Workday Security Analyst

ESSENTIAL JOB DUTIES & RESPONSIBILITES: 

• Security Design & Implementation 
  Architect and deliver scalable, enterprise-grade security frameworks across Workday’s HR and Finance modules aligning business objectives and security best practices.  

• Security Configuration & Administration 
  Lead the configuration and administration of Workday security, including, but not limited to:   

• Domain security policies  

• Business process security policies  

• Role-based security groups  

• User-based security groups  

• Intersection and constrained security groups  

• Segregation of duties (SoD)  

• Tenant level security architecture  

•  Authentication and authorization concepts  

• Security inheritance and propagation 

• Security Architecture & Optimization 
  Continuously assess and mature the Workday security architecture by identifying gaps, reducing complexity and implementing improvements that enhance scalability, performance, and least-privilege access.  

• Authentication & Integration Security 
  Design and manage secure authentication frameworks, including OAUTH, SAML, Step-Up, Whitelisting, Single Sign-On (SSO), ensuring seamless and secure integrations across enterprise systems.  

• Issue Resolution & Operational Excellence 
  Serve as a subject matter expert in troubleshooting and resolving complex security issues, ensuring timely resolution while maintaining system integrity and business continuity.  

• Provisioning and deprovisioning users  

• Managing role assignments  

• Security group maintenance  

• Troubleshooting access issues  

• Creating and modifying security configurations  

• Supporting tenant refreshes and migrations  

• Running security audits  

• Managing emergency access procedures 

• Continuous Improvement & Release Management 
  Proactively monitor Workday releases and emerging capabilities, assessing impact and driving adoption of new features to enhance security posture and operational efficiency.  

• User Access & Provisioning Governance 
  Establish and optimize user access governance, partnering with Finance, HR, IT, and business stakeholders to design efficient provisioning workflows. Plan, coordinate, and execute biannual User Access Reviews (UAR) with a focus on audit readiness and risk reduction.  

• Compliance, Risk & Audit Leadership 
  Drive compliance with regulatory and internal control frameworks (e.g., SOX, GDPR) by designing effective controls, supporting audits, managing evidence collection, and leading remediation efforts to address identified risks.  

• Documentation & Security Governance 
  Develop and maintain comprehensive, audit-ready documentation of security models, standards, policies, and procedures, ensuring transparency and consistency across the organization.  

• Security Roadmap & Strategy 
  Define and execute a forward-looking Workday security roadmap that leverages new platform capabilities, enforces least-privilege access, and aligns with evolving organizational and regulatory requirements. 

QUALIFICATIONS (KNOWLEDGE, SKILLS & ABILITIES): 

• Bachelor's degree in IT or related discipline 

• 3–5 years of hands-on experience with Workday Security (Pro certification a plus) 

• Experience working directly with internal controls and auditors to support audit requests 

• Proven experience designing and implementing security architectures  

• Experience with SoD, SOX compliance, User Access Reviews (UAR), and GDPR initiatives  

• Strong Knowledge of authentication methods, including OAUTH, SAML, SSO and tenant level security configurations 

• Supporting large global organizations with complex security framework and scaling for growth  

Key Competencies 

• Excellent interpersonal, collaboration and communication skills with the ability to interact with Finance, HR, IT, and Cybersecurity teams across all levels of the organization 

• Demonstrated ability to effectively organize and prioritize work to meet established deadlines 

• Excellent problem solving, critical thinking and decision-making skills 

• Strong understanding of risk management principles and mitigation strategies  

• Strong analytical and documentation skills 

#LI-Remote​