Job Description
Max PR 92.86 - 128.57 depending on experience
Summary
The Workday Security Lead is responsible for the design, implementation, maintenance, and governance of Workday security across all modules. This role ensures users have appropriate access with the primary goal of protecting employee data, safeguarding data integrity, and maintaining compliance with the company's data security policies and industry best practices.
As the subject matter expert (SME) for all Workday security matters, this role partners with HR, IT, Cybersecurity, and external partners to align security with organizational structure, business processes, and compliance requirements.
Design & Configuration
- Lead the design, configuration, and maintenance of Workday role-based, domain, and business process security policies.
- Oversee security aspects of Workday integrations, ensuring secure data exchange and controlled access.
- Manage security workstreams for new Workday module implementations.
- Apply least-privilege and role-based access principles to ensure data protection and compliance.
- Support Workday releases, regression testing, and new feature enablement related to security.
- Develop and maintain security groups, role assignments, and user provisioning processes.
- Conduct security impact assessments for new functionality and module rollouts.
Administration & Maintenance
- Manage access requests, user accounts, and audit logs across all tenants.
- Perform periodic security reviews to identify vulnerabilities, ensure compliance, and recommend remediation.
- Maintain comprehensive security documentation, including configuration workbooks and reference materials.
- Oversee integration security and service accounts (e.g., API, SSO, EIB).
Collaboration & Governance
- Partner with internal and external stakeholders to define and enforce security policies based on 4-eyes, need to know principles.
- Develop and maintain a Workday security governance framework.
- Collaborate with internal audit and compliance teams to support security audits and risk assessments.
Continuous Improvement & Training
- Provide training and guidance to functional leads and stakeholders on Workday security best practices.
- Identify and implement process improvements and automation opportunities in access management.
- Standardize and enhance provisioning and de-provisioning processes for improved efficiency and user experience.
Key Skills
- Workday Security Framework Expertise
- Role-Based Access Control (RBAC) Design
- Security Auditing and Compliance
- Workday Reporting (RaaS, Custom Reports)
- SSO / Integration Security
Required Qualifications
- Bachelor’s degree in Information Systems, Human Resources, Computer Science, or related field.
- 8+ years of Workday experience, including 5+ years focused on security administration or design.
- Deep understanding of Workday domain security, business process security policies, and role-based access control (RBAC).
- Knowledge of security frameworks and compliance standards (e.g., SOX, GDPR, HIPAA, NIST).
- Experience with key Workday modules (HCM, Recruiting, Advanced Compensation, Absence, Time Tracking, Performance, Talent).
- Expertise with SSO, integration security, and security for EIBs and reports.
- Workday Pro Certification (Security) preferred.
- Strong analytical, problem-solving, and stakeholder management skills.
- Excellent communication skills with the ability to explain technical concepts to non-technical audiences.
Job Tags
Contract work,