INFRASTRUCTURE SECURITY DESIGN ENGINEER

LITIT, a joint venture between NTT DATA and Reiz Tech, is a company with deep-rooted industry know-how, dedicated to innovation within the IT sector. Its primary focus is delivering high-quality solutions in the DACH region. With a commitment to excellence, LITIT combines the best of German precision, Japanese work ethics, and Lithuanian talent to provide unparalleled IT service and support to its clients.

As an Infrastructure Security Engineer you will apply your developing expertise in network security, infrastructure technologies, and security controls to support the design, implementation, and maintenance of secure infrastructure solutions. You will contribute to infrastructure security projects, perform security configurations, and develop your skills across network security technologies while receiving regular guidance from senior team members. 

• Assist in implementing network security controls including firewalls, IPS/IDS, and proxies under supervision.

• Configure basic network security policies and access control lists following approved designs.

• Support network segmentation implementations and VLAN configurations.

• Assist with VPN setup and secure remote access solution deployments.

• Support deployment and configuration of security technologies including SIEM, EDR, and endpoint protection.

• Assist in integrating security tools with existing infrastructure under supervision.

• Support security technology testing and validation activities.

• Troubleshoot basic security technology issues with senior guidance.

• Apply security hardening standards to servers, workstations, and network devices under supervision.

• Implement CIS Benchmark configurations for Windows and Linux systems.

• Perform security baseline assessments using automated scanning tools.

• Monitor security alerts and events from SIEM and security tools under guidance.

• Perform initial triage of security incidents and escalate appropriately.

• Create and maintain accurate technical documentation for security implementations.

• Produce network diagrams, configuration guides, and runbooks under supervision.

• Perform straightforward security testing activities under supervision.

• Conduct vulnerability scans and analyze results with guidance.

• Validate security control implementations against requirements.

• Basic understanding of network security principles and architectures.

• Familiarity with firewall concepts and basic configuration (Palo Alto, Cisco ASA, Fortinet).

• Knowledge of common security technologies (antivirus, IPS/IDS, proxies).

• Understanding of Windows and Linux operating system security.

• Basic scripting skills (PowerShell, Bash, Python) for automation tasks.

• Network protocols: TCP/IP fundamentals, routing basics, switching, VLANs 

• Network services: DNS, DHCP, NTP, Active Directory basics 

• Virtualization: Basic VMware or Hyper-V knowledge 

• Operating systems: Windows Server administration, Linux command line 

• Awareness of AWS, Azure, or GCP security concepts.

• Experience with or willingness to learn SIEM platforms (Splunk, QRadar, Sentinel).

• Familiarity with endpoint protection platforms (CrowdStrike, Carbon Black, Defender).

• Knowledge of vulnerability scanning tools (Nessus, Qualys, OpenVAS).

• Understanding of network monitoring and packet analysis tools.

• Basic knowledge of security automation and orchestration concepts.

• Strong attention to detail and accuracy in technical work.