Gravity IT Resources
Get AI-powered advice on this job and more exclusive features.
The Workday Security Analyst III is responsible for leading security processes, governance, and oversight across Workday and related platforms, including UKG and Hyland OnBase. This role ensures security practices align with organizational objectives, regulatory requirements, audit standards, SOX controls, and data privacy compliance.
As a senior‑level subject matter expert, the Workday Security Analyst III serves as the primary escalation point for Workday security analysts, provides coaching and mentorship, and acts as a trusted advisor to leadership on security strategy and risk mitigation. This position maintains a dotted‑line relationship with analysts to influence development and performance without direct management authority.
Security Leadership & Strategy
Serve as a trusted advisor to leadership on security strategy, risk mitigation, and compliance initiatives. Contribute to technical roadmap discussions to ensure security standards are embedded into new features and integrations. Monitor emerging threats and recommend proactive enhancements to strengthen the Workday security posture. Governance, Compliance & Risk Management
Lead security governance, role‑change approvals, and SOX and data privacy compliance controls. Develop, maintain, and enforce security policies, standards, and governance frameworks. Oversee security audits, assessments, and readiness for internal and external compliance requirements. Support audit processes by providing Workday access logs, while collaborating with cybersecurity on cross‑system audits. Ensure security practices align with organizational goals and regulatory standards. Workday Security Architecture & Operations
Define and maintain role‑based access control, separation of duties, and domain/business process security. Design and maintain enterprise security architecture for Workday, UKG, Hyland OnBase, and other supported platforms. Align Workday security groups with identity and access management (IAM) tools such as SailPoint. Ensure sensitive data (e.g., Social Security numbers, compensation) is masked or restricted in accordance with policy. Ensure Workday roles and configurations do not violate separation‑of‑duties requirements. Collaborate with technical and business stakeholders to ensure secure system design and access controls. Lead incident response planning, investigation, and resolution for Workday‑related security events. Manage oversight of Workday roles and assignments, while partnering with cybersecurity on enterprise‑wide security controls. Work with cybersecurity teams to monitor and respond to suspicious activity within Workday. Team Guidance & Mentorship
Serve as the primary escalation point for Workday security analysts on complex or high‑risk issues. Provide guidance, coaching, and feedback to Security Analysts on best practices, technical approaches, and issue resolution. Mentor and guide Security Analysts across both Governance/Policy and Operations tracks. Maintain a dotted‑line relationship with Security Analysts by influencing performance and development without direct management authority. Required Qualifications
Bachelor’s degree in Information Security, Computer Science, or a related field. Workday Security Certification (to be obtained within 9 months of hire). 5+ years of experience in enterprise security roles, including security architecture, policy development, and incident management. Minimum of 3 years of hands‑on Workday Security experience with progressively increasing responsibilities. Proven experience designing and implementing security frameworks across cloud‑based enterprise applications. Seniority level
Mid‑Senior level Employment type
Contract Job function
Information Technology Industry
Hospitals and Health Care
#J-18808-Ljbffr
Serve as a trusted advisor to leadership on security strategy, risk mitigation, and compliance initiatives. Contribute to technical roadmap discussions to ensure security standards are embedded into new features and integrations. Monitor emerging threats and recommend proactive enhancements to strengthen the Workday security posture. Governance, Compliance & Risk Management
Lead security governance, role‑change approvals, and SOX and data privacy compliance controls. Develop, maintain, and enforce security policies, standards, and governance frameworks. Oversee security audits, assessments, and readiness for internal and external compliance requirements. Support audit processes by providing Workday access logs, while collaborating with cybersecurity on cross‑system audits. Ensure security practices align with organizational goals and regulatory standards. Workday Security Architecture & Operations
Define and maintain role‑based access control, separation of duties, and domain/business process security. Design and maintain enterprise security architecture for Workday, UKG, Hyland OnBase, and other supported platforms. Align Workday security groups with identity and access management (IAM) tools such as SailPoint. Ensure sensitive data (e.g., Social Security numbers, compensation) is masked or restricted in accordance with policy. Ensure Workday roles and configurations do not violate separation‑of‑duties requirements. Collaborate with technical and business stakeholders to ensure secure system design and access controls. Lead incident response planning, investigation, and resolution for Workday‑related security events. Manage oversight of Workday roles and assignments, while partnering with cybersecurity on enterprise‑wide security controls. Work with cybersecurity teams to monitor and respond to suspicious activity within Workday. Team Guidance & Mentorship
Serve as the primary escalation point for Workday security analysts on complex or high‑risk issues. Provide guidance, coaching, and feedback to Security Analysts on best practices, technical approaches, and issue resolution. Mentor and guide Security Analysts across both Governance/Policy and Operations tracks. Maintain a dotted‑line relationship with Security Analysts by influencing performance and development without direct management authority. Required Qualifications
Bachelor’s degree in Information Security, Computer Science, or a related field. Workday Security Certification (to be obtained within 9 months of hire). 5+ years of experience in enterprise security roles, including security architecture, policy development, and incident management. Minimum of 3 years of hands‑on Workday Security experience with progressively increasing responsibilities. Proven experience designing and implementing security frameworks across cloud‑based enterprise applications. Seniority level
Mid‑Senior level Employment type
Contract Job function
Information Technology Industry
Hospitals and Health Care
#J-18808-Ljbffr