop and maintain detailed diagrams, change-control documents, risk/rollback/test plans, and SharePoint documentation repositories. Installs, and supports network communications, including LAN/WLAN/WAN/MAN systems, wireless networks and public ingress/egress points. Ensures stable operations within the production network including adhering to industry best practices such as change/incident management and information security policies and procedures. Expected Results
Highly available, secure, and compliant enterprise and SCADA network infrastructure. Successful execution of planned hardware refreshes and network modernization initiatives within budget. Timely closure of vulnerability remediation tasks validated by internal/external scans. Clear and consistent documentation of network configurations, diagrams, and change plans. Effective collaboration with IT, operations, and external vendors to deliver reliable services. Continuous professional growth through training, certifications, and industry engagement. Application Statement
Applicants must be eligible to work in the United States. The Company will not sponsor immigration or work visas. EEO Statement
CVR Energy is an EEO and affirmative action employer. We encourage qualified minority, female, veteran, and disabled candidates to apply.
#J-18808-Ljbffr