IT Security Lead

RamSoft

Posted on : 22-08-2025

Employer Active

1 Vacancy

Job Alert

You will be updated with latest job alerts via email

Valid email field required

Send jobs

Send me jobs like this

Job Alert

You will be updated with latest job alerts via email

Valid email field required

Send jobs

Job Location

Bengaluru - India

Monthly Salary

Not Disclosed

Salary Not Disclosed

Vacancy

1 Vacancy

Posted on : 22-08-2025

Job Description

About us

Join RamSoft () a collaborative and innovative SaaS medical software company that is developing and selling novel cloud and cloud-native RIS/PACS software platforms for radiologists worldwide. Were a global business with 200 employees located worldwide and we are growing quickly.

Job Summary

We are seeking a proactive and technically strongInformation Security Leadto drive our enterprise-widecloud and infrastructure security operations focused onAzure Security SOC operations threat intelligence breach readiness and regulatory compliance. This role plays a critical part in improvingcyber defence maturity ensuringresilience against attacks andenabling audit readiness while working closely with MDR/MSSP vendors internal IT teams and governance functions. The scopeexcludes application and DevSecOps security focusing purely oninfrastructure and operations security domains.

Key Responsibilities

Cloud Security (Azure Focus)

Lead improvements inAzure security postureusingMicrosoft Secure ScoreAzure Policy andAzure Defender for Cloud.
Implement and manageAzure-native security controls includingKey VaultAzure FirewallNSGs/ASGsSentinel andMicrosoft Defender XDR.
EnforceAzure Security Benchmarkand contribute toAzure Well-Architected Framework (Security Pillar)assessments and remediation.

Security Operations & Incident Response

Oversee day-to-daySOC operationsin collaboration withMDR/MSSP vendors ensuring timely triage escalation and remediation.
ImproveMTTA/MTTRthrough playbook automation detection rule tuning and optimised incident workflows.
Leadroot cause analysisforensics andincident post-mortemsfor infrastructure and cloud-related security events.

Cyber Threat Intelligence and Blue Teaming

Integrate actionableCyber Threat Intelligence (CTI)feeds and threat actor TTPs into the detection pipeline.
Run regularphishing simulationsblue teaming andbreach and attack simulations (BAS)to validate defence readiness.
Conduct and support infrastructurethreat modellingusing MITRE ATT&CK and STRIDE frameworks.

IT Security & Patch Compliance

EnsureIT infrastructure security including laptops servers printers and internal systems.
Define and enforce enterprisepatch management policies track patch compliance for OS firmware and software.
Monitor forvulnerable configurations and outdated softwareacross end-user and server endpoints.

Active Directory & Identity Security

Secure and monitorActive Directory (AD)andAzure ADfor privilege escalations misconfigurations and abuse patterns.
Implementconditional access policiesmulti-factor authentication (MFA) and role-based access control (RBAC).
Ensure alignment withSC-300 Microsoft Identity & Accessbest practices.

Network Security

Define and enforcenetwork segmentation firewall rule reviews secure VPN configurations andzero-trust policies.
Performnetwork threat analysisand work with IT/network teams to detect anomalies lateral movement or exfiltration risks.
Monitor and harden edge devices (routers firewalls IDS/IPS).

Governance Risk & Compliance (GRC)

Ensure cloud and infra environments are compliant with standards (ISO 27001 SOC 2 NIST CSF).
Support internal/external audits andmaintain audit readinessfor controls involving cloud and IT security.
DriveSecurity BCP and DR testingexercises; document findings and track mitigation.

Vendor Management and Operations

Act asprimary liaison for MDR/MSSP providers managing SLAs escalations tuning requests and playbook improvements.
Own contracts performance metrics and quarterly service reviews with security vendors.

Security Metrics and Reporting

Track and improve metrics likeMicrosoft Secure Scorepatch SLAsthreat detection coverageMTTA/MTTR phishing susceptibility and audit gaps.
Maintain and publishsecurity dashboards and operational health reportsto leadership.

Qualifications

Education

Bachelors or Masters in Information Security Computer Science or a related technical discipline.

Experience

6 years of hands-on experience in Information Security including:
- 3 years inAzure Security and SOC operations
- Proven exposure toIT infrastructureAD security andnetwork hardening
- Leadingincident responseaudit preparation andGRC collaboration

Certifications (Highly Preferred)

AZ-500: Microsoft Azure Security Engineer Associate
SC-200: Microsoft Security Operations Analyst
SC-300: Microsoft Identity and Access Administrator
SC-100: Microsoft Cybersecurity Architect
Optional: CISSP CISM ISO 27001 LA or GIAC certifications (e.g. GCIA GCIH)

Skills & Competencies

Deep expertise inAzure-native securitySIEM/XDR/EDRtooling
Strong grasp ofnetwork protocolsfirewall rulesActive Directory andendpoint hardening
Familiarity withcyber kill chainthreat intelligence anddetection engineering
Proficient inKQL PowerShell or scripting to support security automation
Clear communicator able to translate technical risk into business impact

Required Experience:

Senior IC

Employment Type

Full-Time

Company Industry

Key Skills

Apply Now

About Company

RamSoft

Report This Job

Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.

Start Now

Dr.Job AutoApply

3X your job search with AutoApply's AI for faster dream job results.