Workday Security Analyst - Sustainment and Phase 2

Duration: 6 months to start

Job Description
The Workday Security Analyst is responsible for designing, maintaining, and optimizing security configurations within Workday to ensure data integrity, compliance, and secure user experience. This role partners closely with HR, IT, internal audit, and cross-functional business teams to support secure operations, troubleshoot access-related issues, and drive continuous improvements in Workday security. This position also plays a key role in maintaining SOX-related access controls and supporting periodic audit reviews.

Key Responsibilities:
Security Design & Administration:

• Develop, configure, and maintain Workday security roles, domain security policies, business process security, and user-based permissions.
• Strong understanding of Workday security concepts such as domain and business process security policies, role-based and user-based security, security groups (RBAC, intersection, constrained groups), and business process routing and approvals to guide security design and configuration.
• Manage security assignments across Worker, Position, and Job Profiles, ensuring alignment with business needs and least-privilege principles.
• Administer security for new modules, features, or organizational changes.

Access Management & Support:

• Troubleshoot access issues and provide timely support to end users, HR operations, and system administrators.
• Conduct periodic security audits and user access reviews to ensure compliance with internal policies and regulatory standards.
• Monitor and maintain security for EIB integrations and API access tokens as needed.
• Support SOX access control requirements through regular user access reviews, documentation, and audit support activities.

Integrations Security:

• Manage Workday Integration Security, including the creation, configuration, and maintenance of Integration System Users (ISUs) and Integration System Security Groups (ISSGs) to support inbound and outbound integrations.
• Maintain governance standards by documenting ISU configurations, password/token rotation procedures, and integration security mappings.
• Support Workday releases by assessing impacts to integration security, updating ISISSGs as needed, and conducting end-to-end testing.

Compliance & Risk Management:

• Partner with internal audit and compliance teams to support audits, testing, and certification activities.
• Maintain proper documentation for security configurations, controls, and change requests.
• Stay up to date on Workday releases and recommend security-related enhancements or adjustments.

Collaboration & Continuous Improvement:

• Work with HR and IT partners to understand business needs and translate them into secure design solutions.
• Participate in Workday release testing, focusing on areas impacted by security changes.
• Develop training materials and provide guidance to functional teams on Workday security standards and best practices.

Preferred Experience:

• Experience with Workday integrations (EIBs, APIs, enterprise interface roles) from a security perspective.
• Exposure to global mobility processes and cross-border employee movements.
• Experience working in multi-country environments, with awareness of data protection regulations (e.g., GDPR) and Works Council requirements.
• Report creation knowledge to support business processes and operational needs.
• Demonstrated experience in knowledge sharing, documentation, and training delivery.
• Knowledge of HR operations, compliance requirements, and HR data standards.
• Workday Core HCM certification is preferred but not required.

Talent Groups is an equal opportunity employer that values diversity and inclusion. All qualified applicants will receive consideration without regard to protected characteristics. The listed compensation range represents a good-faith estimate and may vary based on experience, skills, education, certifications, market conditions, client budget, and location, in accordance with applicable pay transparency laws.