Data Security

QS is a global leader in higher education services. We are the data analytics, performance insight

provider and intelligence partner supporting university excellence across the world. Our student

recruitment and enrolment solutions enable universities and business schools to connect with

talented individuals that are seeking to further their academic progress and career development. Our

portfolio of professional services includes consultancy, student mobility and academic partnerships

management, and branding solutions.

We publish highly visible and influential rankings of international universities, including the QS World

University Rankings® which reaches a global audience of hundreds of millions of people. QS keeps

growing organically, through acquisition and by recruiting top talent across key regions.

**The Role & Key responsibilities**:
1**. Able to conduct technical audit independently e.g., for servers, networks, database, webservers, ports,**

**configuration etc. in terms of Cybersecurity, Information Security and Data Privacy.**

**2. Support the technology team in understanding and internalizing security and privacy requirements in a**

**SaaS context**

3. To develop and maintain the information security policy and accompanying processes, procedures, and

guidance documents as per standards like ISO 27001 and organisation requirements.

4. Review all ISMS policies, procedures, and other core ISMS framework documents like Statement of

Applicability (SOA etc, for all departments in-scope and ensure they are all updated

5. Knowledge and implementation experience of Data Privacy Laws in (EU (European Union), EEA

(European Economic Area) and 3rd Countries etc)

6. Manage the ISMS risk management program by reviewing all existing asset registers, change logs and

risk registers.

7. Research and update relevant documents based on of potential information security threats, breaches,

industry trends, emerging technologies, and propose responses & alternatives.

8. Collaborate with the Global stakeholders/ process owners regularly to ensure that the ISMS operates

smoothly and continuously improves

9. Manage internal and external audit findings and ensure their remediation as per agreed schedule, with

the respective Process Owners

10. Support the various ISMS roles in fulfilling their responsibilities, as documented in the ISO manual.

11. Work with ISMS process owners & the team on - Risk identification, tracking and reporting.

12. Alert and facilitate management of data incidents and related Customer communication, if required.

13. Ensuring business complies with Data Privacy requirements via data privacy by design and by default.

14. Plan for audits and demonstrate processes to auditors (internal and external) and track finding, if any to

closure

15. Ensure appropriate security controls (e.g., encryption, levels of access etc.) are applied throughout the

information lifecycle

16. Report against Organization KPIs and analyse the trends for improvements

17. Co-ordinate on development, and delivery of security training programs and individual -handholding

sessions

**Technical skills and qualifications**
- Minimum educational qualification: Engineering in IT (B. E, B.Tech)
- Professional security management certification

. Certifications relating to ISMS and Data Privacy is a must
- Minimum of 5 to 8 years of experience in a combination of risk management, information security and IT
- Experience in developing and maintaining software products
- Experience in working with SaaS platforms and RDBMS
- Experience in working in a Software Product company is desirable.
- Experience in Programming /troubleshooting (e.g., PHP, Drupal, WordPress, using the

Zend/Laravel/codeignitor framework)
- Knowledge of standards information security management frameworks, such as ISO 27001, 27701.
- Experience in Microsoft Office Suite, SharePoint, Atlassian Suite (Jira, Confluence etc.)

**Behavioural competencies**
- Collaboration and communication
- Conflict Management
- Leadership Skill
- Excellent written and verbal communication skills and high level of personal integrity.
- Methodical approach to work, attention to detail and delivery of high-quality results

**A few things that make QS a great place to work include**:

- Competitive package.
- Flexible to work as per global working hours.
- Vibrant social environment and multicultural, multinational culture, strong team spirit.
- Focus on welfare - global wellness team, Calm app, EAP and health plan,

mental health first aiders, diversity and inclusion initiatives.
- Strong recognition and reward programs - peer recognition platform, quarterly and annual

awards, annual bonus scheme.

QS Quacquarelli Symonds is proud to be a fair and equal organization where everyone has the same
opportunity to achieve their full potential, irrespective of their background or personal attributes. We
celebrate our diversity and believe through sharing our e